Report - www.weeklygamejam.com/lest-test.3.1.2.zip

Report Overview

Visited public
2025-05-10 23:35:39
Tags
Submit Tags
URL
www.weeklygamejam.com/lest-test.3.1.2.zip
Finishing URL
www.weeklygamejam.com/lest-test.3.1.2.zip
IP / ASN
38.38.246.3
#398478 PEG-HK
Title
404

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.weeklygamejam.com	unknown	2024-09-26	2025-05-02	2025-05-02	1.9 kB	3.6 kB	38.38.246.3
hm.baidu.com	8254	1999-10-11	2012-05-26	2025-05-07	2.2 kB	62 kB	14.215.183.79
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-05-07	442 B	366 kB	142.250.74.168
code.jqueryhtml.com	unknown	unknown	No data	No data	446 B	3.0 kB	104.21.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-10	medium	weeklygamejam.com	Sinkholed
2025-05-10	medium	weeklygamejam.com	Sinkholed
2025-05-10	medium	weeklygamejam.com	Sinkholed
2025-05-10	medium	weeklygamejam.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	www.weeklygamejam.com/lest-test.3.1.2.zip	Function	37 B	2023-04-11	2025-07-02
Pretty URL www.weeklygamejam.com/lest-test.3.1.2.zip IP 38.38.246.3 ASN #398478 PEG-HK Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-07-02 21:35 Times Seen39610 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	www.weeklygamejam.com/lest-test.3.1.2.zip	Function	295 B	2025-05-10	2025-05-10
Pretty URL www.weeklygamejam.com/lest-test.3.1.2.zip IP 38.38.246.3 ASN #398478 PEG-HK Introduced by Function Embedded in HTML false Observations First Seen2025-05-10 23:35 Last Seen2025-05-10 23:35 Times Seen1 Hash b1695387c48ec20939f809115da82d49 57a0b21d474bcebca41afacecb863574a88b80e1 92a6edca7982427cd2987dc3a41e97edc71c287085f42adb92b85001b8e3c0d6 Loading...

	www.weeklygamejam.com/lest-test.3.1.2.zip	Function	296 B	2025-05-10	2025-05-10
Pretty URL www.weeklygamejam.com/lest-test.3.1.2.zip IP 38.38.246.3 ASN #398478 PEG-HK Introduced by Function Embedded in HTML false Observations First Seen2025-05-10 23:35 Last Seen2025-05-10 23:35 Times Seen1 Hash 8dde4983fc40fbc9139d46f7d1080686 25751972c3354f07daf39edac0e5e1b728db81ef 3d72d08cf791b5056cd985800e3ffcc04d551f2e4f64fe117463bfa36de9939e Loading...

	hm.baidu.com/hm.js?1f407fee808bd414e311105ae4ce100e	ScriptElement	30 kB	2025-05-10	2025-05-10
Pretty URL hm.baidu.com/hm.js?1f407fee808bd414e311105ae4ce100e IP 14.215.183.79 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-10 23:35 Last Seen2025-05-10 23:35 Times Seen1 Hash c7a55c5b58f6e617ce51f7b4f2b5235f 2631fd7df8326e247490c82a51ff6a37e1e8bc85 f579aaa896881d017bdce5ec9c68e37573544866c0eba8b1e8b8837cc9c729ad Loading...

	www.weeklygamejam.com/lest-test.3.1.2.zip	ScriptElement	290 B	2025-05-10	2025-06-18
Pretty URL www.weeklygamejam.com/lest-test.3.1.2.zip IP 38.38.246.3 ASN #398478 PEG-HK Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 23:35 Last Seen2025-06-18 19:58 Times Seen93 Hash f978d15d3ff353bc1288c50ea5fce2a0 41ca3d5a0b3da5a13fc23b4c2ab5430f89c9629d 8ce43ac66178c273d38d6111e3e2627ea004c97ef25a63dd2f3a9946d5783f01 Loading...

	code.jqueryhtml.com/ajax/libs/jquery/3.8.1/jquery.js	ScriptElement	2.3 kB	2025-05-10	2025-05-10
Pretty URL code.jqueryhtml.com/ajax/libs/jquery/3.8.1/jquery.js IP 104.21.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-10 23:35 Last Seen2025-05-10 23:35 Times Seen1 Hash c28b03cf187bd8923d0f6652cdffbaa7 9e945a75e9e883e65364d3cc29c14b3e90588089 585c23221accec07d1d0c85a5065a166df7d27dbfdf4a1c47bf430202d759a2c Loading...

