Report - giftchequecenter.com/cl/tar/sur3box-350/196

Report Overview

Submitted URL
giftchequecenter.com/cl/tar/sur3box-350/196
IP
104.26.4.102
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-26 15:27:07
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	23.36.77.32
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.34.135.140
beevakum.net	156073	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	946 B	25 kB	139.45.197.250
wildfungames.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	531 B	644 B	104.26.4.134
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	31 kB	69.16.175.42
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	3.2 kB	104.18.20.226
giftchequecenter.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	709 B	104.26.4.102
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	3.8 kB	93.184.220.29
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	23 kB	151.101.193.229
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	53 kB	34.120.237.76
matomo.topworldstats.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.4 kB	104.26.8.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-26	medium	giftchequecenter.com/cl/tar/sur3box-350/196	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be	291 B	2023-03-13	2023-04-05
Pretty URL wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be IP 104.26.4.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:19:02 Last Seen2023-04-05 02:10:09 Times Seen206 Hash 86902d5fd7cb62edafb40b97362a89ef 3a1fb010f11fafede6096b1b53d494eb4db095d4 d314846a4547c237a80dd4aee1e6d1d7e6b6c881aa94cda007896d95ebcb8a51 Loading...

	cdn.wildfungames.com/land/rou/js2/confetti.js?v=1	6.6 kB	2023-03-07	2023-05-30
Pretty URL cdn.wildfungames.com/land/rou/js2/confetti.js?v=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2023-05-30 00:37:20 Times Seen366 Hash 594e7bd784c66babe7dd35e2cf498f14 88ecedc9e7685f09b8233c8b093923e68efe77d9 f74a1f085b5583dff6b8dd38c1ccc746a8a572bffec38794a5199c5a3f9eda5b Loading...

	wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be	563 B	2023-03-13	2023-03-14
Pretty URL wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be IP 104.26.4.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:50:10 Last Seen2023-03-14 15:58:57 Times Seen1 Hash 6099be1ffcd6836fb2fef6b807c9ce04 642996775bd3bf506cf707e3884d4cf4d4c428bf 8ca10626f74f1612f30f1cd5b44a3e42b0e2ed6753063e35f6ec1e72e73a9d1c Loading...

	wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be	549 B	2023-03-08	2023-03-14
Pretty URL wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be IP 104.26.4.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:46:12 Last Seen2023-03-14 15:58:57 Times Seen1 Hash 1769985757c5dc7784542e78d3e38968 4c39d484984756169d160400bae652e613e5324b 3537039e9fef16223486a4d70d1b8c51ec79bd2a83c49a0f0a13829c6e549d4f Loading...

	wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be	116 B	2023-03-14	2023-03-14
Pretty URL wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be IP 104.26.4.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 12:20:12 Last Seen2023-03-14 12:20:12 Times Seen1 Hash ab2528cdcd594b4361108b4f405064d0 265fd316f3f5719244e290404dba4654ef17cf0c 3fd5ea8c205a189a5566f7e7f9e44035dadacfb89ec81f2198c2ac721513ef6b Loading...

	cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1	3.7 kB	2023-03-13	2023-05-30
Pretty URL cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:19:02 Last Seen2023-05-30 00:37:20 Times Seen362 Hash 93ae375d5794d7efc5759847e616b870 f1067f7ea66321bc67d64a358b6f962318d0bc73 f55eabc1f0e0d170720f84fe5f9ed2877503b5ca9487e02a81ebc8fb873ab2d1 Loading...

	cdn.wildfungames.com/land/rou/js2/default1.js?v=1.1	2.5 kB	2023-03-13	2023-05-14
Pretty URL cdn.wildfungames.com/land/rou/js2/default1.js?v=1.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:36:32 Last Seen2023-05-14 06:23:55 Times Seen3 Hash 025ba0ded10817bba66f362f11dcdf0b b6aa1e7abfa7358471fb01e0a988f0ff0b260231 996d0cb0fa5b058ac6a72a70519bff8d283729662f3c75b0449da53024680646 Loading...

