netcdn.xyz/app/1330123889/pubg-uc-price-in-nepal-game-hack
301 Moved Permanently 279 B URL HTTP/1.1 netcdn.xyz/app/1330123889/pubg-uc-price-in-nepal-game-hack
IP
ASN #199968 Iws Networks LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0e3337e233e46cdb541b74bbd72083ff
581be4ba407b9727c296e03912b615b83e4daa83
5f45bddaec4e648e956c2653f653611714cc787fd3acc7032f38de57cd31ff7f
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /app/1330123889/pubg-uc-price-in-nepal-game-hack HTTP/1.1
Host: netcdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9285
Expires: Fri, 11 Nov 2022 02:14:49 GMT
Date: Thu, 10 Nov 2022 23:40:04 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4074
Cache-Control: max-age=129537
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:04 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 11:39:01 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 10 Nov 2022 22:43:53 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3371
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10905
Expires: Fri, 11 Nov 2022 02:41:49 GMT
Date: Thu, 10 Nov 2022 23:40:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gBLyklBA3MgQUxFa1BWdfEWkdjOqx7KAxn/W+vNbAC4qMMHrA8Z0xIqox848XPoI7fgjDV1k64Y=
x-amz-request-id: 4DHPCR0T8PZ209F7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 23:12:20 GMT
age: 1664
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 41e4b339991dcd150c582a204ea51c70
97f578349e52c51c2e45986fa3541986ca42dfec
8a02eefaedaa6784a22ef497037f0378092f75e02138f01ca03aed920642f5f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8A02EEFAEDAA6784A22EF497037F0378092F75E02138F01CA03AED920642F5F4"
Last-Modified: Tue, 08 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21459
Expires: Fri, 11 Nov 2022 05:37:43 GMT
Date: Thu, 10 Nov 2022 23:40:04 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 23:40:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
200 OK 20 kB URL HTTP/1.1 gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
IP
ASN #199968 Iws Networks LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Hash 6badc4c63f9b478346c74b39b7c74d78
c85203277f553d9cee4051c9c59c8a98a36361a6
722e936d8f7305ec906db56a74fc6398d239fd720d01ca547b294d3b83781306
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /app/1330123889/pubg-uc-price-in-nepal-game-hack HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip
gaminghelper.co/css/bootstrap.min.css
200 OK 20 kB URL HTTP/1.1 gaminghelper.co/css/bootstrap.min.css
IP
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (65371)
Hash 3f142cfc2d7123b31a1e696e0591f27a
834192dbadf2713cd2ff89f50d7ec2f1d4782e54
3421e2383a7c02f24509d2f1294d3099b658d0773f97706b87b832b0b770c0b6
GET /css/bootstrap.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-1d9bb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/css/fancySelect.css
200 OK 1.0 kB URL HTTP/1.1 gaminghelper.co/css/fancySelect.css
IP
ASN #199968 Iws Networks LLC
Hash 458a1a06f282aa4c457a8b613d6a38e6
b524e1cb32722230e18bc85f414b9a10e43a7e2d
3f41176d4616a36f4325865bb3c0ea652f3616dec60b31bd923df91f600506b2
GET /css/fancySelect.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-109d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/css/animate.css
200 OK 4.0 kB URL HTTP/1.1 gaminghelper.co/css/animate.css
IP
ASN #199968 Iws Networks LLC
Hash 48bc9b81bca18c06ba937cbb880b4cb3
697313edfad185bcca5c7bde18da4a98f93e3adb
b30b4d8565f9af6c8d2cb3839aa09dbccd60ca1a766465d542debade38f45741
GET /css/animate.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-10cbc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/css/sweetalert2.min.css
200 OK 2.7 kB URL HTTP/1.1 gaminghelper.co/css/sweetalert2.min.css
IP
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (13987), with no line terminators
Hash 1cfac88a4a8e1bc20b811757fb028b40
10427c064f703342d031411a3310e2a5ef2083bc
53976df2ad3ce0c0f2632bb620bbb02d930a5eb943298170e97189f029a0d70d
GET /css/sweetalert2.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c106-36a3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/css/magnific-popup.css
200 OK 2.0 kB URL HTTP/1.1 gaminghelper.co/css/magnific-popup.css
IP
ASN #199968 Iws Networks LLC
Hash c0275239cb960b014d780d8105b44d72
8db83ac790988232549a3740ecf04fc199da1ce8
211b79363793093a7a2f1d342768844e938e88156b62293093185a6500ead1cf
GET /css/magnific-popup.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-1f0a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/jquery.countTo.js
200 OK 1.1 kB URL HTTP/1.1 gaminghelper.co/js/jquery.countTo.js
IP
ASN #199968 Iws Networks LLC
Hash 547f5246e091d19af521dee35588e468
4772f3c1e62865ccbbab04abd39e69510c8f5843
67880d8532d95db3e74b7da985ca2fe7c9d9660e3dd125202cebcda96a2007e2
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.countTo.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b3-eb1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/fancySelect.js
200 OK 1.7 kB URL HTTP/1.1 gaminghelper.co/js/fancySelect.js
IP
ASN #199968 Iws Networks LLC
Hash a60791b5b353371813114e815d946494
69d1f371b0ed899641e640b2649c0914302812bd
5d19375a0386f8ea11115e3145c61105cfa1daca00d15ad54b49c84967f518d0
Analyzer Verdict Alert fortinet Phishing
