placebonusextra.com/gb/tar/sur3box-650/15/
104.26.14.156301 Moved Permanently 438 B URL HTTP/1.1 placebonusextra.com/gb/tar/sur3box-650/15/
IP 104.26.14.156:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 03eb37f7a9c6c7e4d03468bf9bbb2bc6
b88673d62d51d84b371b59bd0f8bb664cee7b6d8
a2d83d5d587af2b26de7b887a53db4d3d413beaaf93153d143c65d0377b93398
Analyzer Verdict Alert fortinet Malware
GET /gb/tar/sur3box-650/15/ HTTP/1.1
Host: placebonusextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Feb 2023 18:55:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
location: http://placebonusextra.com/gb/tar/sur3box-650/15
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvBSiApOA5gEWSQFGwl5I%2F8rB%2FWSC%2BOQoWtPrnmjZFciDsrZ9v%2Bt%2FB%2Bts8vCOAvnye9wAQ1jNiG6WWnXwCpFPx2ulPBeP8hDQEeZO4U08i%2BtRVJyCfZTSuem1ALYBo8sXugtjnU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79c138326b35b52d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4229cfe19d214d22153fe5833a7b557a
2439958496306a257d266050b4313b9bac51c871
ddfa83afe45b77b508119ac50488a73c3c49a78fa7a64ad983bd4958e0c7a4f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDFA83AFE45B77B508119AC50488A73C3C49A78FA7A64AD983BD4958E0C7A4F9"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14668
Expires: Sun, 19 Feb 2023 23:00:23 GMT
Date: Sun, 19 Feb 2023 18:55:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 50ffd49bee3840941f9fc33baca23aad
2ff715abc76ea138eff267a64f26eb2dc6365b4a
ff8709095d9b5a7d90ff10b31a6a9d2e071b42e215641d30dce6de6a782bffd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF8709095D9B5A7D90FF10B31A6A9D2E071B42E215641D30DCE6DE6A782BFFD6"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4013
Expires: Sun, 19 Feb 2023 20:02:48 GMT
Date: Sun, 19 Feb 2023 18:55:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Feb 2023 18:37:56 GMT
content-type: application/json
age: 1079
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5539e12eac82ed8486057f67e18231d3
866778ccdac94dbeff9bc217d4a057079ee71b2a
d82a876ba46480f2caa20e2112941bfb461bdb03e882949b347abb9e8006705f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D82A876BA46480F2CAA20E2112941BFB461BDB03E882949B347ABB9E8006705F"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3469
Expires: Sun, 19 Feb 2023 19:53:44 GMT
Date: Sun, 19 Feb 2023 18:55:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uN99NahJ4YGw1FylE6XB2UT6EJpnpQNpGTZDcM4w3MDtYyuTb0VqApQqqc9gkQibB71Zz6l1tIU=
x-amz-request-id: TNG4EH388PC1XRJG
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 19 Feb 2023 18:22:01 GMT
age: 2034
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Feb 2023 18:55:55 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
placebonusextra.com/gb/tar/sur3box-650/15
104.26.14.156302 Found 0 B URL HTTP/1.1 placebonusextra.com/gb/tar/sur3box-650/15
IP 104.26.14.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /gb/tar/sur3box-650/15 HTTP/1.1
Host: placebonusextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 19 Feb 2023 18:55:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
location: https://wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc0967c6e1ee7c67145be5cde699367
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQoV%2BKXAYEnykSyekieabDI87yiexpZrUSbnywBP1jQdSqVsgFE0LCyvMVtVUp29G2ORXB665TEBFs0KWvZ8NQ42%2Bi8XOmdFKRor7RdwZTKOHXrPxc93hRof%2FMCNy%2BUDe2zxL4w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79c138348dfeb52d-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 19 Feb 2023 18:20:33 GMT
age: 2123
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 432ab0ed0f34dabde757b0acdc378821
ee244a87e46ee8031b329034d2d54d1cdd76eb6c
18ea779da9a2a80b2ae603ca7cbcce21842347d295d61d0387685ead9d09e652
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "18EA779DA9A2A80B2AE603CA7CBCCE21842347D295D61D0387685EAD9D09E652"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3237
Expires: Sun, 19 Feb 2023 19:49:53 GMT
Date: Sun, 19 Feb 2023 18:55:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ffe8651a83ebc937a53bf14c980c348e
8fe2f9219fbe52ee890533f94dd617da679050a4
96149e604ad1e11ab2b100b60e4605b7213f215b0a788506185def01954cb70f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96149E604AD1E11AB2B100B60E4605B7213F215B0A788506185DEF01954CB70F"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8320
Expires: Sun, 19 Feb 2023 21:14:36 GMT
Date: Sun, 19 Feb 2023 18:55:56 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 432ab0ed0f34dabde757b0acdc378821
ee244a87e46ee8031b329034d2d54d1cdd76eb6c
18ea779da9a2a80b2ae603ca7cbcce21842347d295d61d0387685ead9d09e652
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "18EA779DA9A2A80B2AE603CA7CBCCE21842347D295D61D0387685EAD9D09E652"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3237
Expires: Sun, 19 Feb 2023 19:49:53 GMT
Date: Sun, 19 Feb 2023 18:55:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a92b110b977efecf13f28bf629e42b27
23795518ca35585b7c9f076b2a51e6a0c70d6e15
225648ca8ac9067cc610500428ff2f36ba8f0550fa305740ba1aa22283e1a534
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1584
Cache-Control: max-age=171795
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 18:55:56 GMT
Etag: "63f2669f-118"
Expires: Tue, 21 Feb 2023 18:39:11 GMT
Last-Modified: Sun, 19 Feb 2023 18:12:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a92b110b977efecf13f28bf629e42b27
23795518ca35585b7c9f076b2a51e6a0c70d6e15
225648ca8ac9067cc610500428ff2f36ba8f0550fa305740ba1aa22283e1a534
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1584
Cache-Control: max-age=171795
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 18:55:56 GMT
Etag: "63f2669f-118"
Expires: Tue, 21 Feb 2023 18:39:11 GMT
Last-Modified: Sun, 19 Feb 2023 18:12:47 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 02ae7ffcb07df43fed50e5fa7b992ad7
3806f86e0489deb9bf474380af502d256517f7f6
5d4f784194893ac076088251ca826dbece851494627d972f0222935ac15db559
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5473
Cache-Control: max-age=89276
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 18:55:56 GMT
Etag: "63f11517-116"
Expires: Mon, 20 Feb 2023 19:43:52 GMT
Last-Modified: Sat, 18 Feb 2023 18:12:39 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Feb 2023 18:55:56 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1676832956.dop224.sk1.t,1676832956.cds001.sk1.hn,1676832956.cds210.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
151.101.129.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (65299)
Hash a5cbb97cf034dd181106adecdafe3035
5fca1af6c76dd3e609f7f92841e564df1281927a
5ae018daf5df2cd903f80162efbaa3e138e0ed47ff90a315f2e2c497dc88a890
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 19 Feb 2023 18:55:56 GMT
age: 22521600
x-served-by: cache-fra19162-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21830
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
151.101.129.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 151.101.129.229:0
File type ASCII text, with very long lines (65326)
Hash 849f3e827da80e4e4c6a8c49689f057d
035d81aaaf6da3ffa5ce241179a9e14d533e7a3b
9546dbb82c3facf833e4adb713ce7e57a34dd53f6b55697ef1e1877bdbd8bb73
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 19 Feb 2023 18:55:56 GMT
age: 13289731
x-served-by: cache-fra19147-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24100
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 5629d56ac1356ddc5789413dc708065d
618b31748cb265c189819a95ccecbc4027ed9f3d
ccc0c14d45209d2bb4596db52ee9a6e5d4cde72430aca063aef1d95ddd0dadeb
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 18:55:56 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A9EC1C76E5299D48F394E6DD360DB230DF0F9950"
Expires: Mon, 20 Feb 2023 06:00:00 GMT
Last-Modified: Sun, 19 Feb 2023 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2330
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79c1383a8cce1c0e-OSL
push.services.mozilla.com/
35.83.112.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.112.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FB8jS4ZAsUkhLBnLPh0Qzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /QRDveb29LaBCJl5UIFYKe2hQM8=
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a92b110b977efecf13f28bf629e42b27
23795518ca35585b7c9f076b2a51e6a0c70d6e15
225648ca8ac9067cc610500428ff2f36ba8f0550fa305740ba1aa22283e1a534
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170211
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 18:55:56 GMT
Etag: "63f2669f-118"
Expires: Tue, 21 Feb 2023 18:12:47 GMT
Last-Modified: Sun, 19 Feb 2023 18:12:47 GMT
Server: nginx
Content-Length: 280
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9a1a38094a88c8a4363e1ea7caf4949d
ba2d4bec80b78fe8425bbd74c7200244e99170ee
12f980c6ce3e9bac3a24103d1b4c0a099db64df082c532ecece30b073e44b22d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12F980C6CE3E9BAC3A24103D1B4C0A099DB64DF082C532ECECE30B073E44B22D"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=325
Expires: Sun, 19 Feb 2023 19:01:21 GMT
Date: Sun, 19 Feb 2023 18:55:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3642cc9d9c9275a3c9aaabfc12bc0c03
33f6178e4c0a74829e7771e4e07f5ebb5487efaa
155ee91e492ac543336704b6a8487e661fe5c952f1013ff0e1471077654cd037
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "155EE91E492AC543336704B6A8487E661FE5C952F1013FF0E1471077654CD037"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12343
Expires: Sun, 19 Feb 2023 22:21:39 GMT
Date: Sun, 19 Feb 2023 18:55:56 GMT
Connection: keep-alive
beevakum.net/zone?&pub=0&zone_id=5578843&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&dsig=&action=prerequest
139.45.197.250502 Bad Gateway 150 B URL HTTP/2 beevakum.net/zone?&pub=0&zone_id=5578843&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&dsig=&action=prerequest
IP 139.45.197.250:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2b027182dd680c922c2045072dad573c
56174f4e4b971b7b25f06b65f6c299d028ec3f14
61b30d408583991fd69f3dec694e154cb652471e663328ad9c8482c9021ab5db
POST /zone?&pub=0&zone_id=5578843&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&dsig=&action=prerequest HTTP/1.1
Host: beevakum.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 502 Bad Gateway
server: nginx
date: Sun, 19 Feb 2023 18:55:56 GMT
content-type: text/html
content-length: 150
X-Firefox-Spdy: h2
matomo.topworldstats.com/matomo.php?action_name=&idsite=2&rec=1&r=201745&h=18&m=55&s=56&url=https%3A%2F%2Fwildfungames.com%2Fland%2Frou%3Fcampaign%3DThIg%26utm_campaign%3DThIg%26web%3D1%26tcode%3Dplc0967c6e1ee7c67145be5cde699367&_id=80ccce102deff318&_idn=1&send_image=0&_rcn=ThIg&_refts=1676832957&cookie=1&res=1280x1024&pv_id=9ZLel9&pf_net=151&pf_srv=234&pf_tfr=2&pf_dm1=214&uadata=%7B%7D
104.26.9.40204 No Content 0 B URL HTTP/2 matomo.topworldstats.com/matomo.php?action_name=&idsite=2&rec=1&r=201745&h=18&m=55&s=56&url=https%3A%2F%2Fwildfungames.com%2Fland%2Frou%3Fcampaign%3DThIg%26utm_campaign%3DThIg%26web%3D1%26tcode%3Dplc0967c6e1ee7c67145be5cde699367&_id=80ccce102deff318&_idn=1&send_image=0&_rcn=ThIg&_refts=1676832957&cookie=1&res=1280x1024&pv_id=9ZLel9&pf_net=151&pf_srv=234&pf_tfr=2&pf_dm1=214&uadata=%7B%7D
IP 104.26.9.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=&idsite=2&rec=1&r=201745&h=18&m=55&s=56&url=https%3A%2F%2Fwildfungames.com%2Fland%2Frou%3Fcampaign%3DThIg%26utm_campaign%3DThIg%26web%3D1%26tcode%3Dplc0967c6e1ee7c67145be5cde699367&_id=80ccce102deff318&_idn=1&send_image=0&_rcn=ThIg&_refts=1676832957&cookie=1&res=1280x1024&pv_id=9ZLel9&pf_net=151&pf_srv=234&pf_tfr=2&pf_dm1=214&uadata=%7B%7D HTTP/1.1
Host: matomo.topworldstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 19 Feb 2023 18:55:56 GMT
access-control-allow-origin: https://wildfungames.com
access-control-allow-credentials: true
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dW27%2BWqeKZhz6nbjA2QW91AyLdVdcoAdXh84j51ilKJu3k4Zl%2Br69QnrNI8wjQ5qTSLAxg80vOGzpoo5%2BF7AgNEfhCfoPmEkkgC4%2BAY6Sl2vgfe6OerI725MYAvjaXYK%2FFk%2BZjgkQHLJEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79c1383bbe6fb4f1-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 517d5d39154208d06675862996f2a78a
2dcfe23611fe04343afacde3b4a23a10f385a79a
9346961872cee9e8714dc306246e81af5c2225a0895b43c28616e343da705156
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9346961872CEE9E8714DC306246E81AF5C2225A0895B43C28616E343DA705156"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17851
Expires: Sun, 19 Feb 2023 23:53:28 GMT
Date: Sun, 19 Feb 2023 18:55:57 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 517d5d39154208d06675862996f2a78a
2dcfe23611fe04343afacde3b4a23a10f385a79a
9346961872cee9e8714dc306246e81af5c2225a0895b43c28616e343da705156
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9346961872CEE9E8714DC306246E81AF5C2225A0895B43C28616E343DA705156"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17851
Expires: Sun, 19 Feb 2023 23:53:28 GMT
Date: Sun, 19 Feb 2023 18:55:57 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 517d5d39154208d06675862996f2a78a
2dcfe23611fe04343afacde3b4a23a10f385a79a
9346961872cee9e8714dc306246e81af5c2225a0895b43c28616e343da705156
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9346961872CEE9E8714DC306246E81AF5C2225A0895B43C28616E343DA705156"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17851
Expires: Sun, 19 Feb 2023 23:53:28 GMT
Date: Sun, 19 Feb 2023 18:55:57 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 517d5d39154208d06675862996f2a78a
2dcfe23611fe04343afacde3b4a23a10f385a79a
9346961872cee9e8714dc306246e81af5c2225a0895b43c28616e343da705156
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9346961872CEE9E8714DC306246E81AF5C2225A0895B43C28616E343DA705156"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17851
Expires: Sun, 19 Feb 2023 23:53:28 GMT
Date: Sun, 19 Feb 2023 18:55:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f46c7b5-bf76-45bb-8341-3eb14d69822e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f46c7b5-bf76-45bb-8341-3eb14d69822e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35b6416a1ce02ea0952e67b87a2e744d
0d21f4f4f51aa9dfa898c56cf7f38bcd7839cf5a
7b2a6446465642266d346d63ad0f6e4219463ec26b2cc12e4e9843b7420d7e95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f46c7b5-bf76-45bb-8341-3eb14d69822e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8094
x-amzn-requestid: e653cf58-ae49-40a3-bfdd-f9bbb0b19593
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AeLpVGCHoAMFVkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ef263b-50a90d9333d3786047d94b6b;Sampled=0
x-amzn-remapped-date: Fri, 17 Feb 2023 07:01:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Sl5rbaBFAJWJJfLpwTLAoQghvc9YtIIfAEYdu6VBQHeqWAZQXJt51Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 07:45:19 GMT
age: 40238
etag: "0d21f4f4f51aa9dfa898c56cf7f38bcd7839cf5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e9904aa-ee78-4b64-b440-cde2815efbac.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e9904aa-ee78-4b64-b440-cde2815efbac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e3504d1bb5666742be1c517a3f37cf5
836e210c950580457069683ffbc97251f41305aa
25257c169059eb32b7731ef5ef12e9230b16c37b32d098873a40dfae2b8d03e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e9904aa-ee78-4b64-b440-cde2815efbac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4806
x-amzn-requestid: ac46f90a-f995-4b37-a731-dbbb13eb3f53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjfUkFQfoAMFsIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145b6-3e52cb8a4cd4f1b44adad049;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:40:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECq2eRRZfHh30j5XqlshcMpWAp23VowbeI5BPIbTnniab706vlqPNA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:54:29 GMT
age: 75688
etag: "836e210c950580457069683ffbc97251f41305aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwK1XWOYMXy8qna9sVCV7q__QKMko9KXa8towbYhIj1EolPbqEuIHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 11:24:35 GMT
age: 27082
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F934fc9eb-b4a6-4fbb-bd6e-d7b9db298c89.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F934fc9eb-b4a6-4fbb-bd6e-d7b9db298c89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b9d8b33f5612e1bf93f6736973766d8
220ce699083537964b1bb8859c4d94ee47f04213
a102991c1ecd60a483f083b72096dd4fccbdf68951f2c453fbf849954ebdc9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F934fc9eb-b4a6-4fbb-bd6e-d7b9db298c89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8118
x-amzn-requestid: 7a6bad9e-f7de-48ff-a7b6-812f265fe8af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjffAExyIAMF9DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145f9-4efc5e4622fb1d482f0c4663;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 579r7yXBoSk1W50bPxCF8A2r31obx025ohBk3ltpxb1i5eRYEEv-ug==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:54:28 GMT
etag: "220ce699083537964b1bb8859c4d94ee47f04213"
content-type: image/jpeg
age: 75689
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f08137c-036d-495e-8806-ea2813f0c6b9.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f08137c-036d-495e-8806-ea2813f0c6b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b1573a58278ff85689704e2322606fa
b9850e9ff1801069645f59d6cc8612ea4069186e
c9791366dc55e24124c696544f8fe4fcdee17e0c5a0971c9dbf8c248a7d10ab6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f08137c-036d-495e-8806-ea2813f0c6b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: f95f5bf3-07a3-4bcb-a51e-ab563b69092d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AdoboEhtoAMFYsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eeede3-386836391408d1117d0f7a43;Sampled=0
x-amzn-remapped-date: Fri, 17 Feb 2023 03:00:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tmkCikaQTQI258qNQZfp0OWNnUkyd7bxGfYUmPfX0AQuUCKRwbez2g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 04:03:42 GMT
age: 53535
etag: "b9850e9ff1801069645f59d6cc8612ea4069186e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b480279-2590-4382-81b1-24b027e07e23.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b480279-2590-4382-81b1-24b027e07e23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e69d793b99a3580240403d04ac2aa684
4d27074ad95bd4bde2fb79f4b2ecb11434b3c8c8
3ead4940dbccbae1663545f603abf717d3e27726469bbf6939a18cd9c74bbc8b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b480279-2590-4382-81b1-24b027e07e23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11525
x-amzn-requestid: 6976315f-a5c5-4268-ba27-ee4407b86407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AgMITFBioAMFweg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eff3ce-0b750d8e643e823042d5cf88;Sampled=0
x-amzn-remapped-date: Fri, 17 Feb 2023 21:38:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: px53T--ho93lHQ9yC5x1iJrO7REbkzlowQwH1V1T8BVasLyT9yCL1Q==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:56:13 GMT
age: 75584
etag: "4d27074ad95bd4bde2fb79f4b2ecb11434b3c8c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
beevakum.net/pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js
139.45.197.250200 OK 0 B URL HTTP/2 beevakum.net/pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js
IP 139.45.197.250:0
GET /pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js HTTP/1.1
Host: beevakum.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Feb 2023 18:55:56 GMT
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 14:32:43 GMT
etag: W/"63e2610b-a083"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc0967c6e1ee7c67145be5cde699367
172.67.70.29200 OK 0 B URL HTTP/2 wildfungames.com/land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc0967c6e1ee7c67145be5cde699367
IP 172.67.70.29:0
GET /land/rou?campaign=ThIg&utm_campaign=ThIg&web=1&tcode=plc0967c6e1ee7c67145be5cde699367 HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 19 Feb 2023 18:55:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWzVbqSLrOsEqnIFfpFlD56X3SjtIIk%2Fhxx2w3k5pI7U1dsyljlbFpEEPpE5FCcgxYzAu52eesLie0px3KWTgDOWhjU%2BO7fCVwK3DGVMCr4JASvRtzAxk8zK%2FAHQD6UCJ1Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79c13837dc1ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
matomo.topworldstats.com/matomo.js
104.26.9.40200 OK 0 B URL HTTP/2 matomo.topworldstats.com/matomo.js
IP 104.26.9.40:0
GET /matomo.js HTTP/1.1
Host: matomo.topworldstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Feb 2023 18:55:56 GMT
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 07:59:52 GMT
etag: W/"63e0b378-10132"
expires: Sun, 19 Feb 2023 19:44:32 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1UyMx%2BP8MWZJZqTTRz70Y9eavQlVYs5pza7MDYdWm5CPrE%2BTZm2go1sN7pycZ%2BR0g6TFHRU2w%2Fcqc6YoIICE71YUMRqjUJHqfa6SjemUec4Es4c6cIBndvdaa%2BvfP8xO0CLho9alGHfmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79c1383b8e0ab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2