	www.googletagmanager.com/gtag/js?id=G-HRPXFX2SMR	ScriptElement	365 kB	2025-05-10	2025-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-HRPXFX2SMR IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-10 23:35 Last Seen2025-05-10 23:35 Times Seen1 Hash eff59da970e6630c9a4f3e4f4328abc4 a8c3ef9e707cb72d86baa3e2baaa48dfe3fdc287 6d1f21e0f41ae31d114ef651da920df78feb837b29e8e91c4274c8d84188f7dd Loading...

	www.weeklygamejam.com/lest-test.3.1.2.zip	Function	37 B	2023-04-11	2025-07-02
Pretty URL www.weeklygamejam.com/lest-test.3.1.2.zip IP 38.38.246.3 ASN #398478 PEG-HK Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-07-02 21:35 Times Seen39610 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	hm.baidu.com/hm.js?b02339e46f047b26d7adb7f56456681d	ScriptElement	30 kB	2025-05-10	2025-05-10
Pretty URL hm.baidu.com/hm.js?b02339e46f047b26d7adb7f56456681d IP 14.215.183.79 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-10 23:35 Last Seen2025-05-10 23:35 Times Seen1 Hash aa3f48c3361cd8681808408d477c4222 892e93447e8193ed8d50c161da1383182f761590 00858c1210e047ef1528b76fa17c6c36b66e1af83c2f9c9cc8f73b0d3dbcd912 Loading...

	www.weeklygamejam.com/lest-test.3.1.2.zip	Function	37 B	2023-04-11	2025-07-02
Pretty URL www.weeklygamejam.com/lest-test.3.1.2.zip IP 38.38.246.3 ASN #398478 PEG-HK Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-07-02 21:35 Times Seen39610 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	www.weeklygamejam.com/lest-test.3.1.2.zip	Function	37 B	2023-04-11	2025-07-02
Pretty URL www.weeklygamejam.com/lest-test.3.1.2.zip IP 38.38.246.3 ASN #398478 PEG-HK Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-07-02 21:35 Times Seen39610 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

HTTP Transactions (10)

URL IP Response Size

GET www.weeklygamejam.com/favicon.ico

38.38.246.3

404 Not Found

481 B

URL GET
www.weeklygamejam.com/favicon.ico
IP
38.38.246.3:443
ASN
#398478 PEG-HK

Requested by
https://www.weeklygamejam.com/lest-test.3.1.2.zip
Certificate
IssuerLet's Encrypt
Subjectweeklygamejam.com
Fingerprint23:00:37:C2:9A:38:A2:0F:B3:0B:A3:22:80:C6:5B:B5:03:1A:6A:45
ValiditySat, 12 Apr 2025 08:46:38 GMT - Fri, 11 Jul 2025 08:46:37 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
481 B (481 bytes)
Hash
49c3dd5db3c3168f3f1c299c2faf3898
161d262926ee83601dd47edc6f06b2b842a1e5c4
32f3f58607dd81d0bed480c63277da4725a8ff264d684eac05dd7ff5b959d5cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.weeklygamejam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.weeklygamejam.com/lest-test.3.1.2.zip
Cookie: hasVisited178a=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 10 May 2025 23:34:46 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

GET hm.baidu.com/hm.js?1f407fee808bd414e311105ae4ce100e

14.215.183.79

200 OK

30 kB

URL GET
hm.baidu.com/hm.js?1f407fee808bd414e311105ae4ce100e
IP
14.215.183.79:443
ASN
#4134 Chinanet

Requested by
https://www.weeklygamejam.com/lest-test.3.1.2.zip
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT

File type
JavaScript source, ASCII text, with very long lines (621)
Size
30 kB (29897 bytes)
Hash
c7a55c5b58f6e617ce51f7b4f2b5235f
2631fd7df8326e247490c82a51ff6a37e1e8bc85
f579aaa896881d017bdce5ec9c68e37573544866c0eba8b1e8b8837cc9c729ad

HTTP Headers

GET /hm.js?1f407fee808bd414e311105ae4ce100e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.weeklygamejam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11291
Content-Type: application/javascript
Date: Sat, 10 May 2025 23:35:13 GMT
Etag: 9d1492567b22b000000919fa90a16a1b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BBF650D0C32B2E36; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

GET www.googletagmanager.com/gtag/js?id=G-HRPXFX2SMR

142.250.74.168

200 OK

365 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-HRPXFX2SMR
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.weeklygamejam.com/lest-test.3.1.2.zip
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT

File type
JavaScript source, ASCII text, with very long lines (6125)
Size
365 kB (365334 bytes)
Hash
eff59da970e6630c9a4f3e4f4328abc4
a8c3ef9e707cb72d86baa3e2baaa48dfe3fdc287
6d1f21e0f41ae31d114ef651da920df78feb837b29e8e91c4274c8d84188f7dd

HTTP Headers

GET /gtag/js?id=G-HRPXFX2SMR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.weeklygamejam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 May 2025 23:35:11 GMT
expires: Sat, 10 May 2025 23:35:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 123440
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET hm.baidu.com/hm.gif?hca=F4F5954462E5D9F6&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=477571131&si=b02339e46f047b26d7adb7f56456681d&v=1.3.2&lv=1&sn=19154&r=0&ww=1280&u=https%3A%2F%2Fwww.weeklygamejam.com%2Flest-test.3.1.2.zip&tt=404

14.215.183.79

200 OK

43 B

URL GET
hm.baidu.com/hm.gif?hca=F4F5954462E5D9F6&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=477571131&si=b02339e46f047b26d7adb7f56456681d&v=1.3.2&lv=1&sn=19154&r=0&ww=1280&u=https%3A%2F%2Fwww.weeklygamejam.com%2Flest-test.3.1.2.zip&tt=404
IP
14.215.183.79:443
ASN
#4134 Chinanet

Requested by
https://www.weeklygamejam.com/lest-test.3.1.2.zip
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?hca=F4F5954462E5D9F6&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=477571131&si=b02339e46f047b26d7adb7f56456681d&v=1.3.2&lv=1&sn=19154&r=0&ww=1280&u=https%3A%2F%2Fwww.weeklygamejam.com%2Flest-test.3.1.2.zip&tt=404 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.weeklygamejam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 10 May 2025 23:35:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E3668AA27634FAD6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

GET hm.baidu.com/hm.gif?hca=F4F5954462E5D9F6&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2048755998&si=1f407fee808bd414e311105ae4ce100e&v=1.3.2&lv=1&sn=19154&r=0&ww=1280&u=https%3A%2F%2Fwww.weeklygamejam.com%2Flest-test.3.1.2.zip&tt=404

14.215.183.79

200 OK

43 B

URL GET
hm.baidu.com/hm.gif?hca=F4F5954462E5D9F6&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2048755998&si=1f407fee808bd414e311105ae4ce100e&v=1.3.2&lv=1&sn=19154&r=0&ww=1280&u=https%3A%2F%2Fwww.weeklygamejam.com%2Flest-test.3.1.2.zip&tt=404
IP
14.215.183.79:443
ASN
#4134 Chinanet

Requested by
https://www.weeklygamejam.com/lest-test.3.1.2.zip
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?hca=F4F5954462E5D9F6&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2048755998&si=1f407fee808bd414e311105ae4ce100e&v=1.3.2&lv=1&sn=19154&r=0&ww=1280&u=https%3A%2F%2Fwww.weeklygamejam.com%2Flest-test.3.1.2.zip&tt=404 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.weeklygamejam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 10 May 2025 23:35:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=087CBA8E8AEF197C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

GET code.jqueryhtml.com/ajax/libs/jquery/3.8.1/jquery.js

104.21.96.1

200 OK

2.3 kB

URL GET
code.jqueryhtml.com/ajax/libs/jquery/3.8.1/jquery.js
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.weeklygamejam.com/lest-test.3.1.2.zip
Certificate
IssuerGoogle Trust Services
Subjectjqueryhtml.com
Fingerprint2C:83:4A:F0:11:19:67:33:8F:CC:79:4A:F4:E1:CC:07:A3:46:76:52
ValidityFri, 02 May 2025 21:48:03 GMT - Thu, 31 Jul 2025 22:46:33 GMT

File type
JavaScript source, ASCII text, with very long lines (1139)
Size
2.3 kB (2312 bytes)
Hash
c28b03cf187bd8923d0f6652cdffbaa7
9e945a75e9e883e65364d3cc29c14b3e90588089
585c23221accec07d1d0c85a5065a166df7d27dbfdf4a1c47bf430202d759a2c

