Report - wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920

Report Overview

URL

wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
IP

104.26.5.134

ASN

#13335 CLOUDFLARENET
Submitted

2023-04-13T05:54:49Z

Access

public
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

5

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
code.jquery.com (1)	634	2012-05-21 19:28:02	2023-04-13 06:35:10	433	31333	69.16.175.42
ocsp.sectigo.com (2)	487	2019-11-29 12:50:24	2023-04-12 23:41:59	660	1928	172.64.155.188
redrotou.net (2)	145989	2021-03-16 06:03:50	2023-04-13 03:03:28	878	15450	139.45.197.251
cdn.jsdelivr.net (2)	439	2012-09-30 02:15:09	2023-04-13 03:35:26	945	247291	185.244.209.62
wildfungames.com (3)	unknown	2016-11-21 04:51:35	2023-04-12 05:31:30	1323	3973	172.67.70.29
cdn.wildfungames.com (10)	unknown	2023-01-27 13:57:21	2023-04-12 16:56:59	4328	219303	104.26.4.134

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-04-13	medium	cdn.wildfungames.com/land/rou/js2/default1.js?v=1.3
2023-04-13	medium	cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1
2023-04-13	medium	cdn.wildfungames.com/land/rou/js2/confetti.js?v=1.3
2023-04-13	medium	cdn.wildfungames.com/land/rou/css/default.min.css?v=1
2023-04-13	medium	wildfungames.com/sw-check-permissions-93246.js

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (20)

URL IP Response Size

wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920

172.67.70.29

200 OK

1508

URL User Request GET HTTP/1.1

wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
IP

172.67.70.29:80
ASN

#13335 CLOUDFLARENET

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

Size

1508
Hash

8f7fcaf4c2f39983bd24e6c8c07e2f1c

44fa9078ae1a6c56995c2f18991a39db9f38ac04

2eefef3b4897c3097cff2d770e06a64babe9a09b250045c05b140f8d61dd8fbd

HTTP Headers

                                        GET /land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920 HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
cache-control: no-cache, private
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hv3e8bmRj1IrhjP3pCfdRJa%2FyK%2FvJhBcQFm3t1qhUIqM8vnLwbA4rAfC82XbkDmV3D%2FgEbHx%2Bi7Lf35wQx5s1NXG5cT6G3DnG0X4THMtciUXG1KjrBf%2B5j4TJmy0yLASJeY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b71748368a0b4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1

104.26.4.134

200 OK

3377

URL GET HTTP/1.1

cdn.wildfungames.com/land/rou/js2/propeller.min.js?v=1
IP

104.26.4.134:443
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerCloudflare, Inc.

Subjectcdn.wildfungames.com

Fingerprint12:07:77:64:D4:18:2D:3F:F1:FF:29:E7:5A:87:26:4A:BE:78:4D:1B

ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (11334), with no line terminators

Size

3377
Hash

2e5fd92be5b702ec0be7b381c2c76e49

7fc09db77b67cf82285a2eaf52b7d2a126893663

4fa34a85b0ee0d3daa6988527b7b6a4d9eccd493f54a96f7e0a05fa0d5d1130d

HTTP Headers

                                        GET /land/rou/js2/propeller.min.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"20ff2d103a051f36069225e9bb9c87c0"
Last-Modified: Fri, 27 Jan 2023 19:45:45 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6658
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jr9ccyItP45oGoPkhq7J3RP%2FVb7J3G%2BcyqIYH2IKs%2Bd3obtmsN7CjuoFST6d6h3FRl54RNuFGncdWEboWyD3ckDqKxqFMaEWfWgtgaNPS0XB39sYrhYkTaDAOQUursibjcBkbQvl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b71748709b3b512-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.wildfungames.com/land/rou/js2/default1.js?v=1.3

104.26.4.134

200 OK

708

URL GET HTTP/1.1

cdn.wildfungames.com/land/rou/js2/default1.js?v=1.3
IP

104.26.4.134:443
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerCloudflare, Inc.

Subjectcdn.wildfungames.com

Fingerprint12:07:77:64:D4:18:2D:3F:F1:FF:29:E7:5A:87:26:4A:BE:78:4D:1B

ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

ASCII text

Size

708
Hash

868539b299e3d222198ce4584bff42d5

92281f722de18aec454f3655779bdbbcdfaff707

de0e3ca83bb57b6c72a0653de7103346f4a266dbcf79d3af2547c09a6cdabd43

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /land/rou/js2/default1.js?v=1.3 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"cb6fb41521eaa67073568b2a55d1f30b"
Last-Modified: Fri, 03 Mar 2023 09:09:59 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3114
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djCIR%2B%2B8cspsvEeqLUtimQEasew1LdXGyH%2Fas0AyIXMXKxiYzd87pRWtHZQzk4Qe%2Fm5QlhKbC4z4iX4Y6ncRekFJmIwhSZtqBeDJG4dzWODhun8ZZPZeyp%2FwgWfnkRSmqfUOEUXf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b7174871978fac4-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1

104.26.4.134

200 OK

1360

URL GET HTTP/1.1

cdn.wildfungames.com/land/rou/js2/winwheel_game.min.js?v=1
IP

104.26.4.134:443
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerCloudflare, Inc.

Subjectcdn.wildfungames.com

Fingerprint12:07:77:64:D4:18:2D:3F:F1:FF:29:E7:5A:87:26:4A:BE:78:4D:1B

ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (3694), with no line terminators

Size

1360
Hash

e8b1f90201cd46bfd3dc724c717a33e1

739f1e9d9673d2aa6e4de5bf0b46103854d6bda2

6b06ad34e47a22c70eddc60bd007de63dfe2928a1323c3e85cb76ef7c574f082

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /land/rou/js2/winwheel_game.min.js?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"93ae375d5794d7efc5759847e616b870"
Last-Modified: Fri, 27 Jan 2023 19:45:45 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6657
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9RFRna1PqpCzet4Kmj33xlhwLdVKAn3vt%2BDaca818ZEq9ATVwQWqy4mMBJZDz3eF9afOBkxMVgqHl7tGoAmG0%2BoGgeH2R9VgXKaUTBERBuGoy3e9L3foQsV3PDa3sduFNC3YoLu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b7174871db5b500-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.wildfungames.com/land/rou/js2/confetti.js?v=1.3

104.26.4.134

200 OK

1861

URL GET HTTP/1.1

cdn.wildfungames.com/land/rou/js2/confetti.js?v=1.3
IP

104.26.4.134:443
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerCloudflare, Inc.

Subjectcdn.wildfungames.com

Fingerprint12:07:77:64:D4:18:2D:3F:F1:FF:29:E7:5A:87:26:4A:BE:78:4D:1B

ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

ASCII text

Size

1861
Hash

2526419743133ede6a0b7ea45e33d563

3b66e3ff3ff840449cc5b5e40aafc8008b15e9ea

d25b51238af48538cd3ef9d80712e04f751c882efd7b70e41ce7c719bfe2e5c6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /land/rou/js2/confetti.js?v=1.3 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"594e7bd784c66babe7dd35e2cf498f14"
Last-Modified: Fri, 27 Jan 2023 19:45:44 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2826
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ba5uqOpYPvLvtM1sB42SROcdWwSSqsnhvXMY2I5fIGbzvu%2Bq9m0XJLT9Nt1XnJSi4lBXYm%2BHBrDCDildV3QZiUb6l6QjKnQRBNe9c978mvxFwIYoToAFwwkt0i18E09wMzsBRT0V"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b7174872c960b41-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.wildfungames.com/land/rou/css/default.min.css?v=1

104.26.4.134

200 OK

1248

URL GET HTTP/1.1

cdn.wildfungames.com/land/rou/css/default.min.css?v=1
IP

104.26.4.134:443
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerCloudflare, Inc.

Subjectcdn.wildfungames.com

Fingerprint12:07:77:64:D4:18:2D:3F:F1:FF:29:E7:5A:87:26:4A:BE:78:4D:1B

ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (4431), with no line terminators

Size

1248
Hash

50330b27ab37012510258b86786ba759

30323f5a2fed4be78741ed7d6be027fcdc7ad19d

37c84a700f1e1ab7ca47ca811bc68176960ba1d7dee78c28eea3059b75d6d9ae

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /land/rou/css/default.min.css?v=1 HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"c87a79b32fd06185ea1eabe4af153677"
Last-Modified: Fri, 27 Jan 2023 20:13:29 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6658
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IhbubUlYQ9I6GM87t6OsiGgNmA9RNt8yD0OARnQzA8B8Nqe93tZPFvBaj%2Fgg7pMPsbBLvap%2BG2SWM1vD%2BRxbHRSRgeBfh0g%2F7h5wC1t7DFwHBZSc3NljXH%2BSQ2Ri5qexKdTe7uh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b7174872be90b51-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

code.jquery.com/jquery-3.6.0.min.js

69.16.175.42

200 OK

30875

URL GET HTTP/2

code.jquery.com/jquery-3.6.0.min.js
IP

69.16.175.42:443
ASN

#20446 STACKPATH-CDN

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerSectigo Limited

Subject*.jquery.com

Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83

ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (65447)

Size

30875
Hash

899f0189aaf034bbba5340f724d91dfa

210ea9de03968edb9d839ba4a0ce2d48666a8ab8

949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f

HTTP Headers

                                        GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wildfungames.com
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Thu, 13 Apr 2023 05:54:34 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1681365274.dop012.sk1.t,1681365274.cds261.sk1.hn,1681365274.cds210.sk1.c
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

472

URL

ocsp.sectigo.com/
IP

172.64.155.188:0
ASN

#13335 CLOUDFLARENET

Magic

data

Size

472
Hash

2461afb1b3416d2f78d89d42f151cb94

23f854b4371957825f778c544851d7ffb44509a3

a72ef27ba0b5dad3f954bb3524e718295d44bfa89889909d2326e5dd57b1215e

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 23:49:56 GMT
Expires: Mon, 17 Apr 2023 23:49:55 GMT
Etag: "23f854b4371957825f778c544851d7ffb44509a3"
Cache-Control: max-age=409519,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b717488997d0b31-OSL

ocsp.sectigo.com/

172.64.155.188

472

URL

ocsp.sectigo.com/
IP

172.64.155.188:0
ASN

#13335 CLOUDFLARENET

Magic

data

Size

472
Hash

2461afb1b3416d2f78d89d42f151cb94

23f854b4371957825f778c544851d7ffb44509a3

a72ef27ba0b5dad3f954bb3524e718295d44bfa89889909d2326e5dd57b1215e

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 23:49:56 GMT
Expires: Mon, 17 Apr 2023 23:49:55 GMT
Etag: "23f854b4371957825f778c544851d7ffb44509a3"
Cache-Control: max-age=409519,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b7174889a720b06-OSL

cdn.wildfungames.com/land/rou/img/spin_Roulette01.png

104.26.4.134

200 OK

43403

URL GET HTTP/1.1

cdn.wildfungames.com/land/rou/img/spin_Roulette01.png
IP

104.26.4.134:443
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerCloudflare, Inc.

Subjectcdn.wildfungames.com

Fingerprint12:07:77:64:D4:18:2D:3F:F1:FF:29:E7:5A:87:26:4A:BE:78:4D:1B

ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

PNG image data, 540 x 540, 8-bit colormap, non-interlaced\012- data

Size

43403
Hash

6e422805365b1b64d8da6b0d29ae8c69

37d523943fb63f409cd9a6da32fb5d7663a692da

a0c05360734297aae902dc48ed95cd7d3d3f818897f111c54aae6f042428b665

HTTP Headers

                                        GET /land/rou/img/spin_Roulette01.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:35 GMT
Content-Type: image/png
Content-Length: 43403
Connection: keep-alive
ETag: "6e422805365b1b64d8da6b0d29ae8c69"
Last-Modified: Fri, 27 Jan 2023 12:51:52 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1302
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FLNzZPK5Odi%2FZrXPcLURCnQcAqujUkkQyaghO97PkTcXjJIZp2JdjFmrnC2eWmFVGJxEQy2lczhhKsW3tkXlhDWHwqtu1mmtEzDRXWDCmZw%2FRNJZL54sYtmKKwAZqVP1Idl%2FvJI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b717489ee7e0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.wildfungames.com/land/rou/img/spin_Roulette00.png

104.26.4.134

200 OK

12991

URL GET HTTP/1.1

cdn.wildfungames.com/land/rou/img/spin_Roulette00.png
IP

104.26.4.134:443
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerCloudflare, Inc.

Subjectcdn.wildfungames.com

Fingerprint12:07:77:64:D4:18:2D:3F:F1:FF:29:E7:5A:87:26:4A:BE:78:4D:1B

ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

PNG image data, 170 x 190, 8-bit/color RGBA, non-interlaced\012- data

Size

12991
Hash

834a8095777aee926381dd13a5a8b3ab

c0f06099eea950232f33e02355d84dda44a6e35e

589d62b11a4171fb3a9b7c97b6963447601e36f8c2dcb36370dce75f5bd9687e

HTTP Headers

                                        GET /land/rou/img/spin_Roulette00.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:35 GMT
Content-Type: image/png
Content-Length: 12991
Connection: keep-alive
ETag: "834a8095777aee926381dd13a5a8b3ab"
Last-Modified: Fri, 27 Jan 2023 19:45:39 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 241
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7x%2F7p8bkaqcPcB%2BkWDT565GXmi9QkDHxzlNZUdbGzDxBT4MbNyMsijqlsZaQM1ij%2B0GZDP6gVeUndrGvfwTmw8EvratQbFRmcY8SRCixcNTaK8Zm3%2FEPpAPPKD00AupZl6p9Isfw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b717489ed98b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.wildfungames.com/land/rou/img/spin_Roulette03.png

104.26.4.134

200 OK

1316

URL GET HTTP/1.1

cdn.wildfungames.com/land/rou/img/spin_Roulette03.png
IP

104.26.4.134:443
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerCloudflare, Inc.

Subjectcdn.wildfungames.com

Fingerprint12:07:77:64:D4:18:2D:3F:F1:FF:29:E7:5A:87:26:4A:BE:78:4D:1B

ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

PNG image data, 269 x 138, 8-bit/color RGBA, non-interlaced\012- data

Size

1316
Hash

5e45d498bdb0b010e058b92e5d5097ac

8a1b41ef4c12fc85b4e4c7d28e3fcf48774054f7

9e860a039b138a3e94b704ff4aae7896c678d88d3c5e1ab2d08e3af5ceecdee6

HTTP Headers

                                        GET /land/rou/img/spin_Roulette03.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:35 GMT
Content-Type: image/png
Content-Length: 1316
Connection: keep-alive
ETag: "5e45d498bdb0b010e058b92e5d5097ac"
Last-Modified: Fri, 27 Jan 2023 12:51:53 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6631
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcfIpD5FJfxou8e8uOyWczeKC9bN8g3Hn7c9BW%2BAgkh0WKItySiJJUg8JCXC%2FwVTfeSqFwxwTC9u9hjMM6wi7cQdl3VotK1FjXvd3TxhuRnYpvr8QyAsBqgnDOvgCGdR4JDSp%2BMH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b717489e8b1b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.wildfungames.com/land/rou/img/spin_bg_desk.png

104.26.4.134

200 OK

110359

URL GET HTTP/1.1

cdn.wildfungames.com/land/rou/img/spin_bg_desk.png
IP

104.26.4.134:443
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerCloudflare, Inc.

Subjectcdn.wildfungames.com

Fingerprint12:07:77:64:D4:18:2D:3F:F1:FF:29:E7:5A:87:26:4A:BE:78:4D:1B

ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

PNG image data, 870 x 650, 8-bit colormap, non-interlaced\012- data

Size

110359
Hash

eafcb5a49ddbee590cfe266b1b0c8820

254de127e096c137b1a8c8e62cf3c96b7c6492e5

da07ed253e14bcf56880e11d0eddb2276a7da9b4f679d49fb17976b97b81172b

HTTP Headers

                                        GET /land/rou/img/spin_bg_desk.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:35 GMT
Content-Type: image/png
Content-Length: 110359
Connection: keep-alive
ETag: "eafcb5a49ddbee590cfe266b1b0c8820"
Last-Modified: Fri, 27 Jan 2023 14:03:36 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 241
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EuR6XouOKz4xq5192YTS5T4F78IKMI7BqJcyZ8N6ONAZqWhReFvdzNz4lX0%2B7A%2Fxh0o1F5BpIbsFp1QJB1IWCE3hZ%2BY7t1OGsAcrrTsOIdwfO%2BWiXoo%2F60daGTNbLtEuklev3V6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b71748a3ee80b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.wildfungames.com/land/rou/img/spin_Roulette02.png

104.26.4.134

200 OK

35051

URL GET HTTP/1.1

cdn.wildfungames.com/land/rou/img/spin_Roulette02.png
IP

104.26.4.134:443
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerCloudflare, Inc.

Subjectcdn.wildfungames.com

Fingerprint12:07:77:64:D4:18:2D:3F:F1:FF:29:E7:5A:87:26:4A:BE:78:4D:1B

ValidityFri, 27 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

PNG image data, 434 x 434, 8-bit colormap, non-interlaced\012- data

Size

35051
Hash

320aa52aa7ccfde051920d20967e0baa

7a6dc94d3aa311664e94d1259322f081b2f074f7

673f4069c0d4e4e256cd84e482cfc0e60fa76547aa6f62578b3f47c60299d4c1

HTTP Headers

                                        GET /land/rou/img/spin_Roulette02.png HTTP/1.1
Host: cdn.wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:35 GMT
Content-Type: image/png
Content-Length: 35051
Connection: keep-alive
ETag: "320aa52aa7ccfde051920d20967e0baa"
Last-Modified: Fri, 27 Jan 2023 19:45:41 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 240
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJDX4pvq%2FxMX3MfKQbWdGZk%2BVe9%2B%2BBVSMYzc16cSljp9qzSADCktuOiGPF4HjxzKMXm1r4PPDH3VflNMJSqKbMaBIzexBWNKAOLhQTP597DhHvgatXLUaN1igdjKlsAUI1T0phl5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b71748a7f260b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

redrotou.net/pfe/current/micro.tag.min.js?z=5759760&sw=/sw-check-permissions-93246.js

139.45.197.251

200 OK

14718

URL GET HTTP/1.1

redrotou.net/pfe/current/micro.tag.min.js?z=5759760&sw=/sw-check-permissions-93246.js
IP

139.45.197.251:80
ASN

#9002 RETN Limited

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920

Magic

C source, ASCII text, with very long lines (41570), with no line terminators

Size

14718
Hash

8a747bb6c8f74cf80d495b694d870971

fec181e60c6c982d8303539d9df704660022052b

5cab5900ba9e24b8389ac62421aaa9cd3a8cfa0c47f647f93bb3ee368c1ab392

HTTP Headers

                                        GET /pfe/current/micro.tag.min.js?z=5759760&sw=/sw-check-permissions-93246.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wildfungames.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Date: Thu, 13 Apr 2023 05:54:35 GMT
Content-Type: application/javascript
Last-Modified: Tue, 11 Apr 2023 14:26:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"64356e1f-a262"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip

wildfungames.com/favicon.ico

172.67.70.29

200 OK

URL GET HTTP/1.1

wildfungames.com/favicon.ico
IP

172.67.70.29:80
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920

Magic

MS Windows icon resource - 2 icons, 1x1, 2 colors, 1x1, 2 colors\012- data

Size

62
Hash

70515ac92cadd905fa8fecef584d0083

c50b7f0f44d82b3f7dc4aff73145371232b0f703

03901e6846adfc7d2216e031eab780e4605c70d24af897afda998c40b53a3d30

HTTP Headers

                                        GET /favicon.ico HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:35 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 12 Apr 2023 08:52:11 GMT
etag: W/"6436713b-96"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2303
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TIVhqh5LkGlw%2FLMDjMnL%2Bz0MdFvRbPYESj8qQ%2BLpTL%2BllBXkBR78xxSYf3UpYFyUcb%2BnM%2BQnup4g3ThZVS%2FlZCR98dIX27fCRdDKjWmijBBM3PO%2BJtkNVNkmUfOHmuZeFQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b71748af9eab4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

wildfungames.com/sw-check-permissions-93246.js

172.67.70.29

200 OK

293

URL GET HTTP/1.1

wildfungames.com/sw-check-permissions-93246.js
IP

172.67.70.29:80
ASN

#13335 CLOUDFLARENET

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920

Magic

Java source, ASCII text

Size

293
Hash

ec208c8136cd07ae2ba78fd5b53a3fc5

0619c767616df2274786ddd89dd1625199adc850

80a5a536319cdec5aa7e9bbc2417f3e548d890b8f37f529ffd38f52b9d4d7518

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /sw-check-permissions-93246.js HTTP/1.1
Host: wildfungames.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 05:54:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 12 Apr 2023 08:52:11 GMT
vary: Accept-Encoding
etag: W/"6436713b-236"
content-encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2303
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmUp65t5fKtrYCrJ%2BA2vwzhxo98IerYhQpkyajor1R0e88NC7P7A1uzZKAJI4qbeV2cZgLBS20%2Bh3sac4YjxduZTvnc0otkslm%2F29WNmcFaws6i11Vk08uyYO4NX0phRfcg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b71748b2a29b4ed-OSL
alt-svc: h2=":443"; ma=60

redrotou.net/zone?&pub=0&zone_id=5759760&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

200 OK

URL POST HTTP/2

redrotou.net/zone?&pub=0&zone_id=5759760&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
IP

139.45.197.251:443
ASN

#9002 RETN Limited

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerLet's Encrypt

Subjectredrotou.net

Fingerprint82:26:70:97:A6:64:2B:0D:51:75:05:03:52:AE:BE:EB:6C:F4:95:D6

ValidityThu, 02 Mar 2023 05:25:16 GMT - Wed, 31 May 2023 05:25:15 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        POST /zone?&pub=0&zone_id=5759760&is_mobile=false&domain=wildfungames.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wildfungames.com
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                        HTTP/2 200 OK
server: nginx
date: Thu, 13 Apr 2023 05:54:35 GMT
content-length: 0
x-trace-id: 67c1e2a9cd4e7bc13dba0f71e50bc3cf
access-control-allow-origin: http://wildfungames.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

185.244.209.62

200 OK

161409

URL GET HTTP/2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP

185.244.209.62:443
ASN

#58286 Electric-IT Business S.R.L.

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerSectigo Limited

Subjectcdn.jsdelivr.net

Fingerprint95:B3:FD:0C:F5:9E:0C:6C:F5:81:AB:DD:5D:6D:67:BF:FF:4A:FD:CC

ValiditySat, 01 Oct 2022 00:00:00 GMT - Fri, 20 Oct 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (65326)

Size

161409
Hash

d432e4222814b62dd30c9513dcc29440

2cac4afc120983921411296bd4e8fd8a94ba237e

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

HTTP Headers

                                        GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wildfungames.com
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: nginx
date: Thu, 13 Apr 2023 05:54:35 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-03-14T12:14:47+00:00, 2023-03-14T12:17:59+00:00
x-id: am3-up-gc89, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

185.244.209.62

200 OK

84378

URL GET HTTP/2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
IP

185.244.209.62:443
ASN

#58286 Electric-IT Business S.R.L.

Requested by

http://wildfungames.com/land/rou?campaign=ThIi&utm_campaign=ThIi&web=1&tcode=plc02f3cb0595e569cf24fbfb45d9920
Certificate

IssuerSectigo Limited

Subjectcdn.jsdelivr.net

Fingerprint95:B3:FD:0C:F5:9E:0C:6C:F5:81:AB:DD:5D:6D:67:BF:FF:4A:FD:CC

ValiditySat, 01 Oct 2022 00:00:00 GMT - Fri, 20 Oct 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (65299)

Size

84378
Hash

f81d0a1705048649befc8b595e455a94

aec551e4d573463088fca7d14fb644eb389f1839

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

HTTP Headers

                                        GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wildfungames.com
Connection: keep-alive
Referer: http://wildfungames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: nginx
date: Thu, 13 Apr 2023 05:54:35 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-03-14T12:14:53+00:00, 2023-03-14T12:17:39+00:00
x-id: am3-up-gc89, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

#1 JS:Script (size: 41570)

#2 JS:Script (size: 120)

#3 JS:Script (size: 11334)

#4 JS:Script (size: 2393)

#5 JS:Script (size: 561)

#6 JS:Script (size: 3694)

#7 JS:Script (size: 6566)

#8 JS:Script (size: 89501)

#9 JS:Script (size: 84378)

#10 JS:Script (size: 301)

HTTP Transactions (20)

URL User Request GET HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

Magic

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

Magic

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

Magic

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

Magic

Size

Hash

Detections