	matomo.topworldstats.com/matomo.js	66 kB	2023-03-08	2024-04-26
Pretty URL matomo.topworldstats.com/matomo.js IP 104.26.8.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:51:14 Last Seen2024-04-26 19:55:54 Times Seen8077 Hash a3a7245d6daf7d31d2069c0ba05879dd ec1bf464889e71aec1ced6d8361a26c76e4a1460 d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693 Loading...

	beevakum.net/pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js	41 kB	2023-03-14	2023-03-26
Pretty URL beevakum.net/pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 05:49:38 Last Seen2023-03-26 09:47:53 Times Seen2 Hash 884b885fc13ae93e2cbd2b467e66e411 6a0120728542941b956607c202bece49a80a1b7e 2ebdbd8eb2c4bdcc6740825252a25e2e0c78ed44466462bb4d94d1d354f170c3 Loading...

	cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1	11 kB	2023-03-07	2023-05-30
Pretty URL cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2023-05-30 00:37:20 Times Seen488 Hash 20ff2d103a051f36069225e9bb9c87c0 eda19b305872d407fc62cb8d469d7a29b8b7b857 74c66b1c99c8c71ceb2bee5c74748060d22a2998389e7b4dd1080796252c0131 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 23:17:37 Times Seen37104456 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js	84 kB	2023-03-07	2024-04-26
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-26 15:16:07 Times Seen5286 Hash f81d0a1705048649befc8b595e455a94 aec551e4d573463088fca7d14fb644eb389f1839 b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b Loading...

	wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be	103 B	2023-03-14	2023-03-14
Pretty URL wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be IP 104.26.4.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 12:20:12 Last Seen2023-03-14 12:20:12 Times Seen1 Hash f325654cb27455cd7dc0f41cc1de6afe 24cf5f3cd7c3b6e5f13ce105f0ff8457f906eedc b5e809db770bae3dc0fbf7aabd207c30e071a934fe8d1116cc161da8855545bf Loading...

		Size	First Seen	Last Seen
	#1 Eval - e8f1be2af61ce223848317aa2b3d930e	80 B	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 12:20:12 Last Seen2023-03-14 12:20:12 Times Seen1 Hash e8f1be2af61ce223848317aa2b3d930e dc71af170d6f923cbd770af95febb0fc3cd94249 30556884db2aa2b7036d01b764d43bdfe3d6f28aaa66214551f1952d6a9830aa Loading...

HTTP Transactions (32)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8083775b7a6637d27672cc4a2581fa2d
023420d026fbf2cd0f69d5606524094011375202
66664ed1d36948fe99498950e3525d03c1797689c9186c4cd0bd5ded531b3bac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66664ED1D36948FE99498950E3525D03C1797689C9186C4CD0BD5DED531B3BAC"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10871
Expires: Sun, 26 Feb 2023 18:28:07 GMT
Date: Sun, 26 Feb 2023 15:26:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc3cacbc6c565bf2955b507302b8fb41
7b773e19aff1d4904cec328c456513e80f917ba4
b45c582b42efef5e8bd5744333a137f13e94a93cafbaace39b36cfa1eeb041bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B45C582B42EFEF5E8BD5744333A137F13E94A93CAFBAACE39B36CFA1EEB041BD"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13634
Expires: Sun, 26 Feb 2023 19:14:10 GMT
Date: Sun, 26 Feb 2023 15:26:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 26 Feb 2023 15:12:33 GMT
content-type: application/json
age: 863
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
955732a866f4168dcaaa1dbcfb06e776
24161b6d53bbf84abc87c943f67daadd7fbcc9f4
ac3d306cc00fcafe5d6fadd5bc1c4398ca87dec499fd0e4ffe60d0e1c3535578

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC3D306CC00FCAFE5D6FADD5BC1C4398CA87DEC499FD0E4FFE60D0E1C3535578"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18387
Expires: Sun, 26 Feb 2023 20:33:23 GMT
Date: Sun, 26 Feb 2023 15:26:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: bDsmu9gGFfAXEeRh08LSgnKOeIRIQYYWONBFaoBrgfVGSeTlpXuKmXjsxkvOTLzAbHl9pFqgmi0=
x-amz-request-id: 4G8ZRCXXD4B6DYNP
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 26 Feb 2023 14:31:26 GMT
age: 3330
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 15:26:56 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

giftchequecenter.com/cl/tar/sur3box-350/196

104.26.4.102

302 Found

0 B

URL HTTP/1.1
giftchequecenter.com/cl/tar/sur3box-350/196
IP
104.26.4.102:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cl/tar/sur3box-350/196 HTTP/1.1
Host: giftchequecenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sun, 26 Feb 2023 15:26:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
location: https://wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iib7qZFp%2BnjTDGub3G7rLNK9EUFzN1I1X9sWNTktiZpb2bKjLPl5nwEzOdI6%2Fc%2F7qVBJyFVH1%2BpCEK%2F%2B1QQ4xef3qcOGdOCTOOgDUAfWmImLodK2I20lI33WCntO%2F5vOHLvw4A2Q"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79f9b3aefd090b59-OSL
alt-svc: h2=":443"; ma=60

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
88402d00dbe5e5188b9c52ad6716700e
2609cc96c2ab54587ae5fffbd2bf623f74e0c4db
d97216d6e719b7e0a42b185c7b0bec0a8c1e9c105f4398ec8eb5a61f22dd47d2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D97216D6E719B7E0A42B185C7B0BEC0A8C1E9C105F4398EC8EB5A61F22DD47D2"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16732
Expires: Sun, 26 Feb 2023 20:05:48 GMT
Date: Sun, 26 Feb 2023 15:26:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Expires, Last-Modified, Cache-Control, ETag, Backoff, Content-Type, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 26 Feb 2023 15:12:23 GMT
age: 873
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b1d73c7d1e3e594a7be10b7ac62176ac
46105f3b581c409f00524674825c08343e4d71d1
7b31674705946d30e1822ddca8008520258d81a32cb11fadeded012dac2b0d13

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B31674705946D30E1822DDCA8008520258D81A32CB11FADEDED012DAC2B0D13"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17436
Expires: Sun, 26 Feb 2023 20:17:32 GMT
Date: Sun, 26 Feb 2023 15:26:56 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
88402d00dbe5e5188b9c52ad6716700e
2609cc96c2ab54587ae5fffbd2bf623f74e0c4db
d97216d6e719b7e0a42b185c7b0bec0a8c1e9c105f4398ec8eb5a61f22dd47d2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D97216D6E719B7E0A42B185C7B0BEC0A8C1E9C105F4398EC8EB5A61F22DD47D2"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16732
Expires: Sun, 26 Feb 2023 20:05:48 GMT
Date: Sun, 26 Feb 2023 15:26:56 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

1.0 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
1.0 kB (1027 bytes)
Hash
c9508dbea017d90b8ac954b50127282c
b097ef160be0ab5d2ee57920754d800b92f6d5d8
219e32e0f68ef62e743851138dbd6d879c3f8c628689af1adb3caecadc41f1cd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3610
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 15:26:56 GMT
Last-Modified: Sun, 26 Feb 2023 14:26:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

code.jquery.com/jquery-3.6.0.min.js

69.16.175.42

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 26 Feb 2023 15:26:56 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1677425216.dop211.sk1.t,1677425216.cds020.sk1.hn,1677425216.cds210.sk1.c
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

151.101.193.229

200 OK

22 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
IP
151.101.193.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65299)
Size
22 kB (21830 bytes)
Hash
a5cbb97cf034dd181106adecdafe3035
5fca1af6c76dd3e609f7f92841e564df1281927a
5ae018daf5df2cd903f80162efbaa3e138e0ed47ff90a315f2e2c497dc88a890

HTTP Headers

GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 26 Feb 2023 15:26:56 GMT
age: 371178
x-served-by: cache-fra-eddf8230133-FRA, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21830
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
25b760b43761a6e612a5326ad695b3d8
a5fd1e47127d6826310e71c458213b3309928b66
6a24a8868146f9758f2d144dbe36b30afd212c26026e9f168a0c64409cff8680

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6337
Cache-Control: max-age=102692
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 15:26:56 GMT
Etag: "63fa4fa3-117"
Expires: Mon, 27 Feb 2023 19:58:28 GMT
Last-Modified: Sat, 25 Feb 2023 18:12:51 GMT
Server: ECS (amb/6BB1)
X-Cache: HIT
Content-Length: 279

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

2.7 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.7 kB (2710 bytes)
Hash
b40ebb15e10ca8f6ce0d78ea2013c244
be6db0b0aefa44da656ef1d9a32529fba4e7be40
af5967769c41f18562158fd07c9560c4addb2981113e1b5930dd875bbf11640a

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 26 Feb 2023 15:26:56 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "30B99FD6C7D1E71DD8A92B7F1A1888C1D74E6B37"
Expires: Mon, 27 Feb 2023 01:00:00 GMT
Last-Modified: Sun, 26 Feb 2023 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3093
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79f9b3b61c630b59-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
428e53f089c922e1e8258c4f34090dff
97d9ff3972de0ea70ff23a516bc33be02b3aab98
6d434bdac9b1afe8f1f20b972f9b33c9a3b7ca9524a65079ba7bf2c18ecc086c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6D434BDAC9B1AFE8F1F20B972F9B33C9A3B7CA9524A65079BA7BF2C18ECC086C"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7128
Expires: Sun, 26 Feb 2023 17:25:45 GMT
Date: Sun, 26 Feb 2023 15:26:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2477ab7303ec83a0397eb5198fc958d4
5f0f6f0ef8400912c071d4c15bef3c54b11575cf
b7787b5e86dd4c5d2dd3869c3a36c1fb9f22c53cbfa5264c62ea639e48f88065

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7787B5E86DD4C5D2DD3869C3A36C1FB9F22C53CBFA5264C62EA639E48F88065"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9372
Expires: Sun, 26 Feb 2023 18:03:09 GMT
Date: Sun, 26 Feb 2023 15:26:57 GMT
Connection: keep-alive

push.services.mozilla.com/

52.34.135.140

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.34.135.140:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XdyCQKUD3/1zJknM79IOtw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fgc9IpHaYrABb7awzS9wjY4WpiQ=

ocsp.digicert.com/

93.184.220.29

200 OK

1.6 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
1.6 kB (1639 bytes)
Hash
ac4ec7773527029b79c92ccfc19f5643
c1a630c428dbc564e8496ed246ae8b603900d625
a676624d7b1377ce33dea5caa10e33437edce5755abcb516c9660ee427be45b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96354
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 15:26:57 GMT
Etag: "63fa4fa3-117"
Expires: Mon, 27 Feb 2023 18:12:51 GMT
Last-Modified: Sat, 25 Feb 2023 18:12:51 GMT
Server: nginx
Content-Length: 279

beevakum.net/zone?&pub=0&zone_id=5578843&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&dsig=&action=prerequest

139.45.197.250

200 OK

0 B

URL HTTP/2
beevakum.net/zone?&pub=0&zone_id=5578843&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&dsig=&action=prerequest
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5578843&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&dsig=&action=prerequest HTTP/1.1
Host: beevakum.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 15:26:57 GMT
content-length: 0
x-trace-id: 0bd9215495684a16aa1f3db4fd3a5bd0
access-control-allow-origin: https://wildfungames.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

matomo.topworldstats.com/matomo.php?action_name=&idsite=2&rec=1&r=462418&h=15&m=28&s=32&url=https%3A%2F%2Fwildfungames.com%2Fland%2Frou%3Fcampaign%3DThIg%26utm_campaign%3DThIg%26web%3D1%26tcode%3Dplc07098a1ef606edd4f5779cdb9c3be&_id=4330e224ac706718&_idn=1&send_image=0&_rcn=ThIg&_refts=1677425312&cookie=1&res=1280x1024&pv_id=AiMXWN&pf_net=147&pf_srv=307&pf_tfr=1&pf_dm1=220&uadata=%7B%7D