HTTP Headers

GET /ajax/libs/jquery/3.8.1/jquery.js HTTP/1.1
Host: code.jqueryhtml.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.weeklygamejam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 23:35:11 GMT
content-type: application/javascript
server: cloudflare
last-modified: Sat, 10 May 2025 19:39:44 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: W/"681fab80-908"
expires: Sun, 11 May 2025 08:53:22 GMT
cache-control: max-age=43200
content-encoding: gzip
age: 9709
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=o5XpDRwXxoelMGo5iV08tHJ8zIf9BCNBJ96dBe0aRCT%2BOrj7eyNJL4dNwsQFq0hFI1nW1ErWOczgqEFrk%2BAIMTnyjlmkLtrgLzMKAmWwO1yFQ0fiD0OkfzvWtgPXLZxBgiLnCvVb"}]}
cf-ray: 93dd40682a291c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.weeklygamejam.com/lest-test.3.1.2.zip

38.38.246.3

301 Moved Permanently

788 B

URL User Request GET
www.weeklygamejam.com/lest-test.3.1.2.zip
IP
38.38.246.3:80
ASN
#398478 PEG-HK

File type

Size
788 B (788 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lest-test.3.1.2.zip HTTP/1.1
Host: www.weeklygamejam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 10 May 2025 23:34:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.weeklygamejam.com/lest-test.3.1.2.zip
Strict-Transport-Security: max-age=31536000

GET www.weeklygamejam.com/lest-test.3.1.2.zip

38.38.246.3

404 Not Found

788 B

URL User Request GET
www.weeklygamejam.com/lest-test.3.1.2.zip
IP
38.38.246.3:443
ASN
#398478 PEG-HK

Certificate
IssuerLet's Encrypt
Subjectweeklygamejam.com
Fingerprint23:00:37:C2:9A:38:A2:0F:B3:0B:A3:22:80:C6:5B:B5:03:1A:6A:45
ValiditySat, 12 Apr 2025 08:46:38 GMT - Fri, 11 Jul 2025 08:46:37 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (307), with CRLF, LF line terminators
Size
788 B (788 bytes)
Hash
83f63f7daf5e26552f0883981f97fe35
e09efdd35249bb12bc59266968445c68854d06de
2af0a6efa65067928215f37155aa7bdd98131e3c59c407e2a213ff12bb6d71ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lest-test.3.1.2.zip HTTP/1.1
Host: www.weeklygamejam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 10 May 2025 23:34:46 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

GET hm.baidu.com/hm.js?b02339e46f047b26d7adb7f56456681d

14.215.183.79

200 OK

30 kB

URL GET
hm.baidu.com/hm.js?b02339e46f047b26d7adb7f56456681d
IP
14.215.183.79:443
ASN
#4134 Chinanet

Requested by
https://www.weeklygamejam.com/lest-test.3.1.2.zip
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT

File type
JavaScript source, ASCII text, with very long lines (624)
Size
30 kB (29900 bytes)
Hash
aa3f48c3361cd8681808408d477c4222
892e93447e8193ed8d50c161da1383182f761590
00858c1210e047ef1528b76fa17c6c36b66e1af83c2f9c9cc8f73b0d3dbcd912

HTTP Headers

GET /hm.js?b02339e46f047b26d7adb7f56456681d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.weeklygamejam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11294
Content-Type: application/javascript
Date: Sat, 10 May 2025 23:35:13 GMT
Etag: 222304f9a5dd79d913ed5a78f48da4f7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F4F5954462E5D9F6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

GET www.weeklygamejam.com/lest-test.3.1.2.zip

38.38.246.3

404 Not Found

788 B

URL User Request GET
www.weeklygamejam.com/lest-test.3.1.2.zip
IP
38.38.246.3:443
ASN
#398478 PEG-HK

Certificate
IssuerLet's Encrypt
Subjectweeklygamejam.com
Fingerprint23:00:37:C2:9A:38:A2:0F:B3:0B:A3:22:80:C6:5B:B5:03:1A:6A:45
ValiditySat, 12 Apr 2025 08:46:38 GMT - Fri, 11 Jul 2025 08:46:37 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (307), with CRLF, LF line terminators
Size
788 B (788 bytes)
Hash
83f63f7daf5e26552f0883981f97fe35
e09efdd35249bb12bc59266968445c68854d06de
2af0a6efa65067928215f37155aa7bdd98131e3c59c407e2a213ff12bb6d71ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lest-test.3.1.2.zip HTTP/1.1
Host: www.weeklygamejam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 10 May 2025 23:34:45 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML