wildfungames.com/land/rou?campaign=TREhKw&web=1&utm_campaign=plc0ef3dcb60ff5e5a640440748d319b
104.26.5.134200 OK 1.5 kB URL HTTP/1.1 wildfungames.com/land/rou?campaign=TREhKw&web=1&utm_campaign=plc0ef3dcb60ff5e5a640440748d319b
IP 104.26.5.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8c89ce437c87f4b147dbfc8f17f0b26f
342f3e2b42dec3f818b6321d40ad25c5524f50f8
84bbaa46b171be7342ea560431b12f157b0596330c4718846f0b3caba0283441
GET /land/rou?campaign=TREhKw&web=1&utm_campaign=plc0ef3dcb60ff5e5a640440748d319b HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600, must-revalidate, public
X-Content-Digest: ena5633345add4ab023e74ca5cf28d0bf5
Age: 0
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlCxlS5OK7T8etd0wrfADXJmsn8N%2B3xb9xx12FKigXjz6GhmlrO0qQ2db7XJnJ6NNSscHwA1y3HHCVERyHO35%2BkIg9QyIiA0dym8aDj52HanZVEgBUF%2F5LlgSzQ3I3VoBWE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfbf0c59b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Sat, 28 Jan 2023 19:49:20 GMT
Date: Sat, 28 Jan 2023 18:21:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13457
Expires: Sat, 28 Jan 2023 22:05:56 GMT
Date: Sat, 28 Jan 2023 18:21:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5325
Expires: Sat, 28 Jan 2023 19:50:24 GMT
Date: Sat, 28 Jan 2023 18:21:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 17:35:31 GMT
content-type: application/json
age: 2768
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mcdkvGbHuR7qwcibakZDcDZDzE1I7iBa6I1WlFDtsRxgqFRbqj+ObHgfmQ2Tth+7HHcRKSXPRDc=
x-amz-request-id: KKV2BD72HMAC2V5B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 18:21:04 GMT
age: 35
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 18:21:39 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wildfungames.com
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 18:21:39 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1674930099.dop218.sk1.t,1674930099.cds068.sk1.hn,1674930099.cds210.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e49323565051e208f7cbd172dce8c355
036e42fe97d04b991cb7f9b3bdd3ce34a0860216
d6aa3832c4fd9e9128138a2eab69963e705f2c1dd41e4b9446081b43b08260cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5918
Cache-Control: max-age=89261
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:21:39 GMT
Etag: "63d40a42-118"
Expires: Sun, 29 Jan 2023 19:09:20 GMT
Last-Modified: Fri, 27 Jan 2023 17:30:42 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e49323565051e208f7cbd172dce8c355
036e42fe97d04b991cb7f9b3bdd3ce34a0860216
d6aa3832c4fd9e9128138a2eab69963e705f2c1dd41e4b9446081b43b08260cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5602
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:21:39 GMT
Last-Modified: Sat, 28 Jan 2023 16:48:17 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8f0126034d27df5998c0360b6981c3b0
7c9063b2cb166b490c7b9cb068e07c0e47a079f3
22ae15b575605e2a4c6461d3a0e2cc371f7618d5845e56a3e7de68c00b1ab7e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5908
Cache-Control: max-age=91769
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:21:39 GMT
Etag: "63d41418-116"
Expires: Sun, 29 Jan 2023 19:51:08 GMT
Last-Modified: Fri, 27 Jan 2023 18:12:40 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
cdn.wildfungames.com/land/rou/js2/default1.js?v=1
104.26.4.134200 OK 708 B URL HTTP/1.1 cdn.wildfungames.com/land/rou/js2/default1.js?v=1
IP 104.26.4.134:0
Hash 868539b299e3d222198ce4584bff42d5
92281f722de18aec454f3655779bdbbcdfaff707
de0e3ca83bb57b6c72a0653de7103346f4a266dbcf79d3af2547c09a6cdabd43
Analyzer Verdict Alert fortinet Malware
GET /land/rou/js2/default1.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"cb6fb41521eaa67073568b2a55d1f30b"
Last-Modified: Fri, 27 Jan 2023 19:45:44 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4418
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSm0urrSqO4ouaJx4q0YhLHklM2LJJuDduf%2Fb7dBvrr1La%2BZ9M4Tili2SH8rMOlwe9vYvo33f9%2F%2FTXuVvq%2BmS8Un9Li7vsKdqsg8TWT6Fh1h%2BQx5nB2Fop1R3lQMPc5sG5ij6KV3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfc2bfa2b4eb-OSL
Content-Encoding: br
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8ba62ba8e30f6cced5fa72abfea830cd
ec0616ff281e8e356b6155ea0a6f3e91fb5555ae
ae2ee6290f89d464743f2daf6bf3bd1a45225f27262617a25e45e84fa2361274
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:21:39 GMT
Etag: "63d41418-116"
Server: ECS (amb/6B90)
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8ba62ba8e30f6cced5fa72abfea830cd
ec0616ff281e8e356b6155ea0a6f3e91fb5555ae
ae2ee6290f89d464743f2daf6bf3bd1a45225f27262617a25e45e84fa2361274
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=172261
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:21:39 GMT
Etag: "63d56598-116"
Expires: Mon, 30 Jan 2023 18:12:40 GMT
Last-Modified: Sat, 28 Jan 2023 18:12:40 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8f0126034d27df5998c0360b6981c3b0
7c9063b2cb166b490c7b9cb068e07c0e47a079f3
22ae15b575605e2a4c6461d3a0e2cc371f7618d5845e56a3e7de68c00b1ab7e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6478
Cache-Control: max-age=92339
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:21:39 GMT
Etag: "63d41418-116"
Expires: Sun, 29 Jan 2023 20:00:38 GMT
Last-Modified: Fri, 27 Jan 2023 18:12:40 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 278
cdn.wildfungames.com/land/rou/css/default.min.css?v=1
104.26.4.134200 OK 1.2 kB URL HTTP/1.1 cdn.wildfungames.com/land/rou/css/default.min.css?v=1
IP 104.26.4.134:0
File type ASCII text, with very long lines (4431), with no line terminators
Hash 50330b27ab37012510258b86786ba759
30323f5a2fed4be78741ed7d6be027fcdc7ad19d
37c84a700f1e1ab7ca47ca811bc68176960ba1d7dee78c28eea3059b75d6d9ae
Analyzer Verdict Alert fortinet Malware
GET /land/rou/css/default.min.css?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"c87a79b32fd06185ea1eabe4af153677"
Last-Modified: Fri, 27 Jan 2023 20:13:29 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4418
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxdVkisvcgQaCkUifLjFsNJHnnkGbzyRaMVGQLIvtLLuistQAFag2awR4TTVzgQpJLHf%2Be0xvfU8fLcgRHCiiJn89%2FsC4f3gutCEajDcQcY%2B7t%2FTIhoekBn59j4mD8uwWraXublq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfc2df51b4ff-OSL
Content-Encoding: br
cdn.wildfungames.com/land/rou/js2/confetti.js?v=1
104.26.4.134200 OK 1.9 kB URL HTTP/1.1 cdn.wildfungames.com/land/rou/js2/confetti.js?v=1
IP 104.26.4.134:0
Hash 2526419743133ede6a0b7ea45e33d563
3b66e3ff3ff840449cc5b5e40aafc8008b15e9ea
d25b51238af48538cd3ef9d80712e04f751c882efd7b70e41ce7c719bfe2e5c6
Analyzer Verdict Alert fortinet Malware
GET /land/rou/js2/confetti.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"594e7bd784c66babe7dd35e2cf498f14"
Last-Modified: Fri, 27 Jan 2023 19:45:44 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4418
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALgm1S8mReYEg1lSdI4LOlaC4UO5ht8ftxPvlWgP6Fqdc2hVSNdAAgNyv%2FLFnJ7QGUxOkdZpK2eYGDg9FJTlHnT4rcZMC6QuUhR2uMpedqMN17%2BIxb82aJpJWurJezgvSOBXOfGp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfc2da58b509-OSL
Content-Encoding: br
cdn.wildfungames.com/land/rou/img/spin_Roulette03.png
104.26.4.134200 OK 1.3 kB URL HTTP/1.1 cdn.wildfungames.com/land/rou/img/spin_Roulette03.png
IP 104.26.4.134:0
File type PNG image data, 269 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e45d498bdb0b010e058b92e5d5097ac
8a1b41ef4c12fc85b4e4c7d28e3fcf48774054f7
9e860a039b138a3e94b704ff4aae7896c678d88d3c5e1ab2d08e3af5ceecdee6
GET /land/rou/img/spin_Roulette03.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: image/png
Content-Length: 1316
Connection: keep-alive
ETag: "5e45d498bdb0b010e058b92e5d5097ac"
Last-Modified: Fri, 27 Jan 2023 12:51:53 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4418
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qh4jo7NUpqR0Ns9t1Z87HpUKOdP7pm7yPn7sp%2B%2Bj0LQH6M7un7h5KVdWm%2FyvAFwelxVOdQODvxwnhaJkQOJGsWgz3M%2FTpFVLuqYRYA1wbN0Q2iK3M7tQfsgn6YQvyEhWG5bjK9RR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfc2ef76b4ff-OSL
cdn.wildfungames.com/land/rou/img/spin_Roulette01.png
104.26.4.134200 OK 43 kB URL HTTP/1.1 cdn.wildfungames.com/land/rou/img/spin_Roulette01.png
IP 104.26.4.134:0
File type PNG image data, 540 x 540, 8-bit colormap, non-interlaced\012- data
Hash 6e422805365b1b64d8da6b0d29ae8c69
37d523943fb63f409cd9a6da32fb5d7663a692da
a0c05360734297aae902dc48ed95cd7d3d3f818897f111c54aae6f042428b665
GET /land/rou/img/spin_Roulette01.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: image/png
Content-Length: 43403
Connection: keep-alive
ETag: "6e422805365b1b64d8da6b0d29ae8c69"
Last-Modified: Fri, 27 Jan 2023 12:51:52 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4418
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghFp2z1u7gO6jiDzz22tHvM9bFhPcB1jZcc7%2B5Tgc2KQFFtr%2B6lieOMx%2F78GR9edjdjhZIStb77FfeGgBxCRYRWfjMaxhymlGRCPWQ8iopIdDsr0d2dReGzwANliEq2P84IjG9rX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfc2ea7eb509-OSL
cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1
104.26.4.134200 OK 1.4 kB URL HTTP/1.1 cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1
IP 104.26.4.134:0
File type ASCII text, with very long lines (3694), with no line terminators
Hash e8b1f90201cd46bfd3dc724c717a33e1
739f1e9d9673d2aa6e4de5bf0b46103854d6bda2
6b06ad34e47a22c70eddc60bd007de63dfe2928a1323c3e85cb76ef7c574f082
Analyzer Verdict Alert fortinet Malware
GET /land/rou/js2/winwheel_game.min.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"93ae375d5794d7efc5759847e616b870"
Last-Modified: Fri, 27 Jan 2023 19:45:45 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4418
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bl9PPgKXleVd3crR1xEhOvw8Fi0RmjxY2pL0mD1w%2FfukpBJLz3Bn1UITp8a5YUwxW8O0nUldtM8cm%2FOdS3o%2BS6vf%2F%2B3dgMK5SfvoZMwH%2Fw8zTFJMsDootTFaFEvotvkmHwCnLfwb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfc2e930b4f3-OSL
Content-Encoding: br
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e49323565051e208f7cbd172dce8c355
036e42fe97d04b991cb7f9b3bdd3ce34a0860216
d6aa3832c4fd9e9128138a2eab69963e705f2c1dd41e4b9446081b43b08260cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5918
Cache-Control: max-age=89261
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:21:39 GMT
Etag: "63d40a42-118"
Expires: Sun, 29 Jan 2023 19:09:20 GMT
Last-Modified: Fri, 27 Jan 2023 17:30:42 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
cdn.wildfungames.com/land/rou/img/spin_Roulette00.png
104.26.4.134200 OK 13 kB URL HTTP/1.1 cdn.wildfungames.com/land/rou/img/spin_Roulette00.png
IP 104.26.4.134:0
File type PNG image data, 170 x 190, 8-bit/color RGBA, non-interlaced\012- data
Hash 834a8095777aee926381dd13a5a8b3ab
c0f06099eea950232f33e02355d84dda44a6e35e
589d62b11a4171fb3a9b7c97b6963447601e36f8c2dcb36370dce75f5bd9687e
GET /land/rou/img/spin_Roulette00.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: image/png
Content-Length: 12991
Connection: keep-alive
ETag: "834a8095777aee926381dd13a5a8b3ab"
Last-Modified: Fri, 27 Jan 2023 12:51:51 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4418
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fvxK7zVREDdRqS0AU07qbN2mtRgQrJTDZsW2SEzLPTsz01pmziihg6Dn8TegRt86snOMRGAGq87jpkXC2VW0UyHa1dVrjCfU9QPAfP4pFxl9HvlHsPXRJ1%2BlxL1aFdIJ1pYqW8q"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfc2efe1b4eb-OSL
cdn.wildfungames.com/land/rou/img/spin_bg_desk.png
104.26.4.134200 OK 110 kB URL HTTP/1.1 cdn.wildfungames.com/land/rou/img/spin_bg_desk.png
IP 104.26.4.134:0
File type PNG image data, 870 x 650, 8-bit colormap, non-interlaced\012- data
Size 110 kB (110359 bytes)
Hash eafcb5a49ddbee590cfe266b1b0c8820
254de127e096c137b1a8c8e62cf3c96b7c6492e5
da07ed253e14bcf56880e11d0eddb2276a7da9b4f679d49fb17976b97b81172b
GET /land/rou/img/spin_bg_desk.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: image/png
Content-Length: 110359
Connection: keep-alive
ETag: "eafcb5a49ddbee590cfe266b1b0c8820"
Last-Modified: Fri, 27 Jan 2023 14:03:36 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4418
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkwXHxeGl1ulGaFu2CGDOVGYms0zQal4erYU0B0IP7g7hIKrjKfGmqGAtf%2BtExw485kxWKhyxQ%2Bhekzhx73bye6uPW8yj8M7Hz8OBrL56X1RY6772OwdbFgCyH%2FcfJvgh6vXtpq4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfc33af0b509-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8ba62ba8e30f6cced5fa72abfea830cd
ec0616ff281e8e356b6155ea0a6f3e91fb5555ae
ae2ee6290f89d464743f2daf6bf3bd1a45225f27262617a25e45e84fa2361274
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:21:39 GMT
Etag: "63d41418-116"
Server: ECS (amb/6BA7)
Content-Length: 278
cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1
104.26.4.134200 OK 3.4 kB URL HTTP/1.1 cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1
IP 104.26.4.134:0
File type ASCII text, with very long lines (11334), with no line terminators
Hash 2e5fd92be5b702ec0be7b381c2c76e49
7fc09db77b67cf82285a2eaf52b7d2a126893663
4fa34a85b0ee0d3daa6988527b7b6a4d9eccd493f54a96f7e0a05fa0d5d1130d
GET /land/rou/js2/propeller.min.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"20ff2d103a051f36069225e9bb9c87c0"
Last-Modified: Fri, 27 Jan 2023 19:45:45 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4418
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B05BdAgY%2FzmiNPsIqRRzIHHQcb%2FFEuek1hoe3Z9uK%2FU6oWuwnNVY2ckKszr%2BkLCDG%2FkxhcE%2BIPlBltAAVjlOMl2fdxau7Za5BqyU5OXrB2zW%2FnXF1FSU0Q3R2fjbaz%2BilnZ0ucmB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfc39abeb4ee-OSL
Content-Encoding: br
beevakum.net/pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js
139.45.197.250200 OK 14 kB URL HTTP/1.1 beevakum.net/pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js
IP 139.45.197.250:0
File type C source, ASCII text, with very long lines (41091), with no line terminators
Hash 002d32199f9116c7429c84ef9d7849bb
328e4f6b8bdfb247e311b58cddab5eaa21d5b4e3
8b9b2a4d4da7ff539e51c4bb298f0587b0c14ed4158294bfa003cb8b6893d1dc
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/micro.tag.min.js?z=5578843&sw=/sw-check-permissions-cb761.js HTTP/1.1
Host: beevakum.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wildfungames.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Jan 2023 11:03:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d3af98-a083"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
cdn.wildfungames.com/land/rou/img/spin_Roulette02.png
104.26.4.134200 OK 35 kB URL HTTP/1.1 cdn.wildfungames.com/land/rou/img/spin_Roulette02.png
IP 104.26.4.134:0
File type PNG image data, 434 x 434, 8-bit colormap, non-interlaced\012- data
Hash 320aa52aa7ccfde051920d20967e0baa
7a6dc94d3aa311664e94d1259322f081b2f074f7
673f4069c0d4e4e256cd84e482cfc0e60fa76547aa6f62578b3f47c60299d4c1
GET /land/rou/img/spin_Roulette02.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:39 GMT
Content-Type: image/png
Content-Length: 35051
Connection: keep-alive
ETag: "320aa52aa7ccfde051920d20967e0baa"
Last-Modified: Fri, 27 Jan 2023 14:03:35 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4417
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72tCzYkeAuWfjauNKDQMYcKZzsnmVg8y4YNcOdwsdipqN6EuVPqh5dsHz4c2dmXRrN4PHFr7IyYoHIfrIn5SkKAW%2Bt1cSwI2vTja8DvsJBvTBsb6j3MCnxS6quaoUBNlRiJQL%2FCU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790bbfc43c2cb509-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 98318a76c28a8930f2a714ab36e9b7a9
4f8df8f1a3c54d5be660e6e5174549e4907f7366
2c805382509dee0d1a15a3132527b3d613a0689c88bb83e9f8fd2625bd90b380
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C805382509DEE0D1A15A3132527B3D613A0689C88BB83E9F8FD2625BD90B380"
Last-Modified: Fri, 27 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14909
Expires: Sat, 28 Jan 2023 22:30:08 GMT
Date: Sat, 28 Jan 2023 18:21:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 17:41:40 GMT
age: 2399
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
beevakum.net/zone?&pub=0&zone_id=5578843&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&dsig=&action=prerequest
139.45.197.250200 OK 0 B URL HTTP/2 beevakum.net/zone?&pub=0&zone_id=5578843&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&dsig=&action=prerequest
IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /zone?&pub=0&zone_id=5578843&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&dsig=&action=prerequest HTTP/1.1
Host: beevakum.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wildfungames.com
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 18:21:40 GMT
content-length: 0
x-trace-id: 7b959072ff0e8ae37009b45c83f3baba
access-control-allow-origin: http://wildfungames.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
wildfungames.com/favicon.ico
104.26.5.134200 OK 62 B URL HTTP/1.1 wildfungames.com/favicon.ico
IP 104.26.5.134:0
File type MS Windows icon resource - 2 icons, 1x1, 2 colors, 1x1, 2 colors\012- data
Hash 70515ac92cadd905fa8fecef584d0083
c50b7f0f44d82b3f7dc4aff73145371232b0f703
03901e6846adfc7d2216e031eab780e4605c70d24af897afda998c40b53a3d30
GET /favicon.ico HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wildfungames.com/land/rou?campaign=TREhKw&web=1&utm_campaign=plc0ef3dcb60ff5e5a640440748d319b
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:21:40 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 20:16:00 GMT
ETag: W/"63d43100-96"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FISmG417reHw5MX%2B%2Bi96PtL219jcv9mtFEPZLrOgiufPWfW1Zwzf5aP3V6%2FdkKMndrbIQVr1x9cv5tBp3QeZ1SUP%2B%2FizbKfPoSSjWudc%2BdQj5UkKCZHJqGdPXUctCLihTGo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790bbfc3fa97b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19982
Expires: Sat, 28 Jan 2023 23:54:42 GMT
Date: Sat, 28 Jan 2023 18:21:40 GMT
Connection: keep-alive
push.services.mozilla.com/
54.189.58.221101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.58.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JgPuLdce0rs6Uo2ynlTStQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q8ZOKrm0AslI32AZO3hxu4TDTao=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8690
Expires: Sat, 28 Jan 2023 20:46:31 GMT
Date: Sat, 28 Jan 2023 18:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8690
Expires: Sat, 28 Jan 2023 20:46:31 GMT
Date: Sat, 28 Jan 2023 18:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8690
Expires: Sat, 28 Jan 2023 20:46:31 GMT
Date: Sat, 28 Jan 2023 18:21:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 23:03:41 GMT
age: 69480
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f185f0b4f90d06dbb397b44ed9c73dbe
a48e2c369a048447e0e25e4791eb603859391c1c
b466060fc132cc8d23fcb83001206606e2d5502118c65e9f55795b5adbff2fa6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9364
x-amzn-requestid: e556be7b-567a-4c9a-931e-ff6fee42d3a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T8GbFoAMFySg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-6f4476e9388c77a057153277;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LPkLrx7l9Qf_GKdtJq_77RUkvgnKZlCaDN34xsB5bEO8c9VQEJPAew==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
etag: "a48e2c369a048447e0e25e4791eb603859391c1c"
content-type: image/jpeg
age: 73503
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d0fab44-0562-44c8-b7c7-fb069fb851d7.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d0fab44-0562-44c8-b7c7-fb069fb851d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1950b80f136ad55bab17c6ad2ba8d2c
80f878475f3801194f869686b3364d35f99836f0
39724d1df38aa7068d9f498271027e500af00b4ce3cd3df41e09c4fa4fd13320
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d0fab44-0562-44c8-b7c7-fb069fb851d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5933
x-amzn-requestid: 107db189-1d15-4d9a-903f-a6a529d841c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwEcmoAMFiMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-1cf1e1e975afcfc01eba60bf;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Aaa0eZwfxkAoeIx6JSoi8k0RLYSAUW4SgFUyR8dgoC70CEm5g9OOtA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:59 GMT
age: 73962
etag: "80f878475f3801194f869686b3364d35f99836f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4afa01d2ffe17f8378e4c0b5afd4608
f5c7e2137efa07a207427a6b6fe1df541f85ea25
84fc0c05d25d674b5594b54720017332b86d391f66c7136d76cfce3e884e8e12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13375
x-amzn-requestid: 372fcbe8-85a1-4be2-a006-31fb9289c5e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CxF6BoAMFyGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-4b9860545c612cc416cbe599;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: otEuPlfCL7DeVwGZiGJuMjxjVyGdMwxPWeCz5T_mpXboi-oRujKhBw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 73963
etag: "f5c7e2137efa07a207427a6b6fe1df541f85ea25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 70528
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 73495
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
104.16.89.20200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 104.16.89.20:0
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wildfungames.com
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 18:21:39 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
x-served-by: cache-fra19138-FRA, cache-cdg20754-CDG
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 11386663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43DB1TMtl7UXZQDxlOKakzMry%2FaQZ6r2lVlG%2ButhsqAp5eVbU%2F90XDxoDuFmrZ8BPOdBWBni6LQI51XN0PFXVtUP4qZzIoyCd%2F0RdNSHSSLuds3PI%2FJzNIJBHvkLryPq%2BtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790bbfc2988f0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
104.16.89.20200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
IP 104.16.89.20:0
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wildfungames.com
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 18:21:39 GMT
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
x-served-by: cache-fra19128-FRA, cache-itm18834-ITM
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 3802504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVfKFeTuOpqmrC4SE%2Fdcet7Xe1nYzJHyhYyRVNbRmvVUiLPSTjEn2%2FHLro8UxwEggegRAMg1%2FZ16GLp4IhJ%2BKEEjW%2BMx5LGXnbSZ6sXTDx0B8cW49UJ0IAGKPS8HJBLe2hM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790bbfc298990b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2