Report - placebonusextra.com/gb/tar/sur3box-650/15

Report Overview

URL

placebonusextra.com/gb/tar/sur3box-650/15
IP

104.26.15.156

ASN

#13335 CLOUDFLARENET
Submitted

2023-01-29T08:15:35Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

4

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org (8)	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2704	7089	95.101.11.115
placebonusextra.com (1)	748418	2021-12-09T11:47:01Z	2023-03-13T05:39:21Z	372	692	172.67.72.193
cdn.wildfungames.com (8)	unknown	2023-01-27T13:57:21Z	2023-03-13T03:54:57Z	3313	173595	172.67.70.29
cdn.jsdelivr.net (2)	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	879	47482	151.101.65.229
ocsp.digicert.com (5)	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1705	2585	93.184.220.29
beevakum.net (1)	156073	2021-02-10T04:56:26Z	2023-03-13T06:42:41Z	421	14799	139.45.197.250
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782	2374	35.241.9.150
e1.o.lencr.org (1)	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	338	729	23.33.119.27
code.jquery.com (1)	634	2012-05-21T19:28:02Z	2023-03-13T05:09:57Z	402	31333	69.16.175.42
ocsp.globalsign.com (1)	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368	1959	151.101.2.133
wildfungames.com (1)	unknown	2016-11-21T04:51:35Z	2023-03-13T05:39:32Z	520	38974	172.67.70.29
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3246	58426	34.120.237.76
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413	5844	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333	391	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606	127	54.200.212.223

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-29	medium	placebonusextra.com/gb/tar/sur3box-650/15	Malware
2023-01-29	medium	cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1	Malware
2023-01-29	medium	cdn.wildfungames.com/land/rou/js2/default1.js?v=1	Malware
2023-01-29	medium	cdn.wildfungames.com/land/rou/css/default.min.css?v=1	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (40)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

5eb7c9bc996a0ff420e58af45526f053

8c2614832b8efe1c9da0bbd465d6f3f172d95a9e

c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5550
Expires: Sun, 29 Jan 2023 09:47:54 GMT
Date: Sun, 29 Jan 2023 08:15:24 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

3eb88dea4fe00db1182370e72683c3ab

ca520abf1e91bfd2aef40c6a1270a911071e8922

d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5236
Expires: Sun, 29 Jan 2023 09:42:40 GMT
Date: Sun, 29 Jan 2023 08:15:24 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

dcd75ca6daca51c5e39d431468511793

07f76d3bf23d65c9110d810fa71a994e39e085d3

73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 07:35:36 GMT
content-type: application/json
age: 2388
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

03092d1a1bc7ac91ee342a1a7ab2a562

52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a

03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17533
Expires: Sun, 29 Jan 2023 13:07:37 GMT
Date: Sun, 29 Jan 2023 08:15:24 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

7b922915ebf1fa3639b333f994c74f24

144a3f80b98fd0652d4614f24cf6cbbee40f8938

adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: K2VdsK+vesdK8rm86b/3VHKp56eHOjG/Gsxl83ARaXxRXGPuUF+8ToMtSOJnpI37ql0gD3g1TYI=
x-amz-request-id: JP25WTGGM63HS9V3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 07:50:14 GMT
age: 1510
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

placebonusextra.com/gb/tar/sur3box-650/15

172.67.72.193

302 Found

URL HTTP/1.1

placebonusextra.com/gb/tar/sur3box-650/15
IP

172.67.72.193:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /gb/tar/sur3box-650/15 HTTP/1.1
Host: placebonusextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 302 Found
Date: Sun, 29 Jan 2023 08:15:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
location: https://wildfungames.com/land/rou?campaign=ThIg&web=1&utm_campaign=plc0d4295118ffdd4f48ef32265dcab7
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWtbJAB4ZSX8HI9bhlWpr2n5WB9X3My2f8Kx5j8eEIVJfH%2FFkQiobqVKJogc%2F8PP6cRjD5l0PVooIY3u1BR%2FWPdvs4oZRnTgIwDrXFUyF1gYOpaSVDbv3QME01fObxUsCGI8Iao%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791085115a0a1c0e-OSL
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 08:15:24 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.33.119.27

200 OK

345

URL HTTP/1.1

e1.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

345
Hash

f6f53a6b0ba9efd76f96fd5209510557

12883da74a509e591ab7ab8cc47f6332ce60999e

6b29472d97cb1c0accff38239addc6f5bd2d2cc49dc8441d4dc3fef656afe170

HTTP Headers

                                        POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6B29472D97CB1C0ACCFF38239ADDC6F5BD2D2CC49DC8441D4DC3FEF656AFE170"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 29 Jan 2023 14:15:25 GMT
Date: Sun, 29 Jan 2023 08:15:25 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 07:41:41 GMT
age: 2024
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

16a7b6a7128312e2f985d30df18c4487

6017bff79ffb525d9c7f9f32b999b74b5dc69602

663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3846
Expires: Sun, 29 Jan 2023 09:19:31 GMT
Date: Sun, 29 Jan 2023 08:15:25 GMT
Connection: keep-alive

cdn.wildfungames.com/land/rou/img/spin_Roulette00.png

172.67.70.29

200 OK

12991

URL HTTP/2

cdn.wildfungames.com/land/rou/img/spin_Roulette00.png
IP

172.67.70.29:0
ASN

#13335 CLOUDFLARENET

Magic

PNG image data, 170 x 190, 8-bit/color RGBA, non-interlaced\012- data

Size

12991
Hash

834a8095777aee926381dd13a5a8b3ab

c0f06099eea950232f33e02355d84dda44a6e35e

589d62b11a4171fb3a9b7c97b6963447601e36f8c2dcb36370dce75f5bd9687e

HTTP Headers

                                        GET /land/rou/img/spin_Roulette00.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                        HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:15:25 GMT
content-type: image/png
content-length: 12991
etag: "834a8095777aee926381dd13a5a8b3ab"
last-modified: Fri, 27 Jan 2023 12:51:51 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4326
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP1FHCxDlMyIDZsOgwKwoBRvc3OWcadleGrq1qkPaoejRuKVYuxn6S5iI0ncBm7lK8cANXyYql3PplnN%2F6WYkdmXyL71y0yPqdkP7SoTyU72qS7JDdlDt%2FSSxt37xZS51vZH%2BFQd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791085184ecd0b02-OSL
X-Firefox-Spdy: h2

cdn.wildfungames.com/land/rou/img/spin_Roulette01.png

172.67.70.29

200 OK

43403

URL HTTP/2

cdn.wildfungames.com/land/rou/img/spin_Roulette01.png
IP

172.67.70.29:0
ASN

#13335 CLOUDFLARENET

Magic

PNG image data, 540 x 540, 8-bit colormap, non-interlaced\012- data

Size

43403
Hash

6e422805365b1b64d8da6b0d29ae8c69

37d523943fb63f409cd9a6da32fb5d7663a692da

a0c05360734297aae902dc48ed95cd7d3d3f818897f111c54aae6f042428b665

HTTP Headers

                                        GET /land/rou/img/spin_Roulette01.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                        HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:15:25 GMT
content-type: image/png
content-length: 43403
etag: "6e422805365b1b64d8da6b0d29ae8c69"
last-modified: Fri, 27 Jan 2023 12:51:52 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4326
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uniwMfuug4cmsmM%2B5qI8bP%2Bk8a%2B4i5%2FGZwwko%2Fzn5NEufpFq4u%2FovdNjqO6H8%2B3kYOjzg4qzj8%2B5%2BaQIZHeT5TNYbywIurC%2FI3T3rOpFPOGK9AHFyHOL6LRwju%2Fy%2B0Qc6Zmd30Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791085184ece0b02-OSL
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

69.16.175.42

200 OK

30875

URL HTTP/2

code.jquery.com/jquery-3.6.0.min.js
IP

69.16.175.42:0
ASN

#20446 STACKPATH-CDN

Magic

ASCII text, with very long lines (65447)

Size

30875
Hash

899f0189aaf034bbba5340f724d91dfa

210ea9de03968edb9d839ba4a0ce2d48666a8ab8

949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f

HTTP Headers

                                        GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:15:25 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1674980125.dop226.sk1.t,1674980125.cds242.sk1.hn,1674980125.cds210.sk1.c
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