104.26.8.40

204 No Content

0 B

URL HTTP/2
matomo.topworldstats.com/matomo.php?action_name=&idsite=2&rec=1&r=462418&h=15&m=28&s=32&url=https%3A%2F%2Fwildfungames.com%2Fland%2Frou%3Fcampaign%3DThIg%26utm_campaign%3DThIg%26web%3D1%26tcode%3Dplc07098a1ef606edd4f5779cdb9c3be&_id=4330e224ac706718&_idn=1&send_image=0&_rcn=ThIg&_refts=1677425312&cookie=1&res=1280x1024&pv_id=AiMXWN&pf_net=147&pf_srv=307&pf_tfr=1&pf_dm1=220&uadata=%7B%7D
IP
104.26.8.40:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=&idsite=2&rec=1&r=462418&h=15&m=28&s=32&url=https%3A%2F%2Fwildfungames.com%2Fland%2Frou%3Fcampaign%3DThIg%26utm_campaign%3DThIg%26web%3D1%26tcode%3Dplc07098a1ef606edd4f5779cdb9c3be&_id=4330e224ac706718&_idn=1&send_image=0&_rcn=ThIg&_refts=1677425312&cookie=1&res=1280x1024&pv_id=AiMXWN&pf_net=147&pf_srv=307&pf_tfr=1&pf_dm1=220&uadata=%7B%7D HTTP/1.1
Host: matomo.topworldstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sun, 26 Feb 2023 15:26:57 GMT
access-control-allow-origin: https://wildfungames.com
access-control-allow-credentials: true
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78GUIIeAgihIMAXNlGubMlyoLwZ74%2FKq3x0GUm1inA2%2Blpat%2FBhdJpx%2Bn0UeGvuuT3PDoEbInZGGaDwdBVlv3G3cm%2BCGnjNPhZQPIc4xKHTmBu5n1SQ2Xn7nADyTSau4AaQPTzHHgpPYZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79f9b3b6c8251c12-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d5cf3f527452c87e71b812f75d18aff
e5c41bc319d5831248d3b855ceedf0f9fcede64b
f6a19fa64c95712fdbcf654cc999a244f79fb0dc38b66745a08afad747f9e69c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6A19FA64C95712FDBCF654CC999A244F79FB0DC38B66745A08AFAD747F9E69C"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6617
Expires: Sun, 26 Feb 2023 17:17:15 GMT
Date: Sun, 26 Feb 2023 15:26:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d5cf3f527452c87e71b812f75d18aff
e5c41bc319d5831248d3b855ceedf0f9fcede64b
f6a19fa64c95712fdbcf654cc999a244f79fb0dc38b66745a08afad747f9e69c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6A19FA64C95712FDBCF654CC999A244F79FB0DC38B66745A08AFAD747F9E69C"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6617
Expires: Sun, 26 Feb 2023 17:17:15 GMT
Date: Sun, 26 Feb 2023 15:26:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f98177b-c275-4a6b-b962-9ab32af49803.png

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f98177b-c275-4a6b-b962-9ab32af49803.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12088 bytes)
Hash
fc698b1dd0ccb5bc3621d9d45ec217bb
48e953f7189e8b37a933f3fb6be24c67d308484b
130160ed336a6e4927417e094ec79639bbea7538313f780175f8a5b5e9095009

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f98177b-c275-4a6b-b962-9ab32af49803.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12088
x-amzn-requestid: 056c9afd-4245-4aef-8797-74ded6964bc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6k9sFMloAMFveQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa81f0-3aa24f1313f08f236ff37a15;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:47:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: JBdW8aVlVX4Jj7ZNVwqMBirmlG6bBfZyut_ITqLsPqK_l989XHBdsw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 21:56:41 GMT
age: 63017
etag: "48e953f7189e8b37a933f3fb6be24c67d308484b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8170 bytes)
Hash
32d08a3dc7c1e88313f487d74babdfe5
12f4693c36cb8980a5c740b735b7cf64542734e4
ae717a6760a0a6c179b950643eb3590c0ab5ec6cf159061246c6e8fc38a7ae89

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: bd3ecc5c-1efc-4589-8789-48693fbfa6d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6i2sGKkIAMFXtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa7e90-7acdeb5b05f8bcf726309125;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:33:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: OIer9IgcIIbMg6EdrYFpojiEtN5oxPBijKFbX4UzURWTKha09i8NcQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 22:02:59 GMT
age: 62639
etag: "12f4693c36cb8980a5c740b735b7cf64542734e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97a100f5-572c-40d6-8b55-faec200f25c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5874 bytes)
Hash
c25f9df9d87b9608ccf4f6fdfca5cfcc
449d8e8ed8fef5b707c097c9c5be34cee081a2c8
a8f8b1e6800092e64e3f43fe73a6ed8dcaed508f28a0fd07ceb54e5e345a424c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97a100f5-572c-40d6-8b55-faec200f25c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5874
x-amzn-requestid: 957565fc-c05c-42f5-9f41-bb61e61513df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6iywGvLIAMFvLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa7e77-18faffe055ae704c18454ba3;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:32:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: iKjIei0cigPNclW1du7fEmNVIPLn_5ah3gxc5PplqSwXJstUNm-UvA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 22:20:34 GMT
age: 61584
etag: "449d8e8ed8fef5b707c097c9c5be34cee081a2c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9dec12-5dfe-426d-81c1-b448af7d92a4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
13 kB (12783 bytes)
Hash
06577a5577a501e3c6966ec5d920fe05
f4b164fc990e02ff85067660c156d9db6ed1d121
dc5cd125cb93669e14abee16e2fc4dfbd5164e739aa3f7124ca8e5c91fda6c0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9dec12-5dfe-426d-81c1-b448af7d92a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10922
x-amzn-requestid: 7570e40d-8924-4bec-bbfa-ec21196d61fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6k-VGr4oAMFfYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa81f5-778dfbbb6c0aeadb56585d14;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:47:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: GQb4lWWejrVf_EftwWNniDxI8UAEd_rgPvmsbqXMMJ9ZPNjt4ThX0A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 22:15:35 GMT
age: 61883
etag: "d4cb67ae7d5eebe92b5149b56123b792c62bf916"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

beevakum.net/pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js

139.45.197.250

200 OK

25 kB

URL HTTP/2
beevakum.net/pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
data
Size
25 kB (24747 bytes)
Hash
816faa7c7bc1a4a0ad7a654b9d199ee7
abc41f6207be6245c22356a50e1376f01840332d
971824aeda6f40c21e0250f7214471e938e7eaf92d88ab2b43bc8a6b09b5066d

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js HTTP/1.1
Host: beevakum.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 15:26:57 GMT
content-type: application/javascript
last-modified: Mon, 20 Feb 2023 17:09:26 GMT
etag: W/"63f3a946-a115"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9093 bytes)
Hash
2a5f3d376fe6a3a78a5d1fe136f962fb
3e9b03cc296e954d63526a4e7e75beea3130fc3b
c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S8s54RJtScNtsl6uEFtBEHnTj4lb3l5xIWR96Kvr_SdwQQQMgSKNxA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 21:34:59 GMT
age: 64319
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be

104.26.4.134

200 OK

0 B

URL HTTP/2
wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be
IP
104.26.4.134:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc07098a1ef606edd4f5779cdb9c3be HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 26 Feb 2023 15:26:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPBkYRbmKyZ7rap940l1hX%2BQ7%2FZbGAjrUzJwAVTiqHkY9nJv1AAlstNpOfQYDUVPWqPqt9Ty8DqsKIN7YdaKo7dwjZXj6Ud0Mjbuiug9esICdrIGdoPFVjZAf1jHtDim8m4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79f9b3b2fa07b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

matomo.topworldstats.com/matomo.js

104.26.8.40

200 OK

0 B

URL HTTP/2
matomo.topworldstats.com/matomo.js
IP
104.26.8.40:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /matomo.js HTTP/1.1
Host: matomo.topworldstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 26 Feb 2023 15:26:57 GMT
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 07:59:52 GMT
etag: W/"63e0b378-10132"
expires: Sun, 26 Feb 2023 16:15:29 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 688
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEcdnvg6FvLWJzNqDCDReQ0dzlix%2ByfY82Z5SAfrgOJxsYDYRFWjhZnkB2GUqiPT6V6P4T7nifs0APCwbTMC00SJ6vBPefle2YBPy5FCPsx8PKj8JTKfYvQAxG4kjcHhTG2wIEc1a93Y5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79f9b3b68ff41c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML