| cdn.wildfungames.com/land/rou/img/spin_Roulette03.png | 104.26.4.134 | 200 OK | 1.3 kB |
URL GET HTTP/3cdn.wildfungames.com/land/rou/img/spin_Roulette03.png IP104.26.4.134:443
Requested byhttps://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d016118acea04695fbe26908dd18 CertificateIssuerLet's Encrypt Subjectwildfungames.com FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File typePNG image data, 269 x 138, 8-bit/color RGBA, non-interlaced\012- data Hash5e45d498bdb0b010e058b92e5d5097ac 8a1b41ef4c12fc85b4e4c7d28e3fcf48774054f7 9e860a039b138a3e94b704ff4aae7896c678d88d3c5e1ab2d08e3af5ceecdee6
GET /land/rou/img/spin_Roulette03.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 May 2023 03:29:56 GMT
content-type: image/png
content-length: 1316
etag: "5e45d498bdb0b010e058b92e5d5097ac"
last-modified: Fri, 27 Jan 2023 19:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPjlmA7aHRwFWpEN4jugW7VjIEs1I8lEe%2BzrMgg4PzsHxTNuhHR1p9pUNGykaan1GClcUjIgrlB3iWS4JyiqLgdHQaTn0fL8qIdCAP2yokFQrHz46KHT2uLtfYbFjoHCEoKvlvhY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c88c76acda2b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| cdn.wildfungames.com/land/rou/img/spin_Roulette00.png | 104.26.4.134 | | 13 kB |
URL cdn.wildfungames.com/land/rou/img/spin_Roulette00.png IP104.26.4.134:0
CertificateIssuerLet's Encrypt Subjectwildfungames.com FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File typePNG image data, 170 x 190, 8-bit/color RGBA, non-interlaced\012- data Hash834a8095777aee926381dd13a5a8b3ab c0f06099eea950232f33e02355d84dda44a6e35e 589d62b11a4171fb3a9b7c97b6963447601e36f8c2dcb36370dce75f5bd9687e
GET /land/rou/img/spin_Roulette00.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 May 2023 03:29:56 GMT
content-type: image/png
content-length: 12991
etag: "834a8095777aee926381dd13a5a8b3ab"
last-modified: Fri, 27 Jan 2023 19:45:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUP2Qsoci6efQpg6ruBYj57AE8CrE7L7n6i2QE8g3%2FkpMeAsFGqeQIso0jEBp6adU9s1wvzhUcdXWnW1vUCxj6YzEhP%2F6Hgd3KE6IaZnD8T3nvJWrtUCnQEBKQQo0pEkqigiZqOE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c88c76acda3b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| cdn.wildfungames.com/land/rou/img/spin_Roulette01.png | 104.26.4.134 | | 43 kB |
URL cdn.wildfungames.com/land/rou/img/spin_Roulette01.png IP104.26.4.134:0
CertificateIssuerLet's Encrypt Subjectwildfungames.com FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File typePNG image data, 540 x 540, 8-bit colormap, non-interlaced\012- data Hash6e422805365b1b64d8da6b0d29ae8c69 37d523943fb63f409cd9a6da32fb5d7663a692da a0c05360734297aae902dc48ed95cd7d3d3f818897f111c54aae6f042428b665
GET /land/rou/img/spin_Roulette01.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 May 2023 03:29:56 GMT
content-type: image/png
content-length: 43403
etag: "6e422805365b1b64d8da6b0d29ae8c69"
last-modified: Fri, 27 Jan 2023 12:51:52 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqwxG5ALpLzTqLrjoqDZYlVNuSX5vMCmZILDwWLwKQIeiLLy5FmMlVN0qR%2B3TL6AVuaaDiJFsyluvpmBYEcNOq6Qxgq3p86SVrfhC%2BgmR3COqODYhzqGqE38saZWStVRRXfQ3nVo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c88c76acda5b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js | 151.101.65.229 | 200 OK | 23 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js IP151.101.65.229:443
Requested byhttps://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d016118acea04695fbe26908dd18 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File typeASCII text, with very long lines (65299) Hashf81d0a1705048649befc8b595e455a94 aec551e4d573463088fca7d14fb644eb389f1839 b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: br
accept-ranges: bytes
date: Wed, 17 May 2023 03:29:56 GMT
age: 5409012
x-served-by: cache-fra-eddf8230133-FRA, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23377
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 69.16.175.42 | | 31 kB |
URL code.jquery.com/jquery-3.6.0.min.js IP69.16.175.42:0
File typeASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 May 2023 03:29:56 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1684294196.dop009.sk1.t,1684294196.cds260.sk1.hn,1684294196.cds210.sk1.c
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css | 151.101.65.229 | | 26 kB |
URL cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css IP151.101.65.229:0
CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File typeASCII text, with very long lines (65326) Hashd432e4222814b62dd30c9513dcc29440 2cac4afc120983921411296bd4e8fd8a94ba237e 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: br
accept-ranges: bytes
date: Wed, 17 May 2023 03:29:56 GMT
age: 5253892
x-served-by: cache-fra-eddf8230111-FRA, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26291
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 | 104.18.21.226 | | 1.5 kB |
URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP104.18.21.226:0
Hash7347f2d0610aa935578e7de989a00a65 371414867f5e4f9c94df2cfb92d23c1f3ee9e2d4 9ce5140aa24ef4ee509c5526ccc2da24da70a737daea8a2b0d0c3f8a54a704ac
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 May 2023 03:29:57 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3BA0C037BD65736C3E723B70A2D063143966D662"
Expires: Wed, 17 May 2023 14:00:00 GMT
Last-Modified: Wed, 17 May 2023 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 53
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c88c76bcd58fac4-OSL
|
|
| cdn.wildfungames.com/land/rou/img/spin_bg_desk.png | 104.26.4.134 | | 110 kB |
URL cdn.wildfungames.com/land/rou/img/spin_bg_desk.png IP104.26.4.134:0
CertificateIssuerLet's Encrypt Subjectwildfungames.com FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File typePNG image data, 870 x 650, 8-bit colormap, non-interlaced\012- data Size110 kB (110359 bytes) Hasheafcb5a49ddbee590cfe266b1b0c8820 254de127e096c137b1a8c8e62cf3c96b7c6492e5 da07ed253e14bcf56880e11d0eddb2276a7da9b4f679d49fb17976b97b81172b
GET /land/rou/img/spin_bg_desk.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 May 2023 03:29:57 GMT
content-type: image/png
content-length: 110359
etag: "eafcb5a49ddbee590cfe266b1b0c8820"
last-modified: Fri, 27 Jan 2023 14:03:36 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrPsQ0qozLabyUPn7NzOKxqKPOt%2FwLrF3M3Ba6mb2tnwFiKQ35R%2F8fhNM9TeauHHEcdTouDWxZUuQEn76lfUFmA9Y5CrRIRlCKozPt%2FeVat82ZJyEkZ3elunIgow9OKtvYqbxAzK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c88c76c1e1cb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| cdn.wildfungames.com/land/rou/img/spin_Roulette02.png | 104.26.4.134 | 200 OK | 35 kB |
URL GET HTTP/3cdn.wildfungames.com/land/rou/img/spin_Roulette02.png IP104.26.4.134:443
Requested byhttps://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d016118acea04695fbe26908dd18 CertificateIssuerLet's Encrypt Subjectwildfungames.com FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File typePNG image data, 434 x 434, 8-bit colormap, non-interlaced\012- data Hash320aa52aa7ccfde051920d20967e0baa 7a6dc94d3aa311664e94d1259322f081b2f074f7 673f4069c0d4e4e256cd84e482cfc0e60fa76547aa6f62578b3f47c60299d4c1
GET /land/rou/img/spin_Roulette02.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 May 2023 03:29:57 GMT
content-type: image/png
content-length: 35051
etag: "320aa52aa7ccfde051920d20967e0baa"
last-modified: Fri, 27 Jan 2023 19:45:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqPWl2%2F4j3oc32Se%2BHgTyHWYPj6fnOl%2Fyl1DdhKTHgU%2FcFdWnWXgVZnCg3dj6vf3TgY6pyxv5cqKkc5IEY5TK9RTEEwZYhn7DOS%2FvUucKohuCEMv%2BzbsE2NporKE3gChB0V9e2zY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c88c76c5e2fb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| cdn.wildfungames.com/land/rou/js2/default1.js?v=1.3 | 104.26.4.134 | 200 OK | 1.2 kB |
URL GET HTTP/3cdn.wildfungames.com/land/rou/js2/default1.js?v=1.3 IP104.26.4.134:443
Requested byhttps://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d016118acea04695fbe26908dd18 CertificateIssuerLet's Encrypt Subjectwildfungames.com FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
Hashcb6fb41521eaa67073568b2a55d1f30b 88cc4d14b87f77dc5429ab3624580ba2a8896cb8 2e6d72ec4b076ed8f7e09491312204dff0e816fd347c64c4b63ef684c4ecde96
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /land/rou/js2/default1.js?v=1.3 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 May 2023 03:29:56 GMT
content-type: application/javascript
etag: W/"cb6fb41521eaa67073568b2a55d1f30b"
last-modified: Fri, 03 Mar 2023 09:09:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1876
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNYdo42HnRiTxlCF3P7vApfX9KGMERMqV%2Bn%2FXeT6rrgC0sKBczsSpQLiJyjCTpA%2BE3Ih1woVjHnnO2B0YF1L7X43UX9s93S1pRD2bsOGLGfGUCkNQ3zrM%2FbVM2mQdMqdAp7Zi1JG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c88c76aad94b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| redrotou.net/pfe/current/micro.tag.min.js?z=5759760&sw=/sw-check-permissions-93246.js | 139.45.197.251 | | 15 kB |
URL redrotou.net/pfe/current/micro.tag.min.js?z=5759760&sw=/sw-check-permissions-93246.js IP139.45.197.251:0
File typeC source, ASCII text, with very long lines (41979), with no line terminators Hashd44fd7b96fceca8f81b472766025d0d2 237541097413baf5cd3e703413f8bc9ea538a4db b6c7c1e7fb1a437f100bdcb253df8b0468f130835fbb82c5687505a099997d16
GET /pfe/current/micro.tag.min.js?z=5759760&sw=/sw-check-permissions-93246.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 17 May 2023 03:29:57 GMT
content-type: application/javascript
last-modified: Thu, 11 May 2023 14:20:13 GMT
etag: W/"645cf99d-a3fb"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1 | 104.26.4.134 | 200 OK | 11 kB |
URL GET HTTP/3cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1 IP104.26.4.134:443
Requested byhttps://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d016118acea04695fbe26908dd18 CertificateIssuerLet's Encrypt Subjectwildfungames.com FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File typeASCII text, with very long lines (11334), with no line terminators Hash20ff2d103a051f36069225e9bb9c87c0 eda19b305872d407fc62cb8d469d7a29b8b7b857 74c66b1c99c8c71ceb2bee5c74748060d22a2998389e7b4dd1080796252c0131
GET /land/rou/js2/propeller.min.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 May 2023 03:29:56 GMT
content-type: application/javascript
etag: W/"20ff2d103a051f36069225e9bb9c87c0"
last-modified: Fri, 27 Jan 2023 19:45:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 7140
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXw3J%2BYy4qBpDW%2BSitEPe8NODVoACdjVO4ourYWIGUez8UIdoRpW2woVjzkU3VfYAtM2a8A9z7tqzgravf4FWSiiG272Rmzeuvnw0Mfb75mYJbUJuG1WNZ8r1BiBU4jg7rJm9gR0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c88c76aad95b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1 | 104.26.4.134 | 200 OK | 3.7 kB |
URL GET HTTP/3cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1 IP104.26.4.134:443
Requested byhttps://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d016118acea04695fbe26908dd18 CertificateIssuerLet's Encrypt Subjectwildfungames.com FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File typeASCII text, with very long lines (3786), with no line terminators Hash8d6a9c61aa9517fef0c16a9cf5255196 85ea3d266321d3b0cca5ff48230c2c21754f063b 9a9710b587a45328a4f52e43be673c612bad889923e771d1b7fca462ead0dd87
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /land/rou/js2/winwheel_game.min.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 May 2023 03:29:56 GMT
content-type: application/javascript
etag: W/"93ae375d5794d7efc5759847e616b870"
last-modified: Fri, 27 Jan 2023 19:45:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1876
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIKVIe%2FPgKH8GYnl6Uho%2FwU1T03ajjrLNO2hYUalkL%2FHpoFccKUQ2kZkfKChyORDvCFqSD9f0fTi%2B65FoG2zmPVOIV%2BGVWXMCekiRUtvFlUKpnhwX4pGL1xeu0shidpPkdQBuMpE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c88c76aad93b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| wildfungames.com/favicon.ico | 104.26.4.134 | 200 OK | 150 B |
URL GET HTTP/3wildfungames.com/favicon.ico IP104.26.4.134:443
Requested byhttps://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d016118acea04695fbe26908dd18 CertificateIssuerLet's Encrypt Subjectwildfungames.com FingerprintC4:79:84:45:AC:4F:BE:4F:C2:42:78:F1:B7:BF:1F:92:7A:D3:70:5D ValidityThu, 04 May 2023 10:54:30 GMT - Wed, 02 Aug 2023 10:54:29 GMT
File typeMS Windows icon resource - 2 icons, 1x1, 2 colors, 1x1, 2 colors\012- data Hashb16ffe438aae1df8db0437e8466b9a2d 4891ca58b0df9d4b67f190eb5f6406f9dd188875 972206ec635266c0b99c42350817a834e92fbb64f1d7cbf5eb5ad7a26d7a41b9
GET /favicon.ico HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d016118acea04695fbe26908dd18
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 May 2023 03:29:57 GMT
content-type: image/x-icon
last-modified: Mon, 15 May 2023 10:53:53 GMT
etag: W/"64620f41-96"
cache-control: max-age=14400
cf-cache-status: HIT
age: 7120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0e%2BVdbZZCq4Z6Ufx3XzQD49jl8NNMXC6ZUB%2FZs1lUKp9yocyGvxZmKPEEhDl0PuwJN4TY9%2Fwd7zlOosAVO15%2BKdZn9FKgYSDmVTJpqAkTZfKhgTxiFp2i8bVhYbr699mks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c88c76d0e86b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| redrotou.net/zone?&pub=0&zone_id=5759760&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2redrotou.net/zone?&pub=0&zone_id=5759760&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.251:443
Requested byhttps://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc0d016118acea04695fbe26908dd18 CertificateIssuerLet's Encrypt Subjectredrotou.net Fingerprint82:26:70:97:A6:64:2B:0D:51:75:05:03:52:AE:BE:EB:6C:F4:95:D6 ValidityThu, 02 Mar 2023 05:25:16 GMT - Wed, 31 May 2023 05:25:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5759760&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wildfungames.com
DNT: 1
Connection: keep-alive
Referer: https://wildfungames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 17 May 2023 03:29:57 GMT
content-length: 0
x-trace-id: e2f6dc268b8fad2ee740c51f50c18eed
access-control-allow-origin: https://wildfungames.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|