Report - netcdn.co/app/431946152/roblox-free-clothes-hack-2021-game-hack

Report Overview

Submitted URL
netcdn.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
IP
91.223.82.61
ASN
#199968 Iws Networks LLC
Submitted
2022-12-07 05:47:53
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
86

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	11 kB	142.250.74.106
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	807 B	216.58.211.14
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	337 B	1.4 kB	34.102.187.140
gaminghelper.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	265 kB	91.223.82.61
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	503 B	46 kB	216.58.207.227
translate.googleapis.com	1005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	4.6 kB	142.250.74.138
s4.histats.com	12782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	632 B	183 B	149.56.240.31
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	44 kB	34.120.237.76
netcdn.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	572 B	91.223.82.61
is1-ssl.mzstatic.com	1597	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	13 kB	23.38.200.24
i0.wp.com	3021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	1.2 kB	192.0.77.2
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	1.7 kB	142.250.74.35
track.enigmacdn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	21 kB	91.223.82.61
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	9.7 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	7.0 kB	142.250.74.131
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	788 B	84 kB	142.250.74.170
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	7.4 kB	104.18.11.207
downloadlocked.com	127304	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	5.5 kB	23.22.126.183
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.20.60
s10.histats.com	15211	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	4.7 kB	46.105.201.240

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	gaminghelper.co/js/jquery.countTo.js	Phishing
2022-12-07	medium	gaminghelper.co/js/validator.min.js	Phishing
2022-12-07	medium	gaminghelper.co/js/com.js	Phishing
2022-12-07	medium	gaminghelper.co/js/sweetalert2.min.js	Phishing
2022-12-07	medium	gaminghelper.co/js/form-scripts.js	Phishing
2022-12-07	medium	gaminghelper.co/js/jquery.magnific-popup.min.js	Phishing
2022-12-07	medium	gaminghelper.co/js/sticky.js	Phishing
2022-12-07	medium	gaminghelper.co/js/main.js	Phishing
2022-12-07	medium	gaminghelper.co/fonts/bebasneue_bold-webfont.html	Phishing
2022-12-07	medium	gaminghelper.co/fonts/bebasneue_regular-webfont.html	Phishing
2022-12-07	medium	gaminghelper.co/fonts/et-line.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed
2022-12-07	medium	gaminghelper.co	Sinkholed

JavaScript (20)

	URL	Size	First Seen	Last Seen
	gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack	134 B	2023-03-07	2024-04-18
Pretty URL gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-18 16:44:47 Times Seen300 Hash 75606a24bd728e5d7d7256fbb679bc26 7bfbb31c174ab2a6f4c68c9852c8444c075eab43 9932726d2c87611c904eb0b04d822e785cd73f693838aa2cae3fc90a7d8d7746 Loading...

	gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack	536 B	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash e5b8ea1cfa205b2dac9f8a92205f59fa b128ca1db079d2e4c4b781ea52d16677b18a8f0d e511583166051fad920d844a259034a0186bc0287371ac576de4b33dfc1234ee Loading...

	track.enigmacdn.com/matomo.js	62 kB	2023-03-07	2024-03-21
Pretty URL track.enigmacdn.com/matomo.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-21 00:53:25 Times Seen62 Hash d11aac5ce224776b3bf4b7f3830b5715 3f839e5521a7c2bb935398532d88ed0db6d7ef82 06587cdfccdef20227d296641a33b1d477131b6873024164bcb9a31aa6343018 Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-03-25
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-25 09:24:29 Times Seen1978 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack	22 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-03-17 12:42:32 Times Seen1 Hash 8f1921eedeaf84979b94a5ee06db8361 6e986775e93672eab866417d2700167d0779523c 6ce4811a222a24eb818fb70f6adfc65138c800dc3118a733e143d624c4fb9fcb Loading...

	gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack	424 B	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 12:49:45 Times Seen1 Hash 78ba106660ccbf94e4396883aae7f529 ae295fb3fbe8c1306d8a3c268429d0360e82218b adf239ecfa137f53ba82a75fe82b26ed11768e184b8904d2f35655749ad5dd22 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.-1M3Gp9Xl7M.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq0ggZFoVeigagsNVCTXEiRqpVJTQ/m=el_main	212 kB	2023-03-08	2023-03-08
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.-1M3Gp9Xl7M.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq0ggZFoVeigagsNVCTXEiRqpVJTQ/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:54 Last Seen2023-03-08 21:11:40 Times Seen1 Hash 51cb27a01f4f4befa00bb995565e51ae f7fa7bca5937b82a38ceb7eed4c324e32b1ad549 13baec7e8be3c4f28a4f61dfa8a40ca67d7075d99ffc5f802d755a2f2878ea2f Loading...

	s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670392063651&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:194366786&@b3:1670392064&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-free-clothes-hack-2021-game-hack&@w	51 B	2023-03-07	2023-03-12
Pretty URL s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670392063651&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:194366786&@b3:1670392064&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-free-clothes-hack-2021-game-hack&@w IP 149.56.240.31 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:28 Last Seen2023-03-12 17:57:52 Times Seen1 Hash 6cf4c79c14fb638c0b4370867d5335e4 721c9f9a83f199fec33bd43ce6041bfd12c37a07 fec0dfe33d2c33dc3fa3d67f826177f894862df45d6233873f41e8c270a8587f Loading...

	gaminghelper.co/js/validator.min.js	6.1 kB	2023-03-07	2024-04-12
Pretty URL gaminghelper.co/js/validator.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-12 19:45:27 Times Seen915 Hash 81df0465f243a2e7b7b06b8ad6015173 996eb26bb4bdb44ed5257d048cedaf3ed0a6f90c c31a654938abf168fca328d9663ea83999b87ff36d18b016ea8aace1a9cb2cb1 Loading...

	gaminghelper.co/js/com.js	18 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/js/com.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash 25da4b390ac3c74f08d94136ab818c4f 9f958878fd1eebaa29814ad9fb2ef2b0e64850ca 7c8c1910127d6819826ff82fadaa97c734c68e7b1dca436ab0e52ada016940cc Loading...

	gaminghelper.co/js/main.js	41 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/js/main.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:45 Times Seen1 Hash bede286c34301eb26586b72e75e78b04 9532a06f8a2e823a3e9bf2aad3db9e9ac68fd350 3bcd8ddbc045a523b9ee81867e298a40d75a2a2ecc53d44257f2487c50bbe02c Loading...

	ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js	200 kB	2023-03-07	2024-03-22
Pretty URL ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2024-03-22 19:16:45 Times Seen485 Hash 234f1553c7d27cce512062c59800a9a8 b48e01c35c1e6ad622386b9a3161bd1bf02723c8 d87043ac816dbfadae73fcc32f84eadb9a665cf97ae938bea9702a27d3e9a54a Loading...

	downloadlocked.com/cl/js/114v1	2.8 kB	2023-03-07	2023-03-17
Pretty URL downloadlocked.com/cl/js/114v1 IP 23.22.126.183 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash 1f988d013c5e133555235469c0c92616 d8b81b2e5f125680c977a6e296580e55088db6a9 82989a0b0aa7050c358cdac4edcedada2e6f58f02861418bfa375dd92a037f00 Loading...

	gaminghelper.co/js/jquery.countTo.js	3.8 kB	2023-03-07	2024-04-05
Pretty URL gaminghelper.co/js/jquery.countTo.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-05 06:37:17 Times Seen457 Hash acad36d38da9f68c52bb074b2c478d0f 922c71c5699f9306a415a7a344be46d92e0fc4a1 00619814b3b256720a9ffd9408397d0ffe5559ff301d608eb66f585343fd83a2 Loading...

	gaminghelper.co/js/form-scripts.js	1.5 kB	2023-03-07	2024-01-23
Pretty URL gaminghelper.co/js/form-scripts.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-01-23 15:52:36 Times Seen12 Hash 1ed21b81ae655c54943ed33ea9109c4a 0aa5bc09f55ef28b87dba9025094ec8b2a9ed8a0 135922615df355461155701925a7534d9e94c0d0433160ffa68c100ed9524e14 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 19:46:55 Times Seen37045560 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	gaminghelper.co/js/fancySelect.js	6.8 kB	2023-03-07	2024-01-29
Pretty URL gaminghelper.co/js/fancySelect.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-01-29 12:40:14 Times Seen59 Hash c74159f77d12d9998d8c173e153b7999 5dd2266cf7eb14f2967be6691b7ff0e393cba733 be013828b8a66ccdbdc65234532cfd4a04a73c7778a42d7b0bf952278846f1a2 Loading...

	gaminghelper.co/js/sweetalert2.min.js	20 kB	2023-03-07	2024-02-10
Pretty URL gaminghelper.co/js/sweetalert2.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-02-10 04:05:40 Times Seen448 Hash 0ad69b0e70b7da1bb8f8a96e9e6b5d9a 7d21a0c1f43d3edb47dd9e69b05243f3fcb53152 4051f26691def4eafcae32928be110c13d1819e544a12b0a9b95378bfaf9859b Loading...

	gaminghelper.co/js/jquery.magnific-popup.min.js	21 kB	2023-03-07	2024-04-24
Pretty URL gaminghelper.co/js/jquery.magnific-popup.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-24 12:02:58 Times Seen2403 Hash be3333626c57af03599abcb59b325e09 3824067348f6485d6b07d3a43660804e3731b21a ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	76 kB	2023-03-08	2023-03-08
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:39:08 Last Seen2023-03-08 20:39:37 Times Seen1 Hash 40517253fb992ab65cb12246200691f1 4dc66776fd84939fdbc4a2656709b02e76177396 2d735d569daa271be9d45521059e75e36f00d09999ade26c00cfff4be8befc9f Loading...

HTTP Transactions (84)

URL IP Response Size

netcdn.co/app/431946152/roblox-free-clothes-hack-2021-game-hack

91.223.82.61

301 Moved Permanently

285 B

URL HTTP/1.1
netcdn.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
285 B (285 bytes)
Hash
d0d4a5ccc09ec24ab5c6156aa8eeb017
2d1f021dbb44f1621824d5fcc0e62fe9dd7a3329
bec1454d8ba3a2b7755f6a4fe403c6562354355b32ce0862b23689bb47f14721

HTTP Headers

GET /app/431946152/roblox-free-clothes-hack-2021-game-hack HTTP/1.1
Host: netcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 285
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8592
Expires: Wed, 07 Dec 2022 08:10:54 GMT
Date: Wed, 07 Dec 2022 05:47:42 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2743
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:42 GMT
Last-Modified: Wed, 07 Dec 2022 05:01:59 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8736
Expires: Wed, 07 Dec 2022 08:13:18 GMT
Date: Wed, 07 Dec 2022 05:47:42 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: kB6SWS9l9FqAblyiFL25GwMZ6KX/98VYF8CX/jK2SaXgnGkyC1JDJy8j6fGfeLO+PVoaCU6uIoY=
x-amz-request-id: XEGAY0ESZFJJJ2TV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 04:49:14 GMT
age: 3508
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 05:20:28 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1634
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8a6993735f24c3a251dde80d5f02f0d8
678ebfc798b523dfd09402a3a28cab650eeb3cb8
1f5e7a6f60f0d74868be69b00ce49814c4a6087dd081d1d40fa09708bf9062c4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F5E7A6F60F0D74868BE69B00CE49814C4A6087DD081D1D40FA09708BF9062C4"
Last-Modified: Tue, 06 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Wed, 07 Dec 2022 06:57:45 GMT
Date: Wed, 07 Dec 2022 05:47:42 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:47:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Size
20 kB (20002 bytes)
Hash
433a2c7fe0b062efd5da0f3a5c1702aa
4b3835801db1f5c129cfc2eaea3ab226002219f4
5c0bf583a5805bf2504f620c633a783c9678b13b5f8d943456eb0f062871123b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /app/431946152/roblox-free-clothes-hack-2021-game-hack HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
a4acd48df178d17fa1c0d0b5efdbf934
4a26acacfa9dba379aca98007fbe6cc2baf0aba3
e1d1488a8815657e7c828976d26cc5d9727630cb966be27999e801213eb29e76

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2435
Cache-Control: max-age=93252
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:42 GMT
Etag: "638ee8bf-116"
Expires: Thu, 08 Dec 2022 07:41:54 GMT
Last-Modified: Tue, 06 Dec 2022 07:01:19 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278

gaminghelper.co/css/bootstrap.min.css

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/css/bootstrap.min.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (65371)
Size
20 kB (19597 bytes)
Hash
3f142cfc2d7123b31a1e696e0591f27a
834192dbadf2713cd2ff89f50d7ec2f1d4782e54
3421e2383a7c02f24509d2f1294d3099b658d0773f97706b87b832b0b770c0b6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-1d9bb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/magnific-popup.css

91.223.82.61

200 OK

2.0 kB

URL HTTP/1.1
gaminghelper.co/css/magnific-popup.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
2.0 kB (1994 bytes)
Hash
c0275239cb960b014d780d8105b44d72
8db83ac790988232549a3740ecf04fc199da1ce8
211b79363793093a7a2f1d342768844e938e88156b62293093185a6500ead1cf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/magnific-popup.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-1f0a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/css/sweetalert2.min.css

91.223.82.61

200 OK

2.7 kB

URL HTTP/1.1
gaminghelper.co/css/sweetalert2.min.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (13987), with no line terminators
Size
2.7 kB (2737 bytes)
Hash
1cfac88a4a8e1bc20b811757fb028b40
10427c064f703342d031411a3310e2a5ef2083bc
53976df2ad3ce0c0f2632bb620bbb02d930a5eb943298170e97189f029a0d70d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/sweetalert2.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c106-36a3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/jquery.countTo.js

91.223.82.61

200 OK

1.1 kB

URL HTTP/1.1
gaminghelper.co/js/jquery.countTo.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.1 kB (1125 bytes)
Hash
547f5246e091d19af521dee35588e468
4772f3c1e62865ccbbab04abd39e69510c8f5843
67880d8532d95db3e74b7da985ca2fe7c9d9660e3dd125202cebcda96a2007e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.countTo.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b3-eb1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/animate.css

91.223.82.61

200 OK

4.0 kB

URL HTTP/1.1
gaminghelper.co/css/animate.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
4.0 kB (4026 bytes)
Hash
48bc9b81bca18c06ba937cbb880b4cb3
697313edfad185bcca5c7bde18da4a98f93e3adb
b30b4d8565f9af6c8d2cb3839aa09dbccd60ca1a766465d542debade38f45741

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-10cbc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/fancySelect.css

91.223.82.61

200 OK

1.0 kB

URL HTTP/1.1
gaminghelper.co/css/fancySelect.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.0 kB (1023 bytes)
Hash
458a1a06f282aa4c457a8b613d6a38e6
b524e1cb32722230e18bc85f414b9a10e43a7e2d
3f41176d4616a36f4325865bb3c0ea652f3616dec60b31bd923df91f600506b2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/fancySelect.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-109d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

142.250.74.170

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32025)
Size
30 kB (29725 bytes)
Hash
83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421

HTTP Headers

GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 16:58:49 GMT
expires: Sun, 03 Dec 2023 16:58:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 305333
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gaminghelper.co/css/style.css

91.223.82.61

200 OK

8.5 kB

URL HTTP/1.1
gaminghelper.co/css/style.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (1512)
Size
8.5 kB (8520 bytes)
Hash
4d36bdeba8bb00f4ee280771fddfa689
8dfbed7251f5bb010d5fe8f64e0d60abc3e9fd54
08bb84420272831b8755bc5bd2858bf8a486006a9367b670d826ee516262a2c8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c106-bd7b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/validator.min.js

91.223.82.61

200 OK

2.1 kB

URL HTTP/1.1
gaminghelper.co/js/validator.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (5862)
Size
2.1 kB (2094 bytes)
Hash
1ab13fa2eeca5d16de99a1cad839416c
0d0a95bd88d04b02d89e1162dd3ebb20b5543dd8
56b8d7fb44f86809b49d416022455ac170fb0b79d1ab4b6e5192a046e660f667

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/validator.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-17a7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/com.js

91.223.82.61

200 OK

3.3 kB

URL HTTP/1.1
gaminghelper.co/js/com.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
C source, Unicode text, UTF-8 text, with very long lines (2456)
Size
3.3 kB (3265 bytes)
Hash
ecf323c878106fa274f5e9f3b3a82437
86b15826e8a83c81da7ef264dd8e3ff59ef5c1bf
28babf5e232e3dc0985bab21a28eea25b17bc078bafc92a6ba049eefb1e45720

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/com.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-461a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/sweetalert2.min.js

91.223.82.61

200 OK

6.5 kB

URL HTTP/1.1
gaminghelper.co/js/sweetalert2.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (20305), with no line terminators
Size
6.5 kB (6538 bytes)
Hash
b238ef007e57c4c8f9447cba68fdb3a2
2d4ca455aca3fcd8ee7ac2e2883cfa89c87bd532
aeafa1e7bb6a973eac2b4f5462844b1c2d64d53eb2e09e75f265e646320f7080

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/sweetalert2.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-4f51"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/form-scripts.js

91.223.82.61

200 OK

609 B

URL HTTP/1.1
gaminghelper.co/js/form-scripts.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
609 B (609 bytes)
Hash
4fb85eb3b2f0dd8b8f5953c58236da3e
1c9f6c7a15a3248147e056672ffbf4fdbaed6718
3dd0f5e5567c73519dc3eeb98ba6fef9d2b2982af24544ba3d7bbc684d6bae6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/form-scripts.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-5bd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/jquery.magnific-popup.min.js

91.223.82.61

200 OK

7.7 kB

URL HTTP/1.1
gaminghelper.co/js/jquery.magnific-popup.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (21014)
Size
7.7 kB (7685 bytes)
Hash
12a9a563724e70a895de0fbd5f7b4ee5
a14c616f532deb9ca2d5fa0de6124d47ea60ab57
f2e1cd5f2953925591288bd1cc3f167bbd392497476119083458e33e9ab87079

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b6-5297"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/sticky.js

91.223.82.61

200 OK

0 B

URL HTTP/1.1
gaminghelper.co/js/sticky.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/sticky.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: application/javascript
Content-Length: 0
Last-Modified: Fri, 03 Sep 2021 06:33:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c1b8-0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
a4acd48df178d17fa1c0d0b5efdbf934
4a26acacfa9dba379aca98007fbe6cc2baf0aba3
e1d1488a8815657e7c828976d26cc5d9727630cb966be27999e801213eb29e76

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2436
Cache-Control: max-age=93252
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Etag: "638ee8bf-116"
Expires: Thu, 08 Dec 2022 07:41:55 GMT
Last-Modified: Tue, 06 Dec 2022 07:01:19 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/js/main.js

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/js/main.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (16162)
Size
15 kB (15195 bytes)
Hash
562dc83f2f14b713905fe69a0994e11d
43cd616f9ea8c8c1eb0edccd54a29e2490fcf90a
745ecf708bc71ba73f7071b8a35c3f639ec7f3e05ceb826458a1b6a8fb4fe782

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/main.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:42 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b7-a08b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js

142.250.74.170

200 OK

52 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (563)
Size
52 kB (51711 bytes)
Hash
d3908721b39ebbeffaf1c917bbda06e8
0f9b6c6bdad9cfc057f3e85f52cc417370959fb9
4ae100977cea8b9965e5d231f3ae655783b4f163c56ee703953aff937525ed37

HTTP Headers

GET /ajax/libs/jqueryui/1.8.13/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 51711
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 04:05:42 GMT
expires: Tue, 05 Dec 2023 04:05:42 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 178921
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

104.18.11.207

200 OK

6.5 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27303)
Size
6.5 kB (6496 bytes)
Hash
ceb65d5f18cc29680bc8e8beabda0046
e77cd743ea3d4465dbd9f1896cd42c51137ea221
dee52f82d0001ce89e75a49536ba91d933cecad36165cde11fd14f4242dfa8ea

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:47:42 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 15836310
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775af7d8daa7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2a968eabc6cee919e075669d87b831b7
893ea41b0a46d2380200c3e10bca9cc160949bfa
5f9599db7547e4c6aa45741a8af4f75ebc649d5d264aa6e11864178e44d02b9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F9599DB7547E4C6AA45741A8AF4F75EBC649D5D264AA6E11864178E44D02B9B"
Last-Modified: Mon, 05 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2292
Expires: Wed, 07 Dec 2022 06:25:55 GMT
Date: Wed, 07 Dec 2022 05:47:43 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2733
Cache-Control: max-age=101080
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:52:23 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e3a84ff69d450f8dbbb876b09c91e3fa
f0f8be05011a384bc38970a5cd162c9007ab3e2e
e8312d694cf22c6c03b5d6c2e1e1e9bf5bf15ae72dd4c561cf5b2cc08690cc97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1070
Cache-Control: max-age=126811
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Etag: "638f712c-1d7"
Expires: Thu, 08 Dec 2022 17:01:14 GMT
Last-Modified: Tue, 06 Dec 2022 16:43:24 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

is1-ssl.mzstatic.com/image/thumb/Purple122/v4/a4/fe/2c/a4fe2c4a-90b1-014e-659e-3a28a5c007f2/AppIcon-1x_U007emarketing-0-7-0-0-85-220.png/150x150bb.jpg

23.38.200.24

200 OK

12 kB

URL HTTP/2
is1-ssl.mzstatic.com/image/thumb/Purple122/v4/a4/fe/2c/a4fe2c4a-90b1-014e-659e-3a28a5c007f2/AppIcon-1x_U007emarketing-0-7-0-0-85-220.png/150x150bb.jpg
IP
23.38.200.24:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 150x150, components 3\012- data
Size
12 kB (12213 bytes)
Hash
6eb1d304fa012decf9cd56a778a46362
5b33f46a6d05b4452b8982e6dd0fcb09e4f9919f
4c7ee20c33b270302f32b1de861d6d9f2166ecc180ee6e2bfeb31f9c3658a69c

HTTP Headers

GET /image/thumb/Purple122/v4/a4/fe/2c/a4fe2c4a-90b1-014e-659e-3a28a5c007f2/AppIcon-1x_U007emarketing-0-7-0-0-85-220.png/150x150bb.jpg HTTP/1.1
Host: is1-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/jpeg
content-length: 12213
x-apple-jingle-correlation-key: MNOZ4TGAMVIWVVWVOH7Z6IO7Q4
x-apple-request-uuid: 635d9e4c-c065-516a-d6d5-71ff9f21df87
b3: 635d9e4cc065516ad6d571ff9f21df87-35bddc76829ce902
x-b3-traceid: 635d9e4cc065516ad6d571ff9f21df87
x-b3-spanid: 35bddc76829ce902
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Fri, 18 Nov 2022 23:10:35 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjY4ODEzMDM1NDI0LGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMTI5LG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22RELEASE148:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: ac34c857-c503-4762-a913-2e4cba71b436-2512119721
cache-control: no-transform, max-age=15124788
date: Wed, 07 Dec 2022 05:47:43 GMT
x-cache: TCP_HIT from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
X-Firefox-Spdy: h2

gaminghelper.co/img/robux.png

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/img/robux.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 220 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14564 bytes)
Hash
9c5420a8f8c55be36294fce245595dba
4b9a024b51a475b1b7514a7650ff684ec9323572
44e5a0923e6a0c2157435f215db9d3c2edf95408dfb3d87fa553830f582e24fd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/robux.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: image/png
Content-Length: 14564
Last-Modified: Fri, 03 Sep 2021 06:31:43 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14f-38e4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Open+Sans:300,400,700

142.250.74.106

200 OK

10 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
10 kB (10049 bytes)
Hash
bb9815054fe9af80feb51d0d6e0f6cda
d4e93ccfc2b19170304171e0e21b755878ff007e
049a8f45c10b27d561e8e25dd50abeb3bf97e44701ddb9a1bf3a1b36ae1128f0

HTTP Headers

GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 05:47:42 GMT
date: Wed, 07 Dec 2022 05:47:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i0.wp.com/enigmanetwork.net/dmca.png

192.0.77.2

200 OK

668 B

URL HTTP/2
i0.wp.com/enigmanetwork.net/dmca.png
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
668 B (668 bytes)
Hash
fa302d465f15a34e8264bc761a6902aa
2c73911e3cfcf82860d1d59a0ccd2625ae98fffb
0cbddd5e01b49d35d16b15fc54a481a17a0f2803c2da6807800428139dd50f7f

HTTP Headers

GET /enigmanetwork.net/dmca.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:47:43 GMT
content-type: image/webp
content-length: 668
last-modified: Thu, 04 Aug 2022 17:20:08 GMT
expires: Sun, 04 Aug 2024 05:20:08 GMT
cache-control: public, max-age=63115200
link: <http://enigmanetwork.net/dmca.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a264775a6858f15f"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

gaminghelper.co/img/pr-l.png

91.223.82.61

200 OK

7.5 kB

URL HTTP/1.1
gaminghelper.co/img/pr-l.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Size
7.5 kB (7453 bytes)
Hash
91d0b1f8f5b7685478ff0d1f461fa658
7e457376b687add741a5d6cea2713dc4ef37efbc
37e1b903b1a3b99f70dd9b463948bbaed162d7f3cc957dbc5084f0c523b9ec0d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/pr-l.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: image/png
Content-Length: 7453
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-1d1d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/panel-overlay.png

91.223.82.61

200 OK

3.1 kB

URL HTTP/1.1
gaminghelper.co/img/panel-overlay.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data
Size
3.1 kB (3116 bytes)
Hash
2b026d93f79b384005e4252c80701791
87804a0d83d2e745b31526c8b60d026abecbe73a
b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/panel-overlay.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: image/png
Content-Length: 3116
Last-Modified: Fri, 03 Sep 2021 06:31:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c146-c2c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/pr-r.png

91.223.82.61

200 OK

11 kB

URL HTTP/1.1
gaminghelper.co/img/pr-r.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11003 bytes)
Hash
284e10ee335890399e8f772c430570a9
188bf895905cee7d579aad2b6b5cdf795741f9cd
e88b54e0aa65055cb25657c0ed283b4d768a79770980c27f424886a48fa046ef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/pr-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: image/png
Content-Length: 11003
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-2afb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

downloadlocked.com/cl/js/114v1

23.22.126.183

200 OK

4.2 kB

URL HTTP/2
downloadlocked.com/cl/js/114v1
IP
23.22.126.183:0
ASN
#14618 AMAZON-AES

File type
data
Size
4.2 kB (4204 bytes)
Hash
ec63233112091f1a44e0ee96e723420a
f195509db554141cbda24433027cffffbaefb346
5b9d9256e7d0df08fad01cd3c419e773c25139799c127a2d47e606faa9776521

HTTP Headers

GET /cl/js/114v1 HTTP/1.1
Host: downloadlocked.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:47:43 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: none
set-cookie: XSRF-TOKEN=eyJpdiI6ImhXSldjcU02bGlWSENBM0FoMnFFZFE9PSIsInZhbHVlIjoiL1laVWtVRi83ZWZjcjE0b2RpSkVkRU0wNmtYaVBoNnZ4U3hrejF5OVJHWWJkems1MS9BeEVncXUwbW5JeC80OUR4VEFUV0FpeXVUYy85YVdFQ2t6UXZ5a1A5Q1cwWXlYdFJZc2ZTT3AyVjVpUG82RUNVenNrV3dQS2N2RVZsMnEiLCJtYWMiOiIyZTAxYjc5ZmNhNmIwOTQ1MmIxYmUyOTNmMjM1MWRkMGI3N2E4ODE3YmRhNDIzYWM4Mjk0MzA3NDAwMjg5NDFjIiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 01:47:43 GMT; Max-Age=72000; path=/; secure; samesite=none
ogads_session=eyJpdiI6IlR1Um5VaG5RekZUVFFMOFNIbGlHVFE9PSIsInZhbHVlIjoiODMzQkhHZUVrTGdacmxtM2pTbkM4NEVQTGJDdytYVHI2N2JVN2ovKzV4aE10YThPV3dtOUNya0wwSW5nMVkvczR1TUV5ZEthdVQxZ2Y2aVVXejJKYWFJTFZlbkF5ZThrWnJPVW8yZS90QktZM3JzSS8rT0lIZ2hWQSt1NjViNHciLCJtYWMiOiI1YTgwNzM5NTA0OGMwZGU3MDI5OWI2ZDA3MTMzYTI0N2U2MDNjNGUyODRlZWQwYzBlMjllZWYzZTNjZGQ2Njc0IiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 01:47:43 GMT; Max-Age=72000; path=/; secure; httponly; samesite=none
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: DENY, nosniff
X-Firefox-Spdy: h2

gaminghelper.co/img/button-dot.png

91.223.82.61

200 OK

672 B

URL HTTP/1.1
gaminghelper.co/img/button-dot.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Size
672 B (672 bytes)
Hash
478aefab2e280b16b0372e607414d3c2
710f5aaa706ec23cbf45006d7c1d25be76b4fa64
a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/button-dot.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: image/png
Content-Length: 672
Last-Modified: Fri, 03 Sep 2021 06:31:14 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c132-2a0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/smallbtnbg-r.png

91.223.82.61

200 OK

1.4 kB

URL HTTP/1.1
gaminghelper.co/img/smallbtnbg-r.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1393 bytes)
Hash
bdfffd47e30bf7d045d45f0125a33164
5834aea23f79a1ddccea3825bd51249307435c5f
0f61dff49d41fddbcc21de3dd4f1a62006f366083361d725bfd92ccf87212067

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/smallbtnbg-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: image/png
Content-Length: 1393
Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c154-571"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/fonts/bebasneue_bold-webfont.html

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/fonts/bebasneue_bold-webfont.html
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format (Version 2), TrueType, length 15216, version 1.197\012- data
Size
15 kB (15216 bytes)
Hash
772fc6a0795e2498a1715526dd95ac22
d410a8da10385a0ef11a74e69644493b99315fc3
13c03e5c6b49e447770ba4d0aee22d4aedbeed87e94f54fdcaf990934c109830

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/bebasneue_bold-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: text/html
Content-Length: 15216
Last-Modified: Fri, 03 Sep 2021 06:30:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c118-3b70"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/btn-img.png

91.223.82.61

200 OK

1.3 kB

URL HTTP/1.1
gaminghelper.co/img/btn-img.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 150 x 100, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1335 bytes)
Hash
817cb08a965fe5bf8debba11091e94c0
214d58c18bcbcfebd1606554929e9bc5f65755c6
e7e359cb00b793c60c192fb1dbffa401806d99267e9b55d8bc9ce3c8260568ae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/btn-img.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: image/png
Content-Length: 1335
Last-Modified: Fri, 03 Sep 2021 06:31:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c131-537"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/fonts/bebasneue_regular-webfont.html

91.223.82.61

200 OK

16 kB

URL HTTP/1.1
gaminghelper.co/fonts/bebasneue_regular-webfont.html
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data
Size
16 kB (15948 bytes)
Hash
af83f1b88fb4654673e9c841bd22a8c7
61e5a340ea87431211d732024f2703dca5b80cbc
bee0bcc11701aea746fd8b734379ba5e003a034460bfd71d88dc364b4d939be6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/bebasneue_regular-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: text/html
Content-Length: 15948
Last-Modified: Fri, 03 Sep 2021 06:30:51 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c11b-3e4c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 125702
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gaminghelper.co/fonts/et-line.woff

91.223.82.61

200 OK

55 kB

URL HTTP/1.1
gaminghelper.co/fonts/et-line.woff
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format, CFF, length 55220, version 1.0\012- data
Size
55 kB (55220 bytes)
Hash
b01ff252761958325faab1535c90c87f
d33413e7bc42acc8837cc9030ca45d29c1ccf0c6
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/et-line.woff HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: font/woff
Content-Length: 55220
Last-Modified: Fri, 03 Sep 2021 06:30:56 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c120-d7b4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.138

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18670)
Size
3.6 kB (3619 bytes)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 05:15:29 GMT
expires: Wed, 07 Dec 2022 06:15:29 GMT
cache-control: public, max-age=3600
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
age: 1934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.89.20.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.20.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8nixK59+Cpah4VV7Nr46LA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N6uPFGmum1i8t862RMBvUb3NLGI=

gaminghelper.co/close.png

91.223.82.61

200 OK

4.9 kB

URL HTTP/1.1
gaminghelper.co/close.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4878 bytes)
Hash
fb5d414fccc35f19fde0f30a8c98139b
4b4a030923039e56efdad2c2d97f0a74d2c74657
a967335d601fb662b5723f1181b3d07f25811d2ca26131598c48482b9935217b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /close.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Cookie: username1Cookie=Marilena; username2Cookie=Sam; username3Cookie=Ermes; comment1Cookie=wow amazing job admin… thank you for sharing   1000000  Cash. c: this website is giving some real stuff; comment2Cookie=this generator is incredible! thank you so much.; comment3Cookie=that was amazing!!! thanks a lot for this. .. works! FREAKING AAMZING!!  1000000  Cash.. thank you
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: image/png
Content-Length: 4878
Last-Modified: Fri, 03 Sep 2021 06:30:21 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c0fd-130e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Brazil.png

91.223.82.61

200 OK

3.0 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Brazil.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (2994 bytes)
Hash
6d08e0dcdad5dad61bfe91e9fd10ec43
70a64b36bd71808e2bcb9a1e9b2fae4037f98185
9d7377e3b13cad3f234d2b82c45c9cc1f0bd91daf3ed419b5c2900d4fceebf96

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Brazil.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Cookie: username1Cookie=Marilena; username2Cookie=Sam; username3Cookie=Ermes; comment1Cookie=wow amazing job admin… thank you for sharing   1000000  Cash. c: this website is giving some real stuff; comment2Cookie=this generator is incredible! thank you so much.; comment3Cookie=that was amazing!!! thanks a lot for this. .. works! FREAKING AAMZING!!  1000000  Cash.. thank you
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: image/png
Content-Length: 2994
Last-Modified: Fri, 03 Sep 2021 06:32:07 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c167-bb2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d7c4a5231d961669120c142261fa6a0
9bfbfa2776eb44bfe9670639f46eb0d73e44f92d
0bd4616ab9d8582c01daf0f707bdff80d3b8dafc24b9a241e495b2e5fd3369f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BD4616AB9D8582C01DAF0F707BDFF80D3B8DAFC24B9A241E495B2E5FD3369F1"
Last-Modified: Tue, 06 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21369
Expires: Wed, 07 Dec 2022 11:43:52 GMT
Date: Wed, 07 Dec 2022 05:47:43 GMT
Connection: keep-alive

track.enigmacdn.com/matomo.js

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
track.enigmacdn.com/matomo.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (1404)
Size
20 kB (20210 bytes)
Hash
8cd72e4f9c8225acdd40bf7dc2406e19
0cd39b8143536dfb54d1224e502ccc6567081204
f7a1fe5cff057b3d4c769d456085425932f39e43050ba4ff77fd9e0a66b57881

HTTP Headers

GET /matomo.js HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: application/javascript
Last-Modified: Wed, 26 May 2021 02:21:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"60adb0af-f330"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/app/431946152/img/favicon-16x16.png

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/app/431946152/img/favicon-16x16.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Size
20 kB (20002 bytes)
Hash
433a2c7fe0b062efd5da0f3a5c1702aa
4b3835801db1f5c129cfc2eaea3ab226002219f4
5c0bf583a5805bf2504f620c633a783c9678b13b5f8d943456eb0f062871123b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /app/431946152/img/favicon-16x16.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Cookie: username1Cookie=Marilena; username2Cookie=Sam; username3Cookie=Ermes; comment1Cookie=wow amazing job admin… thank you for sharing   1000000  Cash. c: this website is giving some real stuff; comment2Cookie=this generator is incredible! thank you so much.; comment3Cookie=that was amazing!!! thanks a lot for this. .. works! FREAKING AAMZING!!  1000000  Cash.. thank you
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93cd4106946bc499c4dbdfcab6ea7718
5628412fd5319f549699b48bc27ff0f2f334e6bd
9b471a64f51d01dc302ad60957ad702f536d4e2682ee9a594fe2253e1101d909

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B471A64F51D01DC302AD60957AD702F536D4E2682EE9A594FE2253E1101D909"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10271
Expires: Wed, 07 Dec 2022 08:38:54 GMT
Date: Wed, 07 Dec 2022 05:47:43 GMT
Connection: keep-alive

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.35

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 10:58:45 GMT
expires: Wed, 06 Dec 2023 10:58:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 67738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:39:56 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 987301698
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670392063651&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:194366786&@b3:1670392064&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-free-clothes-hack-2021-game-hack&@w

149.56.240.31

200 OK

51 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670392063651&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:194366786&@b3:1670392064&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-free-clothes-hack-2021-game-hack&@w
IP
149.56.240.31:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
6cf4c79c14fb638c0b4370867d5335e4
721c9f9a83f199fec33bd43ce6041bfd12c37a07
fec0dfe33d2c33dc3fa3d67f826177f894862df45d6233873f41e8c270a8587f

HTTP Headers

GET /stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670392063651&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:194366786&@b3:1670392064&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-free-clothes-hack-2021-game-hack&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 05:47:44 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close

track.enigmacdn.com/matomo.php?action_name=Robux%20Generator%20Online&idsite=1&rec=1&r=016244&h=5&m=47&s=43&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-free-clothes-hack-2021-game-hack&_id=e87808a9b23acb5b&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=FYGrWP&pf_net=187&pf_srv=39&pf_tfr=32&pf_dm1=782

91.223.82.61

204 No Response

0 B

URL HTTP/1.1
track.enigmacdn.com/matomo.php?action_name=Robux%20Generator%20Online&idsite=1&rec=1&r=016244&h=5&m=47&s=43&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-free-clothes-hack-2021-game-hack&_id=e87808a9b23acb5b&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=FYGrWP&pf_net=187&pf_srv=39&pf_tfr=32&pf_dm1=782
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=Robux%20Generator%20Online&idsite=1&rec=1&r=016244&h=5&m=47&s=43&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-free-clothes-hack-2021-game-hack&_id=e87808a9b23acb5b&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=FYGrWP&pf_net=187&pf_srv=39&pf_tfr=32&pf_dm1=782 HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Response
Server: nginx
Date: Wed, 07 Dec 2022 05:47:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/8.0.8RC1
Access-Control-Allow-Origin: https://gaminghelper.co
Access-Control-Allow-Credentials: true

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Wed, 07 Dec 2022 06:49:42 GMT
Date: Wed, 07 Dec 2022 05:47:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Wed, 07 Dec 2022 06:49:42 GMT
Date: Wed, 07 Dec 2022 05:47:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Wed, 07 Dec 2022 06:49:42 GMT
Date: Wed, 07 Dec 2022 05:47:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Wed, 07 Dec 2022 06:49:42 GMT
Date: Wed, 07 Dec 2022 05:47:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Wed, 07 Dec 2022 06:49:42 GMT
Date: Wed, 07 Dec 2022 05:47:44 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6846 bytes)
Hash
a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fo3lMa6shsclTxMwkqU7b-FdfADL1J2vHt8BNpEImo0gsmmI01BNTQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 10:08:58 GMT
age: 70726
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
22e3174edbfe337cc29266cc38abb51e
80283cb298a1b2326620be406ee3daa42ee0b3ef
520858a9d9540d5768988d0ebb04f0162ded5eb9cd8f4718989b033d04702111

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 3b64a1cf-0ad7-4ecf-a25e-ca65c06330ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVFcECMoAMF1SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6889-42dde2da60f083383ab06b82;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z3yEknYzqJG3oEe-t3nxHYkDXSYGdWkRdbB1V4ixYcJjV5DjxzLzEA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 15:53:10 GMT
age: 50074
etag: "80283cb298a1b2326620be406ee3daa42ee0b3ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7609 bytes)
Hash
0d0219e6bee2a28f003f396f872eecf0
b3d22d146c6094cb539de40a72b9c5a140802ee5
41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 02299a39-6804-49ae-b415-313b6e06b2ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfj24G39oAMF25Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63894cf8-5f578e3f211063bd125b645a;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 00:55:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EmQGdW6eDQGTNSY5o0bGb7rS5i9FBeV29pEQMPui8P9XOpgZHW8leA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:56:16 GMT
age: 28288
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.2 kB (3175 bytes)
Hash
cefc5a863db79a7a8acd7366322ea34d
ec084f21bd0bcf5c101366e5732421835b3230d3
ee5a022da888181060a9d4ac8ab18fb8e35143b5f046f905d38553b9552f0bbb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3175
x-amzn-requestid: 3b5ffd5c-a8a5-40d8-b370-c13b0da5f543
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csXJEF0hIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6bd3-40d73fc5702a607c4ef71574;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2Qmmv5s2Vpw4nmSpCj3WLX-yy2qKOk30Q_ZeA3C2IqFgjxzm4MMxEA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 04:47:35 GMT
age: 3609
etag: "ec084f21bd0bcf5c101366e5732421835b3230d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffedaa717-23e2-407d-9833-52d537b9b6c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5704 bytes)
Hash
2d237b386960b3fbbcfdde0d2f0179ca
46c6733ae3f0c01f1ec1f71790d71cac9797fcd2
4a86ff99f57d9dea3d7f2f22a02f54f3e9bfbdfca07722d1a7c3d25a1dc5160c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffedaa717-23e2-407d-9833-52d537b9b6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5704
x-amzn-requestid: 7b87f011-2d7b-41fc-9897-358e5d1a3e5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cc4a2FrvIAMF5tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63883aab-32ed5f3631606c622938642e;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 05:24:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yeauf5fYorNWQgdcsLswhkdLfT_cs5GJcl1dcNRs6zMpTLoN0UWEjA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 04:40:30 GMT
age: 4034
etag: "46c6733ae3f0c01f1ec1f71790d71cac9797fcd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6186 bytes)
Hash
535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 16:47:32 GMT
age: 46812
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gaminghelper.co/img/cf/Chile.png

91.223.82.61

200 OK

1.4 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Chile.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1443 bytes)
Hash
1cec2276b9f4cddfe87347004015d35f
2f4c99b50669a6d0012425c2c3a4da81e4ecb53f
94a8fe1f7fb27095d3d5c8dfeec71812129cb3ab68ec52f3d51247bff7dc2c3b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Chile.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Cookie: username1Cookie=Marilena; username2Cookie=Sam; username3Cookie=Ermes; comment1Cookie=wow amazing job admin… thank you for sharing   1000000  Cash. c: this website is giving some real stuff; comment2Cookie=this generator is incredible! thank you so much.; comment3Cookie=that was amazing!!! thanks a lot for this. .. works! FREAKING AAMZING!!  1000000  Cash.. thank you; _pk_id.1.166e=e87808a9b23acb5b.1670392064.; _pk_ses.1.166e=1; HstCfa4515739=1670392063651; HstCla4515739=1670392063651; HstCmu4515739=1670392063651; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=65377; timePosted22Cookie=53226; timePosted33Cookie=13617
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:45 GMT
Content-Type: image/png
Content-Length: 1443
Last-Modified: Fri, 03 Sep 2021 06:32:11 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c16b-5a3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Switzerland.png

91.223.82.61

200 OK

1.3 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Switzerland.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1321 bytes)
Hash
76cb6d0761701d9d630eb74fc964c0ea
36bcc2c7bf42df8e2fce90c39dd4f7b441a5e0e9
29da57527cc689666b1389f9f1895ee169ebb28e50d1254c446b4a4841d4dd0c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Switzerland.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Cookie: username1Cookie=Marilena; username2Cookie=Sam; username3Cookie=Ermes; comment1Cookie=wow amazing job admin… thank you for sharing   1000000  Cash. c: this website is giving some real stuff; comment2Cookie=this generator is incredible! thank you so much.; comment3Cookie=that was amazing!!! thanks a lot for this. .. works! FREAKING AAMZING!!  1000000  Cash.. thank you; _pk_id.1.166e=e87808a9b23acb5b.1670392064.; _pk_ses.1.166e=1; HstCfa4515739=1670392063651; HstCla4515739=1670392063651; HstCmu4515739=1670392063651; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=68377; timePosted22Cookie=56226; timePosted33Cookie=16617
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:48 GMT
Content-Type: image/png
Content-Length: 1321
Last-Modified: Fri, 03 Sep 2021 06:33:05 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c1a1-529"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Mexico.png

91.223.82.61

200 OK

1.6 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Mexico.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1592 bytes)
Hash
43a01bb0fa7bd2e9d7fb4172be185309
905937df57b2f8338d0a8a85bb2b2c1f59dd893e
af07db117e64c6e296b92155defd6ba8947da0198c7692df077f566eb008b710

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Mexico.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Cookie: username1Cookie=Marilena; username2Cookie=Sam; username3Cookie=Ermes; comment1Cookie=wow amazing job admin… thank you for sharing   1000000  Cash. c: this website is giving some real stuff; comment2Cookie=this generator is incredible! thank you so much.; comment3Cookie=that was amazing!!! thanks a lot for this. .. works! FREAKING AAMZING!!  1000000  Cash.. thank you; _pk_id.1.166e=e87808a9b23acb5b.1670392064.; _pk_ses.1.166e=1; HstCfa4515739=1670392063651; HstCla4515739=1670392063651; HstCmu4515739=1670392063651; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=69377; timePosted22Cookie=57226; timePosted33Cookie=17617
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:49 GMT
Content-Type: image/png
Content-Length: 1592
Last-Modified: Fri, 03 Sep 2021 06:32:43 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c18b-638"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Belgium.png

91.223.82.61

200 OK

1.2 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Belgium.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1191 bytes)
Hash
50f1dd3fcc6c6deb8cede888cef77483
0150f39623d23cbfd1c8c1a32d0412f085197188
597e0bb386082e16e198e375a47f3f0813a3fe264bbcc796fbf6047153631063

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Belgium.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-free-clothes-hack-2021-game-hack
Cookie: username1Cookie=Marilena; username2Cookie=Sam; username3Cookie=Ermes; comment1Cookie=wow amazing job admin… thank you for sharing   1000000  Cash. c: this website is giving some real stuff; comment2Cookie=this generator is incredible! thank you so much.; comment3Cookie=that was amazing!!! thanks a lot for this. .. works! FREAKING AAMZING!!  1000000  Cash.. thank you; _pk_id.1.166e=e87808a9b23acb5b.1670392064.; _pk_ses.1.166e=1; HstCfa4515739=1670392063651; HstCla4515739=1670392063651; HstCmu4515739=1670392063651; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=70377; timePosted22Cookie=58226; timePosted33Cookie=18617
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 05:47:50 GMT
Content-Type: image/png
Content-Length: 1191
Last-Modified: Fri, 03 Sep 2021 06:32:04 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c164-4a7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

216.58.211.14

200 OK

0 B

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Dec 2022 05:47:43 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+270; expires=Fri, 06-Dec-2024 05:47:43 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations