primeonlinesites.com/cl/tar/sur3box-350/196/a/supermarket
104.26.10.157302 Found 0 B URL User Request GET HTTP/1.1 primeonlinesites.com/cl/tar/sur3box-350/196/a/supermarket
IP 104.26.10.157:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /cl/tar/sur3box-350/196/a/supermarket HTTP/1.1
Host: primeonlinesites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 04 May 2023 22:57:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
location: https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhHIb4zduYS6doTjaYWp9ShhjRmsiDEQQ%2FF%2F74ljLiGoukSBg6gSltG16UA6iwR0jn7lwndXr%2Fvnkk8BGZ84EZ3F60jM4V1%2B53a2WXHJ42N6GvJNbgNMyi3suovvuQXZD2mWIUBH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c2457d818cab505-OSL
alt-svc: h2=":443"; ma=60
wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
104.26.4.134200 OK 32 kB URL User Request GET HTTP/2 wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
IP 104.26.4.134:443
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1287)
Hash 8483dde75b4829013601374475086468
cbe130e38eac651e8a98de874a28b3ff29cb990d
09912e4fe0d287ec8264a04e12e3043d3dd6d880afe307b5f0d78130cada962f
GET /land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode= HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 22:57:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NA%2FqshQSvK9labzDdR1SRHHIt6O7u3Ua0YApYCfSM%2BnWJckhGLdjDJAf59bBqv9K8EropEnsmV6UNFLLlE%2BctdvYzlaAT3aQeSnRmSkf5o1Ufz6Tj7o1iskOjJBHQfN7qxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2457dbedb11c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
185.244.209.62200 OK 53 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
IP 185.244.209.62:443
ASN #58286 Electric-IT Business S.R.L.
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerSectigo Limited
Subjectcdn.jsdelivr.net
Fingerprint95:B3:FD:0C:F5:9E:0C:6C:F5:81:AB:DD:5D:6D:67:BF:FF:4A:FD:CC
ValiditySat, 01 Oct 2022 00:00:00 GMT - Fri, 20 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65299)
Hash 9d979d4e9d22757896adc70f7a39ad1e
177f763cc4b801b82d635887441b21ebf7969396
73a88d563941f772536dc5e30a5f2c76589958438a40234200fb34b8c42c2f61
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 04 May 2023 22:57:32 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-04-28T12:25:42+00:00, 2023-04-28T12:27:35+00:00
x-id: am3-up-gc89, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2
cdn.wildfungames.com/land/banners/functions.js?v=1
104.26.4.134200 OK 14 kB URL GET HTTP/3 cdn.wildfungames.com/land/banners/functions.js?v=1
IP 104.26.4.134:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
Hash de29b17c9ded739c85af3cea3add8ebe
7b5bdfc86900198168ff6dfa7bb57a71feca1127
262edd03e1ba34383d6f35ec4306fd07aff5cb8c5334dbc47b8f1c7fc7589ab0
Analyzer Verdict Alert fortinet Malware
GET /land/banners/functions.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 04 May 2023 22:57:31 GMT
content-type: application/javascript
etag: W/"4a02b51b59e7ed04f4612597ddf601d3"
last-modified: Fri, 27 Jan 2023 19:45:28 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4976
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wp%2FvWKp%2BOWTGAC2WYyqTYJ96yt%2BwC8uHefRYw2zL2ExY7KJg73vu2O%2BNYTbyirEjt22S5d4KUca55OOWc7zwuW1eSZdTxsFWvN3WWwn3ncj64%2F4VZ%2BBaj1RY6hBThVGTJR8r6B%2Fb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2457deea160b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
gauvaiho.net/zone?&pub=0&zone_id=4681922&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=settings
139.45.197.251200 OK 936 B URL GET HTTP/2 gauvaiho.net/zone?&pub=0&zone_id=4681922&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=settings
IP 139.45.197.251:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerLet's Encrypt
Subjectgauvaiho.net
Fingerprint48:F2:59:24:62:D2:38:17:BE:F0:80:94:87:94:4B:7D:CB:39:2D:D2
ValidityThu, 16 Mar 2023 06:02:59 GMT - Wed, 14 Jun 2023 06:02:58 GMT
File type JSON data\012- , ASCII text, with very long lines (935)
Hash ddb9d19af2b96fd4e79625280c094d0e
ccb5fd741d9212052b46cb0f507e07c9ca51afa9
393b7812be5a059ed84e5f974c364037991b2db426ea5dd6d506f2a825dc215b