151.101.65.229

200 OK

21830

URL HTTP/2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
IP

151.101.65.229:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (65299)

Size

21830
Hash

a5cbb97cf034dd181106adecdafe3035

5fca1af6c76dd3e609f7f92841e564df1281927a

5ae018daf5df2cd903f80162efbaa3e138e0ed47ff90a315f2e2c497dc88a890

HTTP Headers

                                        GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 08:15:25 GMT
age: 20668769
x-served-by: cache-fra19162-FRA, cache-bma1640-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21830
X-Firefox-Spdy: h2

cdn.wildfungames.com/land/rou/img/spin_Roulette03.png

172.67.70.29

200 OK

1316

URL HTTP/2

cdn.wildfungames.com/land/rou/img/spin_Roulette03.png
IP

172.67.70.29:0
ASN

#13335 CLOUDFLARENET

Magic

PNG image data, 269 x 138, 8-bit/color RGBA, non-interlaced\012- data

Size

1316
Hash

5e45d498bdb0b010e058b92e5d5097ac

8a1b41ef4c12fc85b4e4c7d28e3fcf48774054f7

9e860a039b138a3e94b704ff4aae7896c678d88d3c5e1ab2d08e3af5ceecdee6

HTTP Headers

                                        GET /land/rou/img/spin_Roulette03.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                        HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:15:25 GMT
content-type: image/png
content-length: 1316
etag: "5e45d498bdb0b010e058b92e5d5097ac"
last-modified: Fri, 27 Jan 2023 12:51:53 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4326
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa8DFb%2F53f5LGPw%2BnI2tL7CCj6wHeuNcz1RQBNLo0%2FsqgleCagH5nl9OrxdanD4v0UkBt8gCY46ADmxSAdGdA09lZzpvzJE%2BEjTW4ngkU13lDBM3CvsFNSXwLS21OYTVxHYNnean"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791085184ecf0b02-OSL
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

151.101.65.229

200 OK

24100

URL HTTP/2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP

151.101.65.229:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (65326)

Size

24100
Hash

849f3e827da80e4e4c6a8c49689f057d

035d81aaaf6da3ffa5ce241179a9e14d533e7a3b

9546dbb82c3facf833e4adb713ce7e57a34dd53f6b55697ef1e1877bdbd8bb73

HTTP Headers

                                        GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 08:15:25 GMT
age: 11436900
x-served-by: cache-fra19147-FRA, cache-bma1640-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24100
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

8ba62ba8e30f6cced5fa72abfea830cd

ec0616ff281e8e356b6155ea0a6f3e91fb5555ae

ae2ee6290f89d464743f2daf6bf3bd1a45225f27262617a25e45e84fa2361274

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 477
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:15:25 GMT
Last-Modified: Sun, 29 Jan 2023 08:07:29 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 278

push.services.mozilla.com/

54.200.212.223

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

54.200.212.223:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YDSNpBg9BAebEcP+OxUanQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: S3M6JlXkrH3IFfl6VnLTNV2NsRM=

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

151.101.2.133

200 OK

1462

URL HTTP/1.1

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP

151.101.2.133:0
ASN

#54113 FASTLY

Magic

data

Size

1462
Hash

11c6432785d09b35ec595fb4058a3734

bd967274213b3c6a3f8891acb3aec7e9e414a33f

ff18e4097cb1fd6bf04b5fef8e416fa7661994fd9c6cdcb9c2e75fa75c15bd64

HTTP Headers

                                        POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "3DBFE9EA071413FA76064D0C52B2B24CB3F2F314"
Expires: Sun, 29 Jan 2023 19:00:00 UTC
Last-Modified: Sun, 29 Jan 2023 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 08:15:25 GMT
Via: 1.1 varnish
Age: 3085
X-Served-By: cache-bma1659-BMA
X-Cache: HIT
X-Cache-Hits: 7
X-Timer: S1674980126.607379,VS0,VE0

cdn.wildfungames.com/land/rou/img/spin_bg_desk.png

172.67.70.29

200 OK

110359

URL HTTP/2

cdn.wildfungames.com/land/rou/img/spin_bg_desk.png
IP

172.67.70.29:0
ASN

#13335 CLOUDFLARENET

Magic

PNG image data, 870 x 650, 8-bit colormap, non-interlaced\012- data

Size

110359
Hash

eafcb5a49ddbee590cfe266b1b0c8820

254de127e096c137b1a8c8e62cf3c96b7c6492e5

da07ed253e14bcf56880e11d0eddb2276a7da9b4f679d49fb17976b97b81172b

HTTP Headers

                                        GET /land/rou/img/spin_bg_desk.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                        HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:15:25 GMT
content-type: image/png
content-length: 110359
etag: "eafcb5a49ddbee590cfe266b1b0c8820"
last-modified: Fri, 27 Jan 2023 14:03:36 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4326
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujZJnUj2GmT6sCL%2BepP2Y8iFGSRKxmTZ0r52d8j6A7x8QNoZn3uGyLhc%2FBqNjm1GhO1ZJwUOb4Ai1%2Fz4hamCg1sMPuLHsTUCU5mSsPsseAfZOHwxmtPPrnIRb%2FlGqY3LYqrIJ9ah"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791085191f5b0b02-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

8ba62ba8e30f6cced5fa72abfea830cd

ec0616ff281e8e356b6155ea0a6f3e91fb5555ae

ae2ee6290f89d464743f2daf6bf3bd1a45225f27262617a25e45e84fa2361274

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:15:25 GMT
Server: ECS (amb/6BAD)
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

8ba62ba8e30f6cced5fa72abfea830cd

ec0616ff281e8e356b6155ea0a6f3e91fb5555ae

ae2ee6290f89d464743f2daf6bf3bd1a45225f27262617a25e45e84fa2361274

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122235
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:15:25 GMT
Etag: "63d56598-116"
Expires: Mon, 30 Jan 2023 18:12:40 GMT
Last-Modified: Sat, 28 Jan 2023 18:12:40 GMT
Server: nginx
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

8ba62ba8e30f6cced5fa72abfea830cd

ec0616ff281e8e356b6155ea0a6f3e91fb5555ae

ae2ee6290f89d464743f2daf6bf3bd1a45225f27262617a25e45e84fa2361274

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:15:25 GMT
Server: ECS (amb/6BB4)
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

278
Hash

8ba62ba8e30f6cced5fa72abfea830cd

ec0616ff281e8e356b6155ea0a6f3e91fb5555ae

ae2ee6290f89d464743f2daf6bf3bd1a45225f27262617a25e45e84fa2361274

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122235
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:15:25 GMT
Etag: "63d56598-116"
Expires: Mon, 30 Jan 2023 18:12:40 GMT
Last-Modified: Sat, 28 Jan 2023 18:12:40 GMT
Server: nginx
Content-Length: 278

wildfungames.com/land/rou?campaign=ThIg&web=1&utm_campaign=plc0d4295118ffdd4f48ef32265dcab7

172.67.70.29

200 OK

38319

URL HTTP/2

wildfungames.com/land/rou?campaign=ThIg&web=1&utm_campaign=plc0d4295118ffdd4f48ef32265dcab7
IP

172.67.70.29:0
ASN

#13335 CLOUDFLARENET

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

Size

38319
Hash

822b2d5c8dc934337b3ac11c047fa7bd

586d655d79d26f4a40e0c94d861547a3af83d80d

b12580b281f9826b063387947ce511baf9b00da8ffec976432218156f97e68bf

HTTP Headers

                                        GET /land/rou?campaign=ThIg&web=1&utm_campaign=plc0d4295118ffdd4f48ef32265dcab7 HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:15:25 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=3600, must-revalidate, public
x-content-digest: ena32c1f7e746a50323b68e828a55d5786
age: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoOShHspGZrZbo70MMLutSf%2BuYSpV2HRSLI4AKXf7TzQeky3U7w4sseG9xL1%2BH9I%2FWYvt401oL8B98wKhWglV3SPblVlT5hwi%2F1UJ3q8QwaK9q5yIEnldvtOQqHlPCxCLfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791085156c710b02-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

98318a76c28a8930f2a714ab36e9b7a9

4f8df8f1a3c54d5be660e6e5174549e4907f7366

2c805382509dee0d1a15a3132527b3d613a0689c88bb83e9f8fd2625bd90b380

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C805382509DEE0D1A15A3132527B3D613A0689C88BB83E9F8FD2625BD90B380"
Last-Modified: Fri, 27 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4725
Expires: Sun, 29 Jan 2023 09:34:10 GMT
Date: Sun, 29 Jan 2023 08:15:25 GMT
Connection: keep-alive

beevakum.net/pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js

139.45.197.250

200 OK

14496

URL HTTP/2

beevakum.net/pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js
IP

139.45.197.250:0
ASN

#9002 RETN Limited

Magic

C source, ASCII text, with very long lines (41091), with no line terminators

Size

14496
Hash

002d32199f9116c7429c84ef9d7849bb

328e4f6b8bdfb247e311b58cddab5eaa21d5b4e3

8b9b2a4d4da7ff539e51c4bb298f0587b0c14ed4158294bfa003cb8b6893d1dc

HTTP Headers

                                        GET /pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js HTTP/1.1
Host: beevakum.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 08:15:25 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-a083"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dfb84426fed94988d5c90372baff059c

f1c4740830034ff8a5759d59ae3f657ea524d083

d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8902
Expires: Sun, 29 Jan 2023 10:43:48 GMT
Date: Sun, 29 Jan 2023 08:15:26 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dfb84426fed94988d5c90372baff059c

f1c4740830034ff8a5759d59ae3f657ea524d083

d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8902
Expires: Sun, 29 Jan 2023 10:43:48 GMT
Date: Sun, 29 Jan 2023 08:15:26 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dfb84426fed94988d5c90372baff059c

f1c4740830034ff8a5759d59ae3f657ea524d083

d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8902
Expires: Sun, 29 Jan 2023 10:43:48 GMT
Date: Sun, 29 Jan 2023 08:15:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg

34.120.237.76

200 OK

10030

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

10030
Hash

2f73f114f8dc452fc0b16825570ad50c

6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575

23fd69e6ccdd2ce2b5d3d8b3f075a07cdb36efd663a4119b5dca22165e7b2090

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 10030
x-amzn-requestid: 0c6c82b5-f91b-4468-bb25-d87d4d7dedd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVAbgERRIAMFdcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1e116-7f17c79047447dff2de3ab67;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 02:10:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pHTs5LN29bSjD8GAXY_vstXiEQ7iy9qXsq23Pxl-GdXX16_5H5QKCQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 16:13:35 GMT
age: 57711
etag: "6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5594

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

5594
Hash

4c77437e3a7361861aed8bfecbfe6bd6

fefd238c13c0fdfb7d964c90fcc8a8cbbf953034

282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uPJu2SzvWcfqukF9t0PKG5iK7LrTnk1Cn5nioD4MklQgDAZnbiH8Gw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:55:48 GMT
age: 62378
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9167

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

9167
Hash

3be81f83687ddb6c93d3ff3c09a9dba2

50a48e737310d3f31840db4301b25927fbcc12c5

e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 41350
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12124

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

12124
Hash

7da187381befeffa83fbaed380f2932e

7f4750e505e965f129c096ef40bc24c392051025

f47a20d681386b3341f23d286fb2f0a2a789bde75bdbc2d14c4747721e13d7a5

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 12124
x-amzn-requestid: 4032a848-72f7-4fbf-a0b2-e9cd7a2d1853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVMBEGtwIAMF_Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1f3a0-6eec6555074c2fba0be0d90e;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 03:29:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixuvPYw-yLJbABGhAMsaZPkbpCy6H-R-QXKxMlIBRQgBYvnERkOs_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 12:06:16 GMT
age: 72550
etag: "7f4750e505e965f129c096ef40bc24c392051025"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10168

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

10168
Hash

d5ed99a9aed6f367efc5c9498ce87ff1

3123eb6f550c51fe17fc62eff943b3739e239a9b

536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SORDxKQP-GudaCfRIbrmexyEeJXBExRipfF8sPHI-UkaYhR_RkDjvQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:55:27 GMT
age: 26399
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5021