GET /js/fancySelect.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-1a7a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/css/style.css
200 OK 8.5 kB URL HTTP/1.1 gaminghelper.co/css/style.css
IP
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (1512)
Hash 4d36bdeba8bb00f4ee280771fddfa689
8dfbed7251f5bb010d5fe8f64e0d60abc3e9fd54
08bb84420272831b8755bc5bd2858bf8a486006a9367b670d826ee516262a2c8
GET /css/style.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c106-bd7b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/sweetalert2.min.js
200 OK 6.5 kB URL HTTP/1.1 gaminghelper.co/js/sweetalert2.min.js
IP
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (20305), with no line terminators
Hash b238ef007e57c4c8f9447cba68fdb3a2
2d4ca455aca3fcd8ee7ac2e2883cfa89c87bd532
aeafa1e7bb6a973eac2b4f5462844b1c2d64d53eb2e09e75f265e646320f7080
Analyzer Verdict Alert fortinet Phishing
GET /js/sweetalert2.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-4f51"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/validator.min.js
200 OK 2.1 kB URL HTTP/1.1 gaminghelper.co/js/validator.min.js
IP
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (5862)
Hash 1ab13fa2eeca5d16de99a1cad839416c
0d0a95bd88d04b02d89e1162dd3ebb20b5543dd8
56b8d7fb44f86809b49d416022455ac170fb0b79d1ab4b6e5192a046e660f667
Analyzer Verdict Alert fortinet Phishing
GET /js/validator.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-17a7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/com.js
200 OK 3.3 kB URL HTTP/1.1 gaminghelper.co/js/com.js
IP
ASN #199968 Iws Networks LLC
File type C source, Unicode text, UTF-8 text, with very long lines (2456)
Hash ecf323c878106fa274f5e9f3b3a82437
86b15826e8a83c81da7ef264dd8e3ff59ef5c1bf
28babf5e232e3dc0985bab21a28eea25b17bc078bafc92a6ba049eefb1e45720
Analyzer Verdict Alert fortinet Phishing
GET /js/com.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-461a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 279 B IP
Hash d077cd24b15efb2762287fc616bb7cd2
c4ecf2280d03b50dfc1527377136607ccb543fd8
2520aac9a4b84d84b652ad52801ed88a509dd5ec2bf049d86a6a5ad652b06424
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2628
Cache-Control: max-age=115507
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Etag: "636ca1c4-117"
Expires: Sat, 12 Nov 2022 07:45:12 GMT
Last-Modified: Thu, 10 Nov 2022 07:01:24 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
gaminghelper.co/js/form-scripts.js
200 OK 609 B URL HTTP/1.1 gaminghelper.co/js/form-scripts.js
IP
ASN #199968 Iws Networks LLC
Hash 4fb85eb3b2f0dd8b8f5953c58236da3e
1c9f6c7a15a3248147e056672ffbf4fdbaed6718
3dd0f5e5567c73519dc3eeb98ba6fef9d2b2982af24544ba3d7bbc684d6bae6c
Analyzer Verdict Alert fortinet Phishing
GET /js/form-scripts.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-5bd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/sticky.js
200 OK 0 B URL HTTP/1.1 gaminghelper.co/js/sticky.js
IP
ASN #199968 Iws Networks LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /js/sticky.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: application/javascript
Content-Length: 0
Last-Modified: Fri, 03 Sep 2021 06:33:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c1b8-0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/js/jquery.magnific-popup.min.js
200 OK 7.7 kB URL HTTP/1.1 gaminghelper.co/js/jquery.magnific-popup.min.js
IP
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (21014)
Hash 12a9a563724e70a895de0fbd5f7b4ee5
a14c616f532deb9ca2d5fa0de6124d47ea60ab57
f2e1cd5f2953925591288bd1cc3f167bbd392497476119083458e33e9ab87079
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b6-5297"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gaminghelper.co/js/main.js
200 OK 15 kB URL HTTP/1.1 gaminghelper.co/js/main.js
IP
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (16162)
Hash 562dc83f2f14b713905fe69a0994e11d
43cd616f9ea8c8c1eb0edccd54a29e2490fcf90a
745ecf708bc71ba73f7071b8a35c3f639ec7f3e05ceb826458a1b6a8fb4fe782
Analyzer Verdict Alert fortinet Phishing
GET /js/main.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b7-a08b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js
200 OK 52 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js
IP
File type ASCII text, with very long lines (563)
Hash d3908721b39ebbeffaf1c917bbda06e8
0f9b6c6bdad9cfc057f3e85f52cc417370959fb9
4ae100977cea8b9965e5d231f3ae655783b4f163c56ee703953aff937525ed37
GET /ajax/libs/jqueryui/1.8.13/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 51711
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 15:51:33 GMT
expires: Wed, 08 Nov 2023 15:51:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 200912
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash d077cd24b15efb2762287fc616bb7cd2
c4ecf2280d03b50dfc1527377136607ccb543fd8
2520aac9a4b84d84b652ad52801ed88a509dd5ec2bf049d86a6a5ad652b06424
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2628
Cache-Control: max-age=115507
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Etag: "636ca1c4-117"
Expires: Sat, 12 Nov 2022 07:45:12 GMT
Last-Modified: Thu, 10 Nov 2022 07:01:24 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP
File type ASCII text, with very long lines (32025)
Hash 83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 08:31:51 GMT
expires: Fri, 10 Nov 2023 08:31:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 54494
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 10 Nov 2022 23:24:57 GMT
cache-control: public,max-age=3600
age: 908
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0fb17c5b5daca07fff7fcff446bef6f3
91ce4c9d7cc3bee32ee345399380a422a6c93abc
33adfcd17861ddbff6f8f258823214aa82d34697959fc46598a3b2a7c2953ab1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gaminghelper.co/img/coins2.png
200 OK 2.1 kB URL HTTP/1.1 gaminghelper.co/img/coins2.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 31 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash de49d679ea1686fa64881f10c0062904
b807f2d9ebb16f59714747732cdcd6944f43c8fe
be338b834d7a7c5b29dbe49c41f50dd84c58f29f651834f46cce86c0fb74ef40
GET /img/coins2.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 2061
Last-Modified: Fri, 03 Sep 2021 06:31:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c134-80d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/nbacash2.png
200 OK 2.3 kB URL HTTP/1.1 gaminghelper.co/img/nbacash2.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 65716506074de00f1059977305013999
6cfae93ba1f8691d07a629a76d12c78173155b46
55fd8d4b5137df77e5c67c4d83ec123a8db2887cf3b58229e07b45568e091829
GET /img/nbacash2.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 2338
Last-Modified: Fri, 03 Sep 2021 06:31:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c146-922"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 471 B IP
Hash a3b272d2ca72464fb2229e161db81c43
67991c72a9838102ce8caa7f7dca932674e8e581
5a473fda3edf3579ae1012993fecd544132166b91dc3a6ff5f9bf11dbecb2383
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4517
Cache-Control: max-age=152315
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Etag: "636d2a2b-1d7"
Expires: Sat, 12 Nov 2022 17:58:40 GMT
Last-Modified: Thu, 10 Nov 2022 16:43:23 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
i0.wp.com/enigmanetwork.net/dmca.png
200 OK 668 B URL HTTP/2 i0.wp.com/enigmanetwork.net/dmca.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash fa302d465f15a34e8264bc761a6902aa
2c73911e3cfcf82860d1d59a0ccd2625ae98fffb
0cbddd5e01b49d35d16b15fc54a481a17a0f2803c2da6807800428139dd50f7f
GET /enigmanetwork.net/dmca.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 23:40:05 GMT
content-type: image/webp
content-length: 668
last-modified: Thu, 04 Aug 2022 17:20:08 GMT
expires: Sun, 04 Aug 2024 05:20:08 GMT
cache-control: public, max-age=63115200
link: <http://enigmanetwork.net/dmca.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a264775a6858f15f"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
gaminghelper.co/img/main-bg.jpg
200 OK 9.4 kB URL HTTP/1.1 gaminghelper.co/img/main-bg.jpg
IP
ASN #199968 Iws Networks LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash d93b1723b2a2723d48696c5a6cae3b7e
6f69bdc7079dd114f6fc816c5098f80b58c7b794
efbff382982bb66a918e5412741a23a309c6f4ca4e9820e65e67f659767765d6
GET /img/main-bg.jpg HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/jpeg
Content-Length: 9365
Last-Modified: Fri, 03 Sep 2021 06:31:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c143-2495"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
is1-ssl.mzstatic.com/image/thumb/Purple122/v4/37/ed/b1/37edb116-ab98-4ed9-b8f5-5deb110b2edb/AppIcon-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-8.png/150x150bb.jpg
200 OK 12 kB URL HTTP/2 is1-ssl.mzstatic.com/image/thumb/Purple122/v4/37/ed/b1/37edb116-ab98-4ed9-b8f5-5deb110b2edb/AppIcon-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-8.png/150x150bb.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 150x150, components 3\012- data
Hash 39a462c7690d363c27ff807422120dbc
52b2214553272cbe82723133d7d601d4bfb2f995
68d0fd308bd63a6d4df22d371e55507187364ad3aa2d7c38cfa35ababd9dbdb9
GET /image/thumb/Purple122/v4/37/ed/b1/37edb116-ab98-4ed9-b8f5-5deb110b2edb/AppIcon-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-8.png/150x150bb.jpg HTTP/1.1
Host: is1-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/jpeg
content-length: 12072
x-apple-jingle-correlation-key: LIPGIAIM5ERVRKLZLABCSPSBQU
x-apple-request-uuid: 5a1e6401-0ce9-2358-a979-5802293e4185
b3: 5a1e64010ce92358a9795802293e4185-b582ad4952971f1f
x-b3-traceid: 5a1e64010ce92358a9795802293e4185
x-b3-spanid: b582ad4952971f1f
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Thu, 15 Sep 2022 01:47:40 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjYzMjA2NDYwMzEzLGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwMjgxLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:22HOTFIX7:daiquiri-amp-processing-shared-int-001-st
cdnuuid: a838ff77-07af-4e7f-b45e-e62ca45dc252-1020179147
cache-control: no-transform, max-age=12173201
date: Thu, 10 Nov 2022 23:40:05 GMT
x-cache: TCP_MEM_HIT from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
X-Firefox-Spdy: h2
gaminghelper.co/img/pr-l.png
200 OK 7.5 kB URL HTTP/1.1 gaminghelper.co/img/pr-l.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Hash 91d0b1f8f5b7685478ff0d1f461fa658
7e457376b687add741a5d6cea2713dc4ef37efbc
37e1b903b1a3b99f70dd9b463948bbaed162d7f3cc957dbc5084f0c523b9ec0d
GET /img/pr-l.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 7453
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-1d1d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/pr-r.png
200 OK 11 kB URL HTTP/1.1 gaminghelper.co/img/pr-r.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Hash 284e10ee335890399e8f772c430570a9
188bf895905cee7d579aad2b6b5cdf795741f9cd
e88b54e0aa65055cb25657c0ed283b4d768a79770980c27f424886a48fa046ef
GET /img/pr-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 11003
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-2afb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/button-dot.png
200 OK 672 B URL HTTP/1.1 gaminghelper.co/img/button-dot.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Hash 478aefab2e280b16b0372e607414d3c2
710f5aaa706ec23cbf45006d7c1d25be76b4fa64
a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc
GET /img/button-dot.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 672
Last-Modified: Fri, 03 Sep 2021 06:31:14 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c132-2a0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/smallbtnbg-r.png
200 OK 1.4 kB URL HTTP/1.1 gaminghelper.co/img/smallbtnbg-r.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data
Hash bdfffd47e30bf7d045d45f0125a33164
5834aea23f79a1ddccea3825bd51249307435c5f
0f61dff49d41fddbcc21de3dd4f1a62006f366083361d725bfd92ccf87212067
GET /img/smallbtnbg-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 1393
Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c154-571"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/panel-overlay.png
200 OK 3.1 kB URL HTTP/1.1 gaminghelper.co/img/panel-overlay.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data
Hash 2b026d93f79b384005e4252c80701791
87804a0d83d2e745b31526c8b60d026abecbe73a
b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e
GET /img/panel-overlay.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 3116
Last-Modified: Fri, 03 Sep 2021 06:31:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c146-c2c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/smallbtnbg.png
200 OK 1.4 kB URL HTTP/1.1 gaminghelper.co/img/smallbtnbg.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data
Hash 92b84c143879abe85792a3408ae4845d
1f8e983f7514d582e81cfee98ad8bb40ced26972
dcf687cc9a059bc7a036faf3a86c50103d04e1fdca867deb7553ec9136719f0d
GET /img/smallbtnbg.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 1405
Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c154-57d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/fonts/bebasneue_bold-webfont.html
200 OK 15 kB URL HTTP/1.1 gaminghelper.co/fonts/bebasneue_bold-webfont.html
IP
ASN #199968 Iws Networks LLC
File type Web Open Font Format (Version 2), TrueType, length 15216, version 1.197\012- data
Hash 772fc6a0795e2498a1715526dd95ac22
d410a8da10385a0ef11a74e69644493b99315fc3
13c03e5c6b49e447770ba4d0aee22d4aedbeed87e94f54fdcaf990934c109830
Analyzer Verdict Alert fortinet Phishing
GET /fonts/bebasneue_bold-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: text/html
Content-Length: 15216
Last-Modified: Fri, 03 Sep 2021 06:30:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c118-3b70"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/btn-img.png
200 OK 1.3 kB URL HTTP/1.1 gaminghelper.co/img/btn-img.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 150 x 100, 8-bit colormap, non-interlaced\012- data
Hash 817cb08a965fe5bf8debba11091e94c0
214d58c18bcbcfebd1606554929e9bc5f65755c6
e7e359cb00b793c60c192fb1dbffa401806d99267e9b55d8bc9ce3c8260568ae
GET /img/btn-img.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 1335
Last-Modified: Fri, 03 Sep 2021 06:31:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c131-537"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
200 OK 67 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 23:40:05 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 01a7855f8e506f206da6f49f4cf8f10f
cdn-cache: HIT
cf-cache-status: HIT
age: 116
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7682a19629b0b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gaminghelper.co/fonts/bebasneue_regular-webfont.html
200 OK 16 kB URL HTTP/1.1 gaminghelper.co/fonts/bebasneue_regular-webfont.html
IP
ASN #199968 Iws Networks LLC
File type Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data
Hash af83f1b88fb4654673e9c841bd22a8c7
61e5a340ea87431211d732024f2703dca5b80cbc
bee0bcc11701aea746fd8b734379ba5e003a034460bfd71d88dc364b4d939be6
Analyzer Verdict Alert fortinet Phishing
GET /fonts/bebasneue_regular-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: text/html
Content-Length: 15948
Last-Modified: Fri, 03 Sep 2021 06:30:51 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c11b-3e4c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
200 OK 61 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (27303)
Hash cd9906ca8e9263306ab311eb5703d808
b89e6c9042c305d627395d64a7cda42e4217d4c0
38b584e6282642b1dc0073f76856423ddbea2585aa8f4e293c5ad48478fb621c
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 23:40:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 13567853
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7682a193a89ab4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 081ea13ba4390a4baab25cf57c2672f3
30cc9c329228e3d7bc6041f1aa553f06f8136eed
5a48c189581edd8ae4a4e58e2d54359bb75ba769828436394e4c256fe861814e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1020
Cache-Control: max-age=121428
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Etag: "636cbf2d-1d7"
Expires: Sat, 12 Nov 2022 09:23:53 GMT
Last-Modified: Thu, 10 Nov 2022 09:06:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
200 OK 71 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
Hash 4b788511a1cac516106a860aeb1f9a10
5210645eaf5ee25f78e724b333f78bbb1e5488b9
52e5116f59968287ec9168207eef9ac1863ae344e7b269ec5b5bab15f811fd6f
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Nov 2022 23:40:05 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+961; expires=Sat, 09-Nov-2024 23:40:05 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a94f3dce57c66c58de72ae52209d2eec
bc88dea31e6b598be3ce869949ea91484bf0410b
12a062e77adb0f17b742f0fca3261de5b5274fc2ba5a1262871d845b9dd91a53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 23:30:30 GMT
expires: Fri, 11 Nov 2022 00:30:30 GMT
cache-control: public, max-age=3600
age: 575
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1d945810630d1cd67b4245ef2a26a0c9
71cd7358cc671645029a30166e8159fe926698fc
f0f9c9d5384e2e2631e7891a6e14700a61266c7c99aa15c6b46555111a3d58a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F0F9C9D5384E2E2631E7891A6E14700A61266C7C99AA15C6B46555111A3D58A4"
Last-Modified: Tue, 08 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21423
Expires: Fri, 11 Nov 2022 05:37:08 GMT
Date: Thu, 10 Nov 2022 23:40:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2d46cc53a1538ba2f6bb280da629e041
2ef714b4f668272bd5ab9c1a27a7e5441c975b53
178465070084aced449db36199915decc6517938c9261ca1a9a0bf5b7d95a94d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gaminghelper.co/img/cf/Morocco.png
200 OK 1.6 kB URL HTTP/1.1 gaminghelper.co/img/cf/Morocco.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 55771e017c0abf4568575f472c4e0f75
0291717398720cae58861a2b58202d01a9299878
bffc3e0712629d2d5be93efe98a0bea7a0b5db9de81c5ad652378b3a65aa928d
GET /img/cf/Morocco.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Cookie: username1Cookie=Andrew; username2Cookie=Adelia Conti; username3Cookie=Calvin; comment1Cookie=wow. this generator is incredible thank you! thanks a lot dude!!!! WORKS like a charm!!! now i dont need to buy Cash! thanks a lot . :D; comment2Cookie=this website is giving some real stuff . thanks . =D; comment3Cookie=Wow!
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 1595
Last-Modified: Fri, 03 Sep 2021 06:32:46 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c18e-63b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/close.png
200 OK 4.9 kB URL HTTP/1.1 gaminghelper.co/close.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash fb5d414fccc35f19fde0f30a8c98139b
4b4a030923039e56efdad2c2d97f0a74d2c74657
a967335d601fb662b5723f1181b3d07f25811d2ca26131598c48482b9935217b
GET /close.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Cookie: username1Cookie=Andrew; username2Cookie=Adelia Conti; username3Cookie=Calvin; comment1Cookie=wow. this generator is incredible thank you! thanks a lot dude!!!! WORKS like a charm!!! now i dont need to buy Cash! thanks a lot . :D; comment2Cookie=this website is giving some real stuff . thanks . =D; comment3Cookie=Wow!
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: image/png
Content-Length: 4878
Last-Modified: Fri, 03 Sep 2021 06:30:21 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c0fd-130e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
track.enigmacdn.com/matomo.js
200 OK 20 kB URL HTTP/1.1 track.enigmacdn.com/matomo.js
IP
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (1404)
Hash 8cd72e4f9c8225acdd40bf7dc2406e19
0cd39b8143536dfb54d1224e502ccc6567081204
f7a1fe5cff057b3d4c769d456085425932f39e43050ba4ff77fd9e0a66b57881
GET /matomo.js HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: application/javascript
Last-Modified: Wed, 26 May 2021 02:21:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"60adb0af-f330"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/app/1330123889/img/favicon-16x16.png
200 OK 20 kB URL HTTP/1.1 gaminghelper.co/app/1330123889/img/favicon-16x16.png
IP
ASN #199968 Iws Networks LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Hash 6badc4c63f9b478346c74b39b7c74d78
c85203277f553d9cee4051c9c59c8a98a36361a6
722e936d8f7305ec906db56a74fc6398d239fd720d01ca547b294d3b83781306
GET /app/1330123889/img/favicon-16x16.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Cookie: username1Cookie=Andrew; username2Cookie=Adelia Conti; username3Cookie=Calvin; comment1Cookie=wow. this generator is incredible thank you! thanks a lot dude!!!! WORKS like a charm!!! now i dont need to buy Cash! thanks a lot . :D; comment2Cookie=this website is giving some real stuff . thanks . =D; comment3Cookie=Wow!
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9632b8cb424bc816bd4bd67348446909
2b8b74b954cff0d04a68d012dee23d4c50ce3d17
4209c2139b95c2dfd42eec184a0235db66a050581322e4bd2bd1b3f4d06f4504
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4209C2139B95C2DFD42EEC184A0235DB66A050581322E4BD2BD1B3F4D06F4504"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3846
Expires: Fri, 11 Nov 2022 00:44:11 GMT
Date: Thu, 10 Nov 2022 23:40:05 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Open+Sans:300,400,700
200 OK 684 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,700
IP
Hash d96a6e71e483f4756f649d046436de1b
2f76217f52c85a89da5fd277d57f405b9386f7b1
4d374747b71f8584b41621545bb1ab8ae13a857d816ffe31431fd4ef93ad7a98
GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 23:40:05 GMT
date: Thu, 10 Nov 2022 23:40:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 23:33:40 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 832503988
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 15:16:26 GMT
expires: Wed, 08 Nov 2023 15:16:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 203020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:55:17 GMT
expires: Fri, 10 Nov 2023 21:55:17 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 6289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:58:22 GMT
expires: Fri, 10 Nov 2023 21:58:22 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 6104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 006bc2d8ab25bb41f907cbf7aae72496
edfa83f56f1c0e75d1785b84b1ac749c4460787e
b31c79d23217ebe327b55bea3133ebf472781ee7101df47de0f87019e182fa0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/cleardot.gif
200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Thu, 10 Nov 2022 23:40:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da6ea2384d89dcf08521ba15aaa8c085
141a73f1f12700389cecb3548d37c2d5286e7a95
db36322a9271b8e877ba3b1b59c0b8783eb5e9ac8cddd9ecce4180904e7a1088
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 23:40:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1668123601965&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:167964589&@b3:1668123602&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-uc-price-in-nepal-game-hack&@w
200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1668123601965&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:167964589&@b3:1668123602&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-uc-price-in-nepal-game-hack&@w
IP
File type ASCII text, with no line terminators
Hash d64603c0b883587c55a8e49f131f0bb8
43400951cd590a3c520b02459c681683687bac9e
331f171e7cfbf3bafb94249a35af54399e358d24dd65b0e817f2fef667966ab5
GET /stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1668123601965&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:167964589&@b3:1668123602&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-uc-price-in-nepal-game-hack&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 23:40:06 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
track.enigmacdn.com/matomo.php?action_name=PUBG%20MOBILE%20Generator%20Online&idsite=1&rec=1&r=546181&h=23&m=40&s=1&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-uc-price-in-nepal-game-hack&_id=ab7af89cb4b55f9c&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=fc4kZE&pf_net=131&pf_srv=44&pf_tfr=31&pf_dm1=683
204 No Response 0 B URL HTTP/1.1 track.enigmacdn.com/matomo.php?action_name=PUBG%20MOBILE%20Generator%20Online&idsite=1&rec=1&r=546181&h=23&m=40&s=1&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-uc-price-in-nepal-game-hack&_id=ab7af89cb4b55f9c&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=fc4kZE&pf_net=131&pf_srv=44&pf_tfr=31&pf_dm1=683
IP
ASN #199968 Iws Networks LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=PUBG%20MOBILE%20Generator%20Online&idsite=1&rec=1&r=546181&h=23&m=40&s=1&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-uc-price-in-nepal-game-hack&_id=ab7af89cb4b55f9c&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=fc4kZE&pf_net=131&pf_srv=44&pf_tfr=31&pf_dm1=683 HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Response
Server: nginx
Date: Thu, 10 Nov 2022 23:40:05 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/8.0.8RC1
Access-Control-Allow-Origin: https://gaminghelper.co
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15248
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 23:40:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15248
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 23:40:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15248
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 23:40:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15248
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 23:40:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ee6ca-d1ab-48ac-994e-01c246d9532d.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ee6ca-d1ab-48ac-994e-01c246d9532d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 383219efe5e891f92d5af6417d84e0c7
0c190d3de24965454874b48dbd7f8a521242ead3
033fb09097d9684f773bc4f14ff26ae6b6d73535200148ca09e24c66a31f1e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ee6ca-d1ab-48ac-994e-01c246d9532d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 35f96f65-09e5-4adb-8791-b29f9c91d5d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bLk91ED_IAMF3lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6367b525-69f7c0123cfca4387989cd09;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 13:22:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UNz9EQvLS-thHpxh52Ap5fm3PKg00btXkrkGOmXc9zSMaqpfYubKHw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 03:21:30 GMT
age: 73117
etag: "0c190d3de24965454874b48dbd7f8a521242ead3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90fb2375-b31d-4383-99b0-d1eb98b6950c.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90fb2375-b31d-4383-99b0-d1eb98b6950c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d69309818ae2e0fee77135165b5e634
dcae7a9a9e51458dc08c6d60c6528ea5e686a17d
9f9a0bebef380c7971dd47c6fec71c1a7c48d483165d15b3e012316de267529c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90fb2375-b31d-4383-99b0-d1eb98b6950c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10876
x-amzn-requestid: 28392857-2df7-48c9-990d-bd75c1c9c2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bXSrpH-kIAMF6pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c64b0-47908a656ade0308317372e6;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 02:40:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oZW379FNavGyrKZgoEkYYV5T6GxOhvUiid9U4bzwOxKzC6ociJtjJA==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 06:31:02 GMT
age: 61745
etag: "dcae7a9a9e51458dc08c6d60c6528ea5e686a17d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uHlIN1IVGCFUVl5lx5pFSux0YncseT2HQjiwFDL9eaEaBa9CdnCl8g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 09:09:40 GMT
age: 52227
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13f7b6eea163326da8c58ae5c09efccd
e0d1ebb35a16c686eae3d31eb85ac72278459b05
13f2f428acb7806808d957a8167ab2c139a5d0f59798671465717f2b39b914a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8581
x-amzn-requestid: 385174fe-153f-448f-be5e-9ea3b5757ff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u1EYOIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-6084a34f58df22037275e676;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xSnHWpFlXeyf08gYjPn02H88Hta9fhiDjDOukoKtt6PPVBl_gNTfgw==
via: 1.1 dfc972676b24a6d23251d4f298dfa08c.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
age: 6791
etag: "e0d1ebb35a16c686eae3d31eb85ac72278459b05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716a5539-d601-4b6f-a433-3319835fec35.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716a5539-d601-4b6f-a433-3319835fec35.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2981d35cad86d541a040f29d7ba0cd9
9284c2c09cf1ca167b159a892b0e30c7bd2bd4bf
deb765293cb10b3ed1fa1b490c4687770779a1a8b75bcb3b3142fa4debe41d4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716a5539-d601-4b6f-a433-3319835fec35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7486
x-amzn-requestid: ab900167-5e07-4793-944f-c7da1ab11421
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a28jEGIZoAMFeGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f7479-3a7691e37995895a746fed83;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 07:08:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qHaXJa7kgDGttIo35sthDmLtGbcy5YRElho05EOE5MZwUsd4TPNvJw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:47:33 GMT
age: 6754
etag: "9284c2c09cf1ca167b159a892b0e30c7bd2bd4bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff6e953b-c2b6-4feb-b47b-bdaf7a9bb2f5.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff6e953b-c2b6-4feb-b47b-bdaf7a9bb2f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0365609d631ae42c9a141f22466b6928
b46c04b251170e93547d32d874e78b1daaec3504
52d84fdc7b47e64830292eebfedbb6b600f079d5be49209dd870c75a8c239c36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff6e953b-c2b6-4feb-b47b-bdaf7a9bb2f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7271
x-amzn-requestid: beeef56d-0be3-43aa-b0a6-abd222cf9131
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bUDz7EGfoAMF2XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636b19b2-1347ac8966ac6b8f5ca4fa76;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 03:08:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1yRMbqwORggycBsFW4u_ajIUBrX3UYCUv3hvfzEJMmQsH39-2oWZtw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 13:52:48 GMT
age: 35239
etag: "b46c04b251170e93547d32d874e78b1daaec3504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gaminghelper.co/img/cf/Spain.png
200 OK 1.4 kB URL HTTP/1.1 gaminghelper.co/img/cf/Spain.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b4684a24835b94ae1550ab478916e78
c84b6e0ce342ecdd2f789b4f092e2139e859091b
536e878615b908a0a15838096aaaffdadf7c079c73cdee4457bc964001b12428
GET /img/cf/Spain.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Cookie: username1Cookie=Andrew; username2Cookie=Adelia Conti; username3Cookie=Calvin; comment1Cookie=wow. this generator is incredible thank you! thanks a lot dude!!!! WORKS like a charm!!! now i dont need to buy Cash! thanks a lot . :D; comment2Cookie=this website is giving some real stuff . thanks . =D; comment3Cookie=Wow!; _pk_id.1.166e=ab7af89cb4b55f9c.1668123602.; _pk_ses.1.166e=1; HstCfa4515739=1668123601965; HstCla4515739=1668123601965; HstCmu4515739=1668123601965; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=173902; timePosted22Cookie=154405; timePosted33Cookie=70849
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:06 GMT
Content-Type: image/png
Content-Length: 1413
Last-Modified: Fri, 03 Sep 2021 06:33:03 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c19f-585"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/cf/Georgia.png
200 OK 1.5 kB URL HTTP/1.1 gaminghelper.co/img/cf/Georgia.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 5eb68f589d8843e14c064340666d5dc9
ed7a4b513439b28fd3680d9a9a290aedb940fd6f
e2ac376415e7796a7a2a6d74ed15ed2c6909e175554aeb2954b36b0c598952fe
GET /img/cf/Georgia.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Cookie: username1Cookie=Andrew; username2Cookie=Adelia Conti; username3Cookie=Calvin; comment1Cookie=wow. this generator is incredible thank you! thanks a lot dude!!!! WORKS like a charm!!! now i dont need to buy Cash! thanks a lot . :D; comment2Cookie=this website is giving some real stuff . thanks . =D; comment3Cookie=Wow!; _pk_id.1.166e=ab7af89cb4b55f9c.1668123602.; _pk_ses.1.166e=1; HstCfa4515739=1668123601965; HstCla4515739=1668123601965; HstCmu4515739=1668123601965; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=176902; timePosted22Cookie=157405; timePosted33Cookie=73849
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:09 GMT
Content-Type: image/png
Content-Length: 1473
Last-Modified: Fri, 03 Sep 2021 06:32:23 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c177-5c1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/cf/Japan.png
200 OK 1.5 kB URL HTTP/1.1 gaminghelper.co/img/cf/Japan.png
IP
ASN #199968 Iws Networks LLC
File type PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash af2377f2029a3632bc294262b9a5cf40
1345b37e2bf15df531667b5a3a4a47f1b7e48041
814727b089f6a00452bf96d0a81e6dfa0937bfe4506bea6de89d579e609b07fe
GET /img/cf/Japan.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-uc-price-in-nepal-game-hack
Cookie: username1Cookie=Andrew; username2Cookie=Adelia Conti; username3Cookie=Calvin; comment1Cookie=wow. this generator is incredible thank you! thanks a lot dude!!!! WORKS like a charm!!! now i dont need to buy Cash! thanks a lot . :D; comment2Cookie=this website is giving some real stuff . thanks . =D; comment3Cookie=Wow!; _pk_id.1.166e=ab7af89cb4b55f9c.1668123602.; _pk_ses.1.166e=1; HstCfa4515739=1668123601965; HstCla4515739=1668123601965; HstCmu4515739=1668123601965; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=177902; timePosted22Cookie=158405; timePosted33Cookie=74849
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 23:40:10 GMT
Content-Type: image/png
Content-Length: 1521
Last-Modified: Fri, 03 Sep 2021 06:32:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c17f-5f1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
downloadlocked.com/cl/js/114v1
200 OK 0 B URL HTTP/2 downloadlocked.com/cl/js/114v1
IP
GET /cl/js/114v1 HTTP/1.1
Host: downloadlocked.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 23:40:05 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: none
set-cookie: XSRF-TOKEN=eyJpdiI6IkdCNlFYRjNTK1p2OFpNMzBTTmJQM0E9PSIsInZhbHVlIjoiRWZUZjh0WU1sc0ZZREliRlpTaXRHdE5aTVB6cEVaWmwwa2pianE1WUhta2VoN3FyMy9PYXR6UEdTVDgwQ1NXUHpMSXdLK0lRQjMvekdoZElrTFlxYlFHbFowY2J1TGpBWS9iRmVnYmthZXhMS1h2bnVBZnhrR0pUWFRuaStmYmUiLCJtYWMiOiI5NDI2MjNlYTIyOTMxNzc2MGZjM2M3YmVjNTc3ZTk0MWFhMTczNjRhZGU1MTAxN2QzMDM4ZjkyZjU0ZjZjODE2IiwidGFnIjoiIn0%3D; expires=Fri, 11 Nov 2022 19:40:05 GMT; Max-Age=72000; path=/; secure; samesite=none
ogads_session=eyJpdiI6IkprZkxpNWpmSVptRHRUUi9QTkpJbkE9PSIsInZhbHVlIjoiQ3dCZ1RCRXlrQVkzMXFwU0VKSFJodGQ0dE4vY2hWK21zTEkwMDNEcmpzeWphbXk4WHVwV3FwUU0wQUJkVjg0dmx6d0ZmL2QyUFlNdXZSWG5MVHV6cCtSUDRNbnk5SEVyNkoxbE9tTGFlYXBQV0M2Q3ExRklCaXJybmptenVhTGwiLCJtYWMiOiI4ZjQ4MTczOGYzNDZkNDQ5NDZkZjc1ODg1ZDExNTdjNGZkZTUxODkxYzMyNDY0MTNlYzM0YjAyYTU3NTIzNzMwIiwidGFnIjoiIn0%3D; expires=Fri, 11 Nov 2022 19:40:05 GMT; Max-Age=72000; path=/; secure; httponly; samesite=none
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: DENY, nosniff
X-Firefox-Spdy: h2
91.223.82.61
34.160.144.191
104.18.10.207
46.105.201.240
192.99.0.58
23.36.76.226
93.184.220.29