GET /zone?&pub=0&zone_id=4681922&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=settings HTTP/1.1
Host: gauvaiho.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wildfungames.com/
Origin: https://wildfungames.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 04 May 2023 22:57:37 GMT
content-type: application/json; charset=utf-8
content-length: 936
x-trace-id: b6c0feecf7c0eef951ff7ff026e41ca8
access-control-allow-origin: https://wildfungames.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4681922&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4681922&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint74:B2:31:E9:6E:77:8E:33:B3:9D:61:F0:29:AA:AA:21:BB:5E:45:12
ValidityWed, 15 Feb 2023 21:34:45 GMT - Tue, 16 May 2023 21:34:44 GMT
File type JSON data\012- , ASCII text
Hash 221d5bcb12dc6757a8a916dcce23c297
9f1c36cd9a4deb45e4efd73546646377c97562a9
492f7fa49c680dfbd80188283ab32dc8a7b24973c8d0669715c83716cb9b4e63
GET /gid.js?pub=0&userId=&zoneId=4681922&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wildfungames.com/
Origin: https://wildfungames.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 04 May 2023 22:57:37 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://wildfungames.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=98d849b3595d4c37926a6faa491a4eb7; expires=Fri, 03 May 2024 22:57:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=7deea0368b
172.64.101.10200 OK 60 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=7deea0368b
IP 172.64.101.10:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (60130)
Hash a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
GET /releases/v5.15.4/css/free.min.css?token=7deea0368b HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wildfungames.com/
Origin: https://wildfungames.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 22:57:32 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2fd5d152db49e7b3ce1bd22b698f97ba.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C1
x-amz-cf-id: QdIQROhXAI_peZx-fUEEPoz0tYWaOt0vS0gpik4Inmfxjj0IeYwJnA==
age: 1821936
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMi2xqilDzG0UEUdpdUV1OEgTxB2IRmvOD5NINdMtZZRZXm4fInhFKBz5PiDQGDGzVbmOXY%2FlEiE21cWQ3vpE6SJsYkaAqJm8jKY8lXa07qhTwO7Tibav9RdeMqEdp3YiSAzoG8zIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2457e0df2b3868-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
185.244.209.62200 OK 161 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 185.244.209.62:443
ASN #58286 Electric-IT Business S.R.L.
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerSectigo Limited
Subjectcdn.jsdelivr.net
Fingerprint95:B3:FD:0C:F5:9E:0C:6C:F5:81:AB:DD:5D:6D:67:BF:FF:4A:FD:CC
ValiditySat, 01 Oct 2022 00:00:00 GMT - Fri, 20 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65326)
Size 161 kB (161409 bytes)
Hash d432e4222814b62dd30c9513dcc29440
2cac4afc120983921411296bd4e8fd8a94ba237e
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 04 May 2023 22:57:32 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-04-28T12:25:42+00:00, 2023-04-28T12:28:30+00:00
x-id: am3-up-gc88, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK 90 kB URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.42:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 22:57:32 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1683241052.dop220.sk1.t,1683241052.cds208.sk1.hn,1683241052.cds210.sk1.c
X-Firefox-Spdy: h2
gauvaiho.net/pfe/current/micro.tag.min.js?z=4681922&sw=/sw-check-permissions-7c336.js
139.45.197.251200 OK 42 kB URL GET HTTP/2 gauvaiho.net/pfe/current/micro.tag.min.js?z=4681922&sw=/sw-check-permissions-7c336.js
IP 139.45.197.251:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerLet's Encrypt
Subjectgauvaiho.net
Fingerprint48:F2:59:24:62:D2:38:17:BE:F0:80:94:87:94:4B:7D:CB:39:2D:D2
ValidityThu, 16 Mar 2023 06:02:59 GMT - Wed, 14 Jun 2023 06:02:58 GMT
File type C source, ASCII text, with very long lines (41570), with no line terminators
Hash 5afe3646f268f49bd2a063f9ec0efd4f