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

5021
Hash

d19ea264e32a923808112293d74b97c7

19a01a961cca989ee07ff53e50d6f2e65d73729a

16792f5d3ff24bda8f7ac4b6b522c736c4e070b5aa9fd109fa868906064278c8

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 5021
x-amzn-requestid: 040ca906-0e98-4919-a238-06ad180d6260
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcj5zESeoAMFqUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4e6a4-7f81446e78d233f16fc9b73f;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 09:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XeoloS-lP9UvWYMvblLHSIJdYMAU3yDj5AmJsYwxHtH3l2UjMkkung==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:36 GMT
age: 37730
etag: "19a01a961cca989ee07ff53e50d6f2e65d73729a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1

172.67.70.29

200 OK

URL HTTP/2

cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1
IP

172.67.70.29:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

HTTP Headers

                                        GET /land/rou/js2/propeller.min.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                        HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:15:25 GMT
content-type: application/javascript
etag: W/"20ff2d103a051f36069225e9bb9c87c0"
last-modified: Fri, 27 Jan 2023 19:45:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m31qclW6qP1GXbqEOY5hedoXwzBu9husMIHtTaYoofwbyXI8gHR1Ge7gvvO0srIKpG7vcPddhzQBPurILEg8Zi2J4EQtsj50U2M6esmS9sH2aFWlzbkAcT5rSWX4c%2B8aMwGa4H0q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791085184eca0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1

172.67.70.29

200 OK

URL HTTP/2

cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1
IP

172.67.70.29:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /land/rou/js2/winwheel_game.min.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                        HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:15:25 GMT
content-type: application/javascript
etag: W/"93ae375d5794d7efc5759847e616b870"
last-modified: Fri, 27 Jan 2023 19:45:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1VMpR66IY4hiU6skWvVSHi1CbRXM1s3nZEshgnribYb%2B1TL90mp9aFZJ%2FB5ZM9S%2FbGX5PclrqDrEdY4NX2Fwl0YFIA769KHJmGqd0CJnsp3n0uHkw1sgu4WPbyBJAtXMy7zRMG6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791085184ecc0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.wildfungames.com/land/rou/js2/default1.js?v=1

172.67.70.29

200 OK

URL HTTP/2

cdn.wildfungames.com/land/rou/js2/default1.js?v=1
IP

172.67.70.29:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /land/rou/js2/default1.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                        HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:15:25 GMT
content-type: application/javascript
etag: W/"cb6fb41521eaa67073568b2a55d1f30b"
last-modified: Fri, 27 Jan 2023 19:45:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySjEWzRJlfYwnOVq6gPhcHQB73sCrVwptpyR3yFKuY8UxIxRy%2FwfJf5CSl5Mx4CNwk4yrX8O1ztuZEgScmTqVoL1ivhz%2F6F6gct5Ny4v%2FuK1%2BTR6D8Jk4RQloNhnMer%2FjkdHMp%2Br"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791085184ec60b02-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.wildfungames.com/land/rou/css/default.min.css?v=1

172.67.70.29

200 OK

URL HTTP/2

cdn.wildfungames.com/land/rou/css/default.min.css?v=1
IP

172.67.70.29:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /land/rou/css/default.min.css?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                        HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:15:25 GMT
content-type: text/css
etag: W/"c87a79b32fd06185ea1eabe4af153677"
last-modified: Fri, 27 Jan 2023 20:13:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZmI5jxSKiuW5hWimAEM7LwxoORGFPedirNPk%2BIuC%2F1ZTkGT0OOGQyeBsqC6adLF0QHt3kIQzcmfxNfKmpN%2F39fxNlrLzZAY8%2BCD9M4cRyOxOCuhk%2FgAEuYwQXLZdLDpUdUtY3Qk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791085184ec90b02-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

#1 JS:Script (size: 89501)

#2 JS:Script (size: 123)

#3 JS:Script (size: 549)

#4 JS:Script (size: 41091)

#5 JS:Script (size: 2393)

#6 JS:Script (size: 103)

#7 JS:Script (size: 84378)

#8 JS:Script (size: 6566)

#9 JS:Script (size: 11334)

#10 JS:Script (size: 291)

#11 JS:Script (size: 3694)

#1 JS:Eval (size: 80)

HTTP Transactions (40)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers