cdn.wildfungames.com/land/rou/img/spin_Roulette03.png
172.67.70.29200 OK 1.3 kB URL GET HTTP/2 cdn.wildfungames.com/land/rou/img/spin_Roulette03.png
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type PNG image data, 269 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e45d498bdb0b010e058b92e5d5097ac
8a1b41ef4c12fc85b4e4c7d28e3fcf48774054f7
9e860a039b138a3e94b704ff4aae7896c678d88d3c5e1ab2d08e3af5ceecdee6
GET /land/rou/img/spin_Roulette03.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: image/png
content-length: 1316
etag: "5e45d498bdb0b010e058b92e5d5097ac"
last-modified: Fri, 27 Jan 2023 19:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCiEJWor8FBkR%2Fxh81N3G1JClS7AUoHqqh8OcBtIeYIpa1%2FoMCCZ5ObOyCrNPJZQbqwFI5jC%2BkJSUzl7F5W2ve%2BWQO4L7sovmFFZXEwQpata4NT6SxvXuwDA29l9crL3rEIp3Ab2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e814b73b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.wildfungames.com/land/rou/img/spin_Roulette01.png
172.67.70.29200 OK 43 kB URL GET HTTP/2 cdn.wildfungames.com/land/rou/img/spin_Roulette01.png
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type PNG image data, 540 x 540, 8-bit colormap, non-interlaced\012- data
Hash 6e422805365b1b64d8da6b0d29ae8c69
37d523943fb63f409cd9a6da32fb5d7663a692da
a0c05360734297aae902dc48ed95cd7d3d3f818897f111c54aae6f042428b665
GET /land/rou/img/spin_Roulette01.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: image/png
content-length: 43403
etag: "6e422805365b1b64d8da6b0d29ae8c69"
last-modified: Fri, 27 Jan 2023 12:51:52 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYZFw7IppYiUHh1JT%2Bw%2BporfFh5qWn7juJNGnBNZwIf5jMRj5qsA3Or4xK%2FSuzwZFzOAVAenUNmUrphH%2BcbmXAB%2BwvrjNoUdrLkPM7PZroNvv0aTeZVhcr7cuJzc49PD9C81f0Pz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e814b71b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.wildfungames.com/land/rou/img/spin_Roulette00.png
172.67.70.29200 OK 13 kB URL GET HTTP/2 cdn.wildfungames.com/land/rou/img/spin_Roulette00.png
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type PNG image data, 170 x 190, 8-bit/color RGBA, non-interlaced\012- data
Hash 834a8095777aee926381dd13a5a8b3ab
c0f06099eea950232f33e02355d84dda44a6e35e
589d62b11a4171fb3a9b7c97b6963447601e36f8c2dcb36370dce75f5bd9687e
GET /land/rou/img/spin_Roulette00.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: image/png
content-length: 12991
etag: "834a8095777aee926381dd13a5a8b3ab"
last-modified: Fri, 27 Jan 2023 19:45:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQkU5smitlmtU%2FFoVBdQFuUjF6pp8XROShrtCDb2vIxe6Uiud%2BAsc2NmrD%2B5g4oFTp1SK00RG6e9pD45cQNW7upL1OpI2FgtmK4d%2BQuEVTmLYSutFB0D5UU5pPdk%2BrgzwgXZPzx3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e814b6fb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1684269583.dop010.sk1.t,1684269583.cds215.sk1.hn,1684269583.cds210.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
151.101.129.229200 OK 23 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
IP 151.101.129.229:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type ASCII text, with very long lines (65299)
Hash f81d0a1705048649befc8b595e455a94
aec551e4d573463088fca7d14fb644eb389f1839
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: br
accept-ranges: bytes
date: Tue, 16 May 2023 20:39:43 GMT
age: 5384399
x-served-by: cache-fra-eddf8230133-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23377
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
151.101.129.229200 OK 26 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 151.101.129.229:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type ASCII text, with very long lines (65326)
Hash d432e4222814b62dd30c9513dcc29440
2cac4afc120983921411296bd4e8fd8a94ba237e
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: br
accept-ranges: bytes
date: Tue, 16 May 2023 20:39:43 GMT
age: 5229278
x-served-by: cache-fra-eddf8230111-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26291
X-Firefox-Spdy: h2
cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1
172.67.70.29200 OK 2.8 kB URL GET HTTP/2 cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type ASCII text, with very long lines (3694), with no line terminators
Hash 93ae375d5794d7efc5759847e616b870
f1067f7ea66321bc67d64a358b6f962318d0bc73
f55eabc1f0e0d170720f84fe5f9ed2877503b5ca9487e02a81ebc8fb873ab2d1
Analyzer Verdict Alert fortinet Malware
GET /land/rou/js2/winwheel_game.min.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: application/javascript
etag: W/"93ae375d5794d7efc5759847e616b870"
last-modified: Fri, 27 Jan 2023 19:45:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdqhlSwzJC44bwBJM2%2F0Sn9reIXl1gXlIiPraEeveRF4a1kS0EUX9OZmdaBXCTplRBEQnu9pByfTbntHXtGQJZ68YvruQFvKNAOZEulIearp0HpEWoQbrtg4pgraAWX8U7QhjoOl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e814b6cb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.wildfungames.com/land/rou/img/spin_bg_desk.png
172.67.70.29200 OK 110 kB URL GET HTTP/3 cdn.wildfungames.com/land/rou/img/spin_bg_desk.png
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type PNG image data, 870 x 650, 8-bit colormap, non-interlaced\012- data
Size 110 kB (110359 bytes)
Hash eafcb5a49ddbee590cfe266b1b0c8820
254de127e096c137b1a8c8e62cf3c96b7c6492e5
da07ed253e14bcf56880e11d0eddb2276a7da9b4f679d49fb17976b97b81172b
GET /land/rou/img/spin_bg_desk.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: image/png
content-length: 110359
etag: "eafcb5a49ddbee590cfe266b1b0c8820"
last-modified: Fri, 27 Jan 2023 14:03:36 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2932
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roFtIah5et04DK8FUiUEP1MxpCJ1DfWdDyuloEznz70g%2BjibAS6K51LQc5wXkGYgd%2BAFz9m2y0Txe5P2gBvbIvqI1PKIhJjPM15%2Fvu6tDt15eAfOfVsEwRavnsReDAkVLM8lnrhb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e82be3d0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.wildfungames.com/land/rou/img/spin_Roulette02.png
172.67.70.29200 OK 35 kB URL GET HTTP/3 cdn.wildfungames.com/land/rou/img/spin_Roulette02.png
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type PNG image data, 434 x 434, 8-bit colormap, non-interlaced\012- data
Hash 320aa52aa7ccfde051920d20967e0baa
7a6dc94d3aa311664e94d1259322f081b2f074f7
673f4069c0d4e4e256cd84e482cfc0e60fa76547aa6f62578b3f47c60299d4c1
GET /land/rou/img/spin_Roulette02.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: image/png
content-length: 35051
etag: "320aa52aa7ccfde051920d20967e0baa"
last-modified: Fri, 27 Jan 2023 19:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2931
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIXklvfPrbuZkgSLKizKYaS8waiY1EHbnnmhhdW6smCiSQmUDZOUUNtzRhF36lYomeLnGFR1JiyF229aYhyQrZneOyp0ZJcVI7RR1XQvZKlaXu5CeQAdJxOwdwEd1rVbi%2FbTFuvw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e82fe6e0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
tracking-protection.cdn.mozilla.net/ads-track-digest256/1683905755
34.120.158.37 56 kB URL tracking-protection.cdn.mozilla.net/ads-track-digest256/1683905755
IP 34.120.158.37:0
Hash 269d3730f5f5a91e02e74b6d1498b45c
fe6640e84d5a43072c05b913266ade94556c9216
f40d8ffb5be71fc4bfd07d46ca2f326660c979713f5b4322a98f025518e3b239
GET /ads-track-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: BVUXlOebI1rpBFLUzt3+UM0/t2rIIXi6lMpvHt8W1m9hVyZ6r8b/4e5yikn5AYzbxQbSPGPgsoQ=
x-amz-request-id: 09T6WR8HCE8C8V31
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 56534
via: 1.1 google
date: Tue, 16 May 2023 15:36:23 GMT
age: 18201
last-modified: Fri, 12 May 2023 15:36:09 GMT
etag: "269d3730f5f5a91e02e74b6d1498b45c"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/analytics-track-digest256/1683905755
34.120.158.37 10 kB URL tracking-protection.cdn.mozilla.net/analytics-track-digest256/1683905755
IP 34.120.158.37:0
Hash feffee93ee53bd6b02687bb9d9a11425
f9fab28225d6eb2ed2e72ce675d5d5b624383658
3b09c3bc75d40a2dc370d7a9e88433d74de203f31056900b995b497950f2d672
GET /analytics-track-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: +cJ37Zyvxn6elVYu7wZJoNjAhjtesSfbe2jkjQjrWBkOTE2pyvq6gJVsfCqAMyVrxdoVcWkzkNE=
x-amz-request-id: ZZK6DMFPNZSYG58H
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 10486
via: 1.1 google
date: Tue, 16 May 2023 15:36:19 GMT
age: 18205
last-modified: Fri, 12 May 2023 15:36:10 GMT
etag: "feffee93ee53bd6b02687bb9d9a11425"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/content-track-digest256/1683905755
34.120.158.37 15 kB URL tracking-protection.cdn.mozilla.net/content-track-digest256/1683905755
IP 34.120.158.37:0
Hash adff9f8518019ddb5b72e09fa471bd56
2a5cf28dcda107605da2bb4f6e56a07e514a927f
900f414ea63bb7f4e5a33041d77112c309aa8dfebd93681895c596d948ed12bf
GET /content-track-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: ZAi9uigP15zWuaSfzYiCnsNB3BPBqAMBp7tbFeOAWdCBW9stGbzWlpmMUnTPLcdttT9h7R9se20rwzvzM54WWHIj0dbNJ7irstwHLJ895jM=
x-amz-request-id: 7BFG3FWDC80NRE2A
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 15350
via: 1.1 google
date: Tue, 16 May 2023 15:36:44 GMT
age: 18180
last-modified: Fri, 12 May 2023 15:36:06 GMT
etag: "adff9f8518019ddb5b72e09fa471bd56"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/1683905755
34.120.158.37 1.5 MB URL tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/1683905755
IP 34.120.158.37:0
Size 1.5 MB (1476920 bytes)
Hash 501d3f65be5457b0986a2f0b880e88f2
0df631bbe10a12e255c8d323fed084f51ffb842d
e3acbced9ab46ff7a41311445b2bd1f6f70f8716d35131670528417d2c9a6627
GET /google-trackwhite-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: ZqZFrQ4TzRU7vWU4OwuECNTGaJ9fWgaNoKDYpt8MlMdqJhs2vid3JzkVEVCSbLU4YCNk7jO4XA4=
x-amz-request-id: 3H5PTM75RDBKPBPN
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Tue, 16 May 2023 15:36:34 GMT
age: 18190
last-modified: Fri, 12 May 2023 15:36:17 GMT
etag: "501d3f65be5457b0986a2f0b880e88f2"
content-type: application/octet-stream
content-length: 1476920
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
redrotou.net/zone?&pub=0&zone_id=5759760&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
139.45.197.251200 OK 0 B URL POST HTTP/2 redrotou.net/zone?&pub=0&zone_id=5759760&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
IP 139.45.197.251:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectredrotou.net
Fingerprint82:26:70:97:A6:64:2B:0D:51:75:05:03:52:AE:BE:EB:6C:F4:95:D6
ValidityThu, 02 Mar 2023 05:25:16 GMT - Wed, 31 May 2023 05:25:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5759760&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 May 2023 20:39:45 GMT
content-length: 0
x-trace-id: 6447d2827649372adc6828b8f4861f33
access-control-allow-origin: https://wildfungames.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/1683905755
34.120.158.37 345 kB URL tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/1683905755
IP 34.120.158.37:0
Size 345 kB (345431 bytes)
Hash f3aec7da10baec23af5a6691f4b815d6
63c6838fca2f16a6c1765b96f9d6ef72d4638ad3
daa310c17ce0c89e49d76fd14e5f9aea864ca8f0f4cfe3f10dde42ab4d646c4f
GET /mozstd-trackwhite-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: nJLJaLKg+5U6WBUey7FP5yV1XdvcTMUiFHfY1k1m5hrF8zYSYyiY3CpIGKZBdNyCFNVDPJBMJMU=
x-amz-request-id: MW49C5ACMVFW5DRP
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 345431
via: 1.1 google
date: Tue, 16 May 2023 15:36:24 GMT
age: 18201
last-modified: Fri, 12 May 2023 15:36:15 GMT
etag: "f3aec7da10baec23af5a6691f4b815d6"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
cdn.wildfungames.com/land/rou/css/default.min.css?v=1
172.67.70.29200 OK 1.8 kB URL GET HTTP/2 cdn.wildfungames.com/land/rou/css/default.min.css?v=1
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type ASCII text, with very long lines (4431), with no line terminators
Hash c87a79b32fd06185ea1eabe4af153677
eb8d1610d44a9f00c1909e7bef51b99afeebe318
f0577aca3b90aa414057dde0de4bcda8a39f333a3de9a5b6bbb0f93d7423f49b
Analyzer Verdict Alert fortinet Malware
GET /land/rou/css/default.min.css?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: text/css
etag: W/"c87a79b32fd06185ea1eabe4af153677"
last-modified: Fri, 27 Jan 2023 20:13:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOTIGAxXRXaDSfAhhi0Is8tTLR89AhhP1MHzBSE8TXfHF02sSaui%2Fq4EtPy6rBhKs1Mic0TZIbIjX3wDrkwdqfr7FD1yjsoJuGHTAGodWnZ02dCV8ac6R00TGnQ5GAx1R9JZSftr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e814b6ab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1
172.67.70.29200 OK 11 kB URL GET HTTP/2 cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type ASCII text, with very long lines (11334), with no line terminators
Hash 20ff2d103a051f36069225e9bb9c87c0
eda19b305872d407fc62cb8d469d7a29b8b7b857
74c66b1c99c8c71ceb2bee5c74748060d22a2998389e7b4dd1080796252c0131
GET /land/rou/js2/propeller.min.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: application/javascript
etag: W/"20ff2d103a051f36069225e9bb9c87c0"
last-modified: Fri, 27 Jan 2023 19:45:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIzDz1Mq%2Bc9%2FiKyafeAWWkVOaIaUhW5M4OJNKF7AmNmhT6b2oi%2FdItoNiDPw4hi3v%2BocjMrpb4HM8cK3dY%2BxQmyW%2BmSVbZbn6JAd%2FE4nxnRG%2BzRtbNyHWTKXs7ZH%2FBBV4d9Y3dme"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e814b6bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wildfungames.com/sw-check-permissions-93246.js
172.67.70.29200 OK 566 B URL GET HTTP/3 wildfungames.com/sw-check-permissions-93246.js
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type ASCII text, with very long lines (605), with no line terminators
Hash 62fcf98313c266f8b8d436b45d4ff769
5c2e1bcacdd369b1bbc038a860de18473e344c36
88c375e4f74ef4878bd7a9a751d4d5e55c9256cdc33430e6fd5a39ef96c0369a
Analyzer Verdict Alert fortinet Malware
GET /sw-check-permissions-93246.js HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 May 2023 20:39:45 GMT
content-type: application/javascript
last-modified: Mon, 15 May 2023 10:53:53 GMT
vary: Accept-Encoding
etag: W/"64620f41-236"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3090
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6eHmgeU9IIkTchi1fbSFcmHhbS2uSnq0cwO1KMn0vVQnROJV4ippAcM2V%2FEk0Ppbd3Db6IcUkvlJVcSR0fQdntIVw8HJnWifdFicbUBVLQIwURHa9TyEmWbL16mTWUxMBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e8a7cf10b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
172.67.70.29200 OK 4.3 kB URL User Request GET HTTP/2 wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
IP 172.67.70.29:443
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4523), with no line terminators
Hash 93ae774f9ad60ac1ac0ed86264e8d0bb
618f01918748048adebb0c70f2c4594701100a38
0e5884f5c16624b66ff4fa4df862b8fd226b8c083fc4f0b0ca7d3d42c2299077
GET /land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573 HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2dbyRifgCqnCiyE94CqzZ4lWuSkkagwcsEmvsrWblFgMUL6bEVoxKxjN9Ohf%2BWvnoJORbBU%2Fy6xH%2FufnjOlS6mRB4AfE0oKADeUiNLZ2%2BqFkKaUeUEFuh%2FkD8Ri8SqYBn0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e7e1c5eb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.wildfungames.com/land/rou/js2/default1.js?v=1.3
172.67.70.29200 OK 2.4 kB URL GET HTTP/2 cdn.wildfungames.com/land/rou/js2/default1.js?v=1.3
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type ASCII text, with very long lines (2492), with no line terminators
Hash a01714197378fab470827fdf04d181e4
e50f54749d417d645d7c2122cb3a543ee44c564b
73015b447bd17371ec1de15eb0eeb614baa5e8c21a5a956c346e2baf63ea6911
Analyzer Verdict Alert fortinet Malware
GET /land/rou/js2/default1.js?v=1.3 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: application/javascript
etag: W/"cb6fb41521eaa67073568b2a55d1f30b"
last-modified: Fri, 03 Mar 2023 09:09:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMli4RjSEKQFyxOsKg5iiHW6jlGDphu95Nsq7Pt00213Rm67riuhKGI05Y1Mj90salXhZXOD7rSZEyRm4BDn0SR3F8fXCM1uu5fX9gS0vBWD29UGucbVknqlDupCTIvfVBBWLczQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e814b6db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
redrotou.net/pfe/current/micro.tag.min.js?z=5759760&sw=/sw-check-permissions-93246.js
139.45.197.251200 OK 42 kB URL GET HTTP/2 redrotou.net/pfe/current/micro.tag.min.js?z=5759760&sw=/sw-check-permissions-93246.js
IP 139.45.197.251:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectredrotou.net
Fingerprint82:26:70:97:A6:64:2B:0D:51:75:05:03:52:AE:BE:EB:6C:F4:95:D6
ValidityThu, 02 Mar 2023 05:25:16 GMT - Wed, 31 May 2023 05:25:15 GMT
File type C source, ASCII text, with very long lines (41979), with no line terminators
Hash d44fd7b96fceca8f81b472766025d0d2
237541097413baf5cd3e703413f8bc9ea538a4db
b6c7c1e7fb1a437f100bdcb253df8b0468f130835fbb82c5687505a099997d16
GET /pfe/current/micro.tag.min.js?z=5759760&sw=/sw-check-permissions-93246.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 May 2023 20:39:44 GMT
content-type: application/javascript
last-modified: Thu, 11 May 2023 14:20:13 GMT
etag: W/"645cf99d-a3fb"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.wildfungames.com/land/rou/js2/confetti.js?v=1.3
172.67.70.29200 OK 6.6 kB URL GET HTTP/2 cdn.wildfungames.com/land/rou/js2/confetti.js?v=1.3
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type ASCII text, with very long lines (6823), with no line terminators
Hash 8cac0113d09ced7378e4b55c2fde937d
a8930a48dbe171c4f5663334db8e5bc0cdf9ab94
c06ce8cb35e8f53cac328cb235ed42f2c7448d2bc48f9aba461e0a9f21fe4c5f
Analyzer Verdict Alert fortinet Malware
GET /land/rou/js2/confetti.js?v=1.3 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: application/javascript
etag: W/"594e7bd784c66babe7dd35e2cf498f14"
last-modified: Fri, 27 Jan 2023 19:45:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3Df9I5Cf2E3glS2do9KvBkTFVcFXx0DxKLqQa2MApwFIhND4SgGRq%2BQimjkm%2BWdDvs5lYQqqtXXPbnIXhCve8bnDKy%2BSGu%2B43Z7R134n9jamgPSVCydqN5INaGoeZ7O%2BeepGXSl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c866e814b67b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wildfungames.com/favicon.ico
172.67.70.29200 OK 150 B URL GET HTTP/3 wildfungames.com/favicon.ico
IP 172.67.70.29:443
Requested by https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Certificate IssuerLet's Encrypt
Subjectwildfungames.com
FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D
ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File type MS Windows icon resource - 2 icons, 1x1, 2 colors, 1x1, 2 colors\012- data
Hash b16ffe438aae1df8db0437e8466b9a2d
4891ca58b0df9d4b67f190eb5f6406f9dd188875
972206ec635266c0b99c42350817a834e92fbb64f1d7cbf5eb5ad7a26d7a41b9
GET /favicon.ico HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d09a99bac13e3e14daa8dd4e1573
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 May 2023 20:39:43 GMT
content-type: image/x-icon
last-modified: Mon, 15 May 2023 10:53:53 GMT
etag: W/"64620f41-96"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2145
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcRPtXiOV9BTgvdUc%2BQorYnWA184sX8342g6%2FtcnbCUJFhWjwxIzs9wCj%2FoY2On2gyqyp%2FsdRbKkSdrpgTZ7vHblMu%2FPrUXaJW13%2BAGL9uf9lfDBGf2pi8ZRccDa0BLzLOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c866e83af0b0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400