d12d96d586b34fa522ad118c26ac6701c4700ca2
c734274419dbd49612802b50ef522945bd1bdf8a9ee8cd5ced9de248dadbcac7
GET /pfe/current/micro.tag.min.js?z=4681922&sw=/sw-check-permissions-7c336.js HTTP/1.1
Host: gauvaiho.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 04 May 2023 22:57:32 GMT
content-type: application/javascript
last-modified: Fri, 28 Apr 2023 10:39:52 GMT
etag: W/"644ba278-a262"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=7deea0368b
172.64.101.10200 OK 3.0 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=7deea0368b
IP 172.64.101.10:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (3007), with no line terminators
Hash 164aeedbf1c90c5467de5320f9f2d89e
63fdf9f59785c7b84dc82523cc76d81773e9c60b
676748e7bec72f0310e785f353d6b9e33305b577b57a08c57f98d1ce9e77ed25
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=7deea0368b HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wildfungames.com/
Origin: https://wildfungames.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 22:57:32 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f73d71dfa047571774d2c0460e5108ec.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 01SoPdclkZP48x4YrK_ZNVz5E0r5BDKPdU3V5U1yj5qsUMprjAx4yQ==
age: 1784767
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suMxr%2FTu8KDQVws9shzbRv2DpOxW0IBkGKNf3c91Uw2tA4Jmd%2FDyQemdMyaw9HrlO9553ItcVSdPNyI31obSYFv68AgMnQuhomldPwF9kx1h7rsnEdKCKPNg2YFcaJWl%2FZ1AD4X0Og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2457e0df383868-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=7deea0368b
172.64.101.10200 OK 27 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=7deea0368b
IP 172.64.101.10:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (26500)
Hash 76f34b71fc9fb641507ff6a822cc07f5
73ed2f8f21cd40fb496e61306acbb5849d4dbff4
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=7deea0368b HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wildfungames.com/
Origin: https://wildfungames.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 22:57:32 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 905eac6c91c9858bd0f20b56e9c842d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: sYkKuXCk1B95PxetqZnJyC3Q8xDfjffFX9751SwD6pwpeW3RePHwlA==
age: 15066963
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fg%2BMEH7Smp9l0WqQwKL8RYmXANgr913KgfdejsQWQ%2FiKScqTFdHc1L%2B2Ylx8fLcTwqysa1Xrg9uacC95DYLk4vAlbVnZppENs4FJxa%2Fvukfgh3PjSWsCkFtVRlBZWh5LcCYdqdvrSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2457e0df3a3868-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wildfungames.com/sw-check-permissions-7c336.js
104.26.4.134200 OK 566 B URL GET HTTP/3 wildfungames.com/sw-check-permissions-7c336.js
IP 104.26.4.134:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type ASCII text, with very long lines (605), with no line terminators
Hash b9edfabdde9873f5dcf3c5624a441811
a4b23667e57f922003b4fb4d3af17f4b612bf38e
917377aeb4a77917f0da1311045b7ceb7550507e172d69597e5108fa5fc257e1
Analyzer Verdict Alert fortinet Malware
GET /sw-check-permissions-7c336.js HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Alt-Used: wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 04 May 2023 22:57:32 GMT
content-type: application/javascript
last-modified: Wed, 26 Apr 2023 07:57:36 GMT
etag: W/"6448d970-236"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6544
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrkE%2FWMjPvU2nzdZQmswu7r%2BM9ons%2FIRvGGiou4givlGv4f%2FX0UD6h8tEmY%2FWvw9fI7qHPaOrlGBhbMuYTyriDjMcdOHdQFdiSX6uDWehRL%2FcFsMlO%2FVNOPYO2JaVXkLmGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2457e21b940b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
gauvaiho.net/zone?&pub=0&zone_id=4681922&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
139.45.197.251200 OK 0 B URL POST HTTP/2 gauvaiho.net/zone?&pub=0&zone_id=4681922&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
IP 139.45.197.251:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerLet's Encrypt
Subjectgauvaiho.net
Fingerprint48:F2:59:24:62:D2:38:17:BE:F0:80:94:87:94:4B:7D:CB:39:2D:D2
ValidityThu, 16 Mar 2023 06:02:59 GMT - Wed, 14 Jun 2023 06:02:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=4681922&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: gauvaiho.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 04 May 2023 22:57:32 GMT
content-length: 0
x-trace-id: 863b8f450f9e637b89fe38762e65dd21
access-control-allow-origin: https://wildfungames.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.wildfungames.com/land/banners/boxgrotate.css
104.26.4.134200 OK 4.0 kB URL GET HTTP/3 cdn.wildfungames.com/land/banners/boxgrotate.css
IP 104.26.4.134:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type ASCII text, with very long lines (4271), with no line terminators
Hash a2bb26f39789387f451f476c6814a722
a008a5026fea054c7b3fa4895be6450234904bdd
3fe8b4ef466a7402d9735e256fa3601db1ba86d6444d34ca72b8c49233dc20e5
GET /land/banners/boxgrotate.css HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 04 May 2023 22:57:31 GMT
content-type: text/css
etag: W/"e8593b95e61b1a1a110aaab5195653ff"
last-modified: Fri, 21 Apr 2023 11:16:20 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3924
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPI3zTQr8Mn0illA%2BZkDjRwzszLU5Jv3fB8ugSqobftn6BloJbmksXzcjpVIk9C0onDHK7NOyHYX%2FdZEjpHQLrwxTuJ7UQdSTgN2Eg9%2BpYmljhCNV7YoiToSknA9TohfKaaIy4VV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2457deea140b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
kit.fontawesome.com/7deea0368b.js
104.18.22.52200 OK 11 kB URL GET HTTP/2 kit.fontawesome.com/7deea0368b.js
IP 104.18.22.52:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11018)
Hash e62478b6530cc566658fd2d20001b706
20026b56cb872f10c8adcc59b61721693da05e95
1b0d4be6be687d94e93e9c393f65ea1238654394490b5ed2bad59887a678f04c
GET /7deea0368b.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 22:57:31 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F1Vxdr-6n-Q3sLB6NXFi
cf-cache-status: HIT
server: cloudflare
cf-ray: 7c2457dec805b518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
dn7u3i0t165w2.cloudfront.net/venta/images/aeu_16072021_720612.gif?1.0
54.230.245.69200 OK 31 kB URL GET HTTP/2 dn7u3i0t165w2.cloudfront.net/venta/images/aeu_16072021_720612.gif?1.0
IP 54.230.245.69:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 300 x 250\012- data
Hash ac94aa6420f7ebec061b2b590d677734
2b2c46f0251df22ed43925d64aaab671b823606b
77bb91847d990f6f7cbcfe1812d98eef075f274fecd37ec1ac5361141c072137
GET /venta/images/aeu_16072021_720612.gif?1.0 HTTP/1.1
Host: dn7u3i0t165w2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 31115
last-modified: Fri, 16 Jul 2021 12:52:48 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 04 May 2023 19:58:47 GMT
etag: "ac94aa6420f7ebec061b2b590d677734"
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hhuar4Th0__ucbP2Z1AvfzLPEyBRT-Izx9NQKJ1NAhPdemks83Zxiw==
age: 10726
X-Firefox-Spdy: h2
wildfungames.com/favicon.ico
104.26.4.134200 OK 150 B URL GET HTTP/3 wildfungames.com/favicon.ico
IP 104.26.4.134:443
Requested by https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type MS Windows icon resource - 2 icons, 1x1, 2 colors, 1x1, 2 colors\012- data
Hash b16ffe438aae1df8db0437e8466b9a2d
4891ca58b0df9d4b67f190eb5f6406f9dd188875
972206ec635266c0b99c42350817a834e92fbb64f1d7cbf5eb5ad7a26d7a41b9
GET /favicon.ico HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: wildfungames.com
Connection: keep-alive
Referer: https://wildfungames.com/land/offers/GB-en?campaign=&utm_campaign=&web=1&tcode=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 04 May 2023 22:57:32 GMT
content-type: image/x-icon
last-modified: Wed, 26 Apr 2023 07:57:36 GMT
etag: W/"6448d970-96"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4976
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1jEIRvNJKWudz%2BTlbMDwYSWE%2By4xuxpZA9%2FrokMhaMGhBHV%2Bw6E9cLn8iJktKshNPvJL96%2FyEcrD8nfiWqF46q5Ypbh1KKxW8QK1ZxW2sR5PYfPwrRtueQfv3Bqo%2BU3NQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2457e1cb610b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400