Report - gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack

Report Overview

Submitted URL
gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
IP
91.223.82.61
ASN
#199968 Iws Networks LLC
Submitted
2022-12-11 13:59:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
96

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
i0.wp.com	3021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	1.2 kB	192.0.77.2
translate.googleapis.com	1005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	4.6 kB	142.250.74.170
s4.histats.com	12782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	636 B	183 B	149.56.240.131
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	29 kB	216.58.211.14
downloadlocked.com	127304	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	1.3 kB	23.22.126.183
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	9.7 kB	23.36.76.226
is3-ssl.mzstatic.com	1658	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	540 B	13 kB	23.38.200.24
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	503 B	46 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	37 kB	34.120.237.76
gaminghelper.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	19 kB	269 kB	91.223.82.61
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.7 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	2.8 kB	142.250.74.106
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	7.7 kB	188.114.99.234
track.enigmacdn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	21 kB	91.223.82.61
s10.histats.com	15211	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	4.7 kB	46.105.201.240
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.228.207.167
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	53 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-10	medium	gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack	Tencent

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-11	medium	gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack	Phishing
2022-12-11	medium	gaminghelper.co/js/jquery.countTo.js	Phishing
2022-12-11	medium	gaminghelper.co/js/fancySelect.js	Phishing
2022-12-11	medium	gaminghelper.co/js/sweetalert2.min.js	Phishing
2022-12-11	medium	gaminghelper.co/js/validator.min.js	Phishing
2022-12-11	medium	gaminghelper.co/js/form-scripts.js	Phishing
2022-12-11	medium	gaminghelper.co/js/com.js	Phishing
2022-12-11	medium	gaminghelper.co/js/jquery.magnific-popup.min.js	Phishing
2022-12-11	medium	gaminghelper.co/js/sticky.js	Phishing
2022-12-11	medium	gaminghelper.co/js/main.js	Phishing
2022-12-11	medium	gaminghelper.co/fonts/bebasneue_bold-webfont.html	Phishing
2022-12-11	medium	gaminghelper.co/fonts/et-line.woff	Phishing
2022-12-11	medium	gaminghelper.co/fonts/bebasneue_regular-webfont.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed
2022-12-11	medium	gaminghelper.co	Sinkholed

JavaScript (20)

	URL	Size	First Seen	Last Seen
	gaminghelper.co/js/validator.min.js	6.1 kB	2023-03-07	2024-04-12
Pretty URL gaminghelper.co/js/validator.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-12 19:45:27 Times Seen915 Hash 81df0465f243a2e7b7b06b8ad6015173 996eb26bb4bdb44ed5257d048cedaf3ed0a6f90c c31a654938abf168fca328d9663ea83999b87ff36d18b016ea8aace1a9cb2cb1 Loading...

	gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack	134 B	2023-03-07	2024-04-18
Pretty URL gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-18 16:44:47 Times Seen300 Hash 75606a24bd728e5d7d7256fbb679bc26 7bfbb31c174ab2a6f4c68c9852c8444c075eab43 9932726d2c87611c904eb0b04d822e785cd73f693838aa2cae3fc90a7d8d7746 Loading...

	gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack	22 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:25 Last Seen2023-03-17 12:49:45 Times Seen1 Hash 167cb73014160a5576987ae1a5838743 58ac80542931297c0baa684c94a41ab888b95f6b 2f0200265d751b1eb5c0a125589588fc0473607fc5340024abf18f410adae814 Loading...

	gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack	536 B	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash e5b8ea1cfa205b2dac9f8a92205f59fa b128ca1db079d2e4c4b781ea52d16677b18a8f0d e511583166051fad920d844a259034a0186bc0287371ac576de4b33dfc1234ee Loading...

	track.enigmacdn.com/matomo.js	62 kB	2023-03-07	2024-03-21
Pretty URL track.enigmacdn.com/matomo.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-21 00:53:25 Times Seen62 Hash d11aac5ce224776b3bf4b7f3830b5715 3f839e5521a7c2bb935398532d88ed0db6d7ef82 06587cdfccdef20227d296641a33b1d477131b6873024164bcb9a31aa6343018 Loading...

	gaminghelper.co/js/fancySelect.js	6.8 kB	2023-03-07	2024-01-29
Pretty URL gaminghelper.co/js/fancySelect.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-01-29 12:40:14 Times Seen59 Hash c74159f77d12d9998d8c173e153b7999 5dd2266cf7eb14f2967be6691b7ff0e393cba733 be013828b8a66ccdbdc65234532cfd4a04a73c7778a42d7b0bf952278846f1a2 Loading...

	gaminghelper.co/js/main.js	41 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/js/main.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:45 Times Seen1 Hash bede286c34301eb26586b72e75e78b04 9532a06f8a2e823a3e9bf2aad3db9e9ac68fd350 3bcd8ddbc045a523b9ee81867e298a40d75a2a2ecc53d44257f2487c50bbe02c Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	77 kB	2023-03-09	2024-02-07
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:58:43 Last Seen2024-02-07 04:56:00 Times Seen1 Hash 4c6ca2dda516236c7f835c9256e14bac 537d9ae852e557bc3c35a41df28dd5d1957e8d56 b23fca69e861118e88b4d0c951e41714738fec6122dfd68c5730a385fec8a3eb Loading...

	downloadlocked.com/cl/js/114v1	2.8 kB	2023-03-07	2023-03-17
Pretty URL downloadlocked.com/cl/js/114v1 IP 23.22.126.183 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash 1f988d013c5e133555235469c0c92616 d8b81b2e5f125680c977a6e296580e55088db6a9 82989a0b0aa7050c358cdac4edcedada2e6f58f02861418bfa375dd92a037f00 Loading...

	gaminghelper.co/js/jquery.countTo.js	3.8 kB	2023-03-07	2024-04-05
Pretty URL gaminghelper.co/js/jquery.countTo.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-05 06:37:17 Times Seen457 Hash acad36d38da9f68c52bb074b2c478d0f 922c71c5699f9306a415a7a344be46d92e0fc4a1 00619814b3b256720a9ffd9408397d0ffe5559ff301d608eb66f585343fd83a2 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main	212 kB	2023-03-08	2023-12-02
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:09 Last Seen2023-12-02 15:44:19 Times Seen21 Hash 8bf322278cc4d5349d9f216543dad348 836605271acad0b93010bf2a97c2b4d2cdab6527 dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816 Loading...

	s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670767183908&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:154858676&@b3:1670767184&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-2021-uc-redeem-code-game-hack&@w	51 B	2023-03-09	2023-03-09
Pretty URL s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670767183908&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:154858676&@b3:1670767184&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-2021-uc-redeem-code-game-hack&@w IP 149.56.240.131 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:03:38 Last Seen2023-03-09 03:03:38 Times Seen1 Hash f376e8a4a5615746d348780a6533d201 0d7aac3464ff676f6759344e560777edf92bd5ff e47c7b74b655954cc3a2add72c224af895d85f4cc8de924f5a078ae42240742c Loading...

	gaminghelper.co/js/com.js	18 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/js/com.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash 25da4b390ac3c74f08d94136ab818c4f 9f958878fd1eebaa29814ad9fb2ef2b0e64850ca 7c8c1910127d6819826ff82fadaa97c734c68e7b1dca436ab0e52ada016940cc Loading...

	gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack	424 B	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 12:49:45 Times Seen1 Hash 78ba106660ccbf94e4396883aae7f529 ae295fb3fbe8c1306d8a3c268429d0360e82218b adf239ecfa137f53ba82a75fe82b26ed11768e184b8904d2f35655749ad5dd22 Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-03-25
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-25 09:24:29 Times Seen1978 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	gaminghelper.co/js/sweetalert2.min.js	20 kB	2023-03-07	2024-02-10
Pretty URL gaminghelper.co/js/sweetalert2.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-02-10 04:05:40 Times Seen448 Hash 0ad69b0e70b7da1bb8f8a96e9e6b5d9a 7d21a0c1f43d3edb47dd9e69b05243f3fcb53152 4051f26691def4eafcae32928be110c13d1819e544a12b0a9b95378bfaf9859b Loading...

	gaminghelper.co/js/jquery.magnific-popup.min.js	21 kB	2023-03-07	2024-04-21
Pretty URL gaminghelper.co/js/jquery.magnific-popup.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-21 06:57:07 Times Seen2399 Hash be3333626c57af03599abcb59b325e09 3824067348f6485d6b07d3a43660804e3731b21a ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 18:46:45 Times Seen37023669 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js	84 kB	2023-03-07	2024-04-22
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-22 00:00:59 Times Seen15650 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

	gaminghelper.co/js/form-scripts.js	1.5 kB	2023-03-07	2024-01-23
Pretty URL gaminghelper.co/js/form-scripts.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-01-23 15:52:36 Times Seen12 Hash 1ed21b81ae655c54943ed33ea9109c4a 0aa5bc09f55ef28b87dba9025094ec8b2a9ed8a0 135922615df355461155701925a7534d9e94c0d0433160ffa68c100ed9524e14 Loading...

HTTP Transactions (81)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
483074d8959fb1bb143f028fc3096e2a
52df1b72f1ae5a89b72ae46ab64da98c58f24afb
1837dc72fbc35c634a1194c68668a7a3127f640fec56b7eb746b3d9c26fa9c97

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1837DC72FBC35C634A1194C68668A7A3127F640FEC56B7EB746B3D9C26FA9C97"
Last-Modified: Sat, 10 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18812
Expires: Sun, 11 Dec 2022 19:13:16 GMT
Date: Sun, 11 Dec 2022 13:59:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13735
Expires: Sun, 11 Dec 2022 17:48:39 GMT
Date: Sun, 11 Dec 2022 13:59:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2659
Expires: Sun, 11 Dec 2022 14:44:03 GMT
Date: Sun, 11 Dec 2022 13:59:44 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 11 Dec 2022 13:33:33 GMT
content-type: application/json
age: 1571
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5562
Expires: Sun, 11 Dec 2022 15:32:26 GMT
Date: Sun, 11 Dec 2022 13:59:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uZ/7UQoy9IAc2cZqRNtFRaOaZqwXZ6wAxwhabet/Z/pKsy7kBtYgEA15oVwBfg8FcqEeWgvzdDU=
x-amz-request-id: WV0K0ZBGW4H74SVX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 11 Dec 2022 13:49:13 GMT
age: 631
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Size
20 kB (20224 bytes)
Hash
522a22adb5a3da271f5349b3706c850c
7197afa445715299f2e645fe080c5e02b53cf643
d61f21e06c8a3e32e1e92451497b3381810032efc48598a0e8c5bcdd4aea5595

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /app/1330123889/pubg-2021-uc-redeem-code-game-hack HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Dec 2022 13:59:44 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

gaminghelper.co/css/bootstrap.min.css

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/css/bootstrap.min.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (65371)
Size
20 kB (19597 bytes)
Hash
3f142cfc2d7123b31a1e696e0591f27a
834192dbadf2713cd2ff89f50d7ec2f1d4782e54
3421e2383a7c02f24509d2f1294d3099b658d0773f97706b87b832b0b770c0b6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:43 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-1d9bb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/animate.css

91.223.82.61

200 OK

4.0 kB

URL HTTP/1.1
gaminghelper.co/css/animate.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
4.0 kB (4026 bytes)
Hash
48bc9b81bca18c06ba937cbb880b4cb3
697313edfad185bcca5c7bde18da4a98f93e3adb
b30b4d8565f9af6c8d2cb3839aa09dbccd60ca1a766465d542debade38f45741

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:43 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-10cbc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
2cae2070bb9150b3133d0096cbc0d2ad
f213a505828354b57cc5334d8b9063045f1dc4f9
6194f5b1d16f6746bce736b1b4b37d35d7005751c73112569794cbd92f9d68e7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 784
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:44 GMT
Last-Modified: Sun, 11 Dec 2022 13:46:40 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

gaminghelper.co/css/sweetalert2.min.css

91.223.82.61

200 OK

2.7 kB

URL HTTP/1.1
gaminghelper.co/css/sweetalert2.min.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (13987), with no line terminators
Size
2.7 kB (2737 bytes)
Hash
1cfac88a4a8e1bc20b811757fb028b40
10427c064f703342d031411a3310e2a5ef2083bc
53976df2ad3ce0c0f2632bb620bbb02d930a5eb943298170e97189f029a0d70d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/sweetalert2.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c106-36a3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/jquery.countTo.js

91.223.82.61

200 OK

1.1 kB

URL HTTP/1.1
gaminghelper.co/js/jquery.countTo.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.1 kB (1125 bytes)
Hash
547f5246e091d19af521dee35588e468
4772f3c1e62865ccbbab04abd39e69510c8f5843
67880d8532d95db3e74b7da985ca2fe7c9d9660e3dd125202cebcda96a2007e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.countTo.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b3-eb1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/magnific-popup.css

91.223.82.61

200 OK

2.0 kB

URL HTTP/1.1
gaminghelper.co/css/magnific-popup.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
2.0 kB (1994 bytes)
Hash
c0275239cb960b014d780d8105b44d72
8db83ac790988232549a3740ecf04fc199da1ce8
211b79363793093a7a2f1d342768844e938e88156b62293093185a6500ead1cf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/magnific-popup.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-1f0a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/fancySelect.css

91.223.82.61

200 OK

1.0 kB

URL HTTP/1.1
gaminghelper.co/css/fancySelect.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.0 kB (1023 bytes)
Hash
458a1a06f282aa4c457a8b613d6a38e6
b524e1cb32722230e18bc85f414b9a10e43a7e2d
3f41176d4616a36f4325865bb3c0ea652f3616dec60b31bd923df91f600506b2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/fancySelect.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-109d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/style.css

91.223.82.61

200 OK

8.5 kB

URL HTTP/1.1
gaminghelper.co/css/style.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (1512)
Size
8.5 kB (8520 bytes)
Hash
4d36bdeba8bb00f4ee280771fddfa689
8dfbed7251f5bb010d5fe8f64e0d60abc3e9fd54
08bb84420272831b8755bc5bd2858bf8a486006a9367b670d826ee516262a2c8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c106-bd7b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/fancySelect.js

91.223.82.61

200 OK

1.7 kB

URL HTTP/1.1
gaminghelper.co/js/fancySelect.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.7 kB (1661 bytes)
Hash
a60791b5b353371813114e815d946494
69d1f371b0ed899641e640b2649c0914302812bd
5d19375a0386f8ea11115e3145c61105cfa1daca00d15ad54b49c84967f518d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/fancySelect.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-1a7a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/sweetalert2.min.js

91.223.82.61

200 OK

6.5 kB

URL HTTP/1.1
gaminghelper.co/js/sweetalert2.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (20305), with no line terminators
Size
6.5 kB (6538 bytes)
Hash
b238ef007e57c4c8f9447cba68fdb3a2
2d4ca455aca3fcd8ee7ac2e2883cfa89c87bd532
aeafa1e7bb6a973eac2b4f5462844b1c2d64d53eb2e09e75f265e646320f7080

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/sweetalert2.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-4f51"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/validator.min.js

91.223.82.61

200 OK

2.1 kB

URL HTTP/1.1
gaminghelper.co/js/validator.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (5862)
Size
2.1 kB (2094 bytes)
Hash
1ab13fa2eeca5d16de99a1cad839416c
0d0a95bd88d04b02d89e1162dd3ebb20b5543dd8
56b8d7fb44f86809b49d416022455ac170fb0b79d1ab4b6e5192a046e660f667

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/validator.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-17a7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/form-scripts.js

91.223.82.61

200 OK

609 B

URL HTTP/1.1
gaminghelper.co/js/form-scripts.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
609 B (609 bytes)
Hash
4fb85eb3b2f0dd8b8f5953c58236da3e
1c9f6c7a15a3248147e056672ffbf4fdbaed6718
3dd0f5e5567c73519dc3eeb98ba6fef9d2b2982af24544ba3d7bbc684d6bae6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/form-scripts.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-5bd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/com.js

91.223.82.61

200 OK

3.3 kB

URL HTTP/1.1
gaminghelper.co/js/com.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
C source, Unicode text, UTF-8 text, with very long lines (2456)
Size
3.3 kB (3265 bytes)
Hash
ecf323c878106fa274f5e9f3b3a82437
86b15826e8a83c81da7ef264dd8e3ff59ef5c1bf
28babf5e232e3dc0985bab21a28eea25b17bc078bafc92a6ba049eefb1e45720

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/com.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-461a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/js/jquery.magnific-popup.min.js

91.223.82.61

200 OK

7.7 kB

URL HTTP/1.1
gaminghelper.co/js/jquery.magnific-popup.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (21014)
Size
7.7 kB (7685 bytes)
Hash
12a9a563724e70a895de0fbd5f7b4ee5
a14c616f532deb9ca2d5fa0de6124d47ea60ab57
f2e1cd5f2953925591288bd1cc3f167bbd392497476119083458e33e9ab87079

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b6-5297"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/sticky.js

91.223.82.61

200 OK

0 B

URL HTTP/1.1
gaminghelper.co/js/sticky.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/sticky.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: application/javascript
Content-Length: 0
Last-Modified: Fri, 03 Sep 2021 06:33:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c1b8-0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7064f6619ec94ac742915441ddf9be63
07864ef6316dfb3bfd38d602d2c38d237da8e61e
501f0b2261360de41668fde33f0518321c9335d5e1eab0f4a1014f75e061cca1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
2cae2070bb9150b3133d0096cbc0d2ad
f213a505828354b57cc5334d8b9063045f1dc4f9
6194f5b1d16f6746bce736b1b4b37d35d7005751c73112569794cbd92f9d68e7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 784
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:44 GMT
Last-Modified: Sun, 11 Dec 2022 13:46:40 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

gaminghelper.co/js/main.js

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/js/main.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (16162)
Size
15 kB (15195 bytes)
Hash
562dc83f2f14b713905fe69a0994e11d
43cd616f9ea8c8c1eb0edccd54a29e2490fcf90a
745ecf708bc71ba73f7071b8a35c3f639ec7f3e05ceb826458a1b6a8fb4fe782

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/main.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b7-a08b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
05c9eb83bd7efc4e9dbe95f60cb45caf
30608c1d8d5fcf3178eaf62118dbc277e0335a88
1dd03d4e49eea1c1fefd81854ac0251e9b2ed2bb07f411c58bd4fff07acf7eb2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DD03D4E49EEA1C1FEFD81854AC0251E9B2ED2BB07F411C58BD4FFF07ACF7EB2"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6407
Expires: Sun, 11 Dec 2022 15:46:31 GMT
Date: Sun, 11 Dec 2022 13:59:44 GMT
Connection: keep-alive

ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js

142.250.74.106

200 OK

52 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (563)
Size
52 kB (51711 bytes)
Hash
d3908721b39ebbeffaf1c917bbda06e8
0f9b6c6bdad9cfc057f3e85f52cc417370959fb9
4ae100977cea8b9965e5d231f3ae655783b4f163c56ee703953aff937525ed37

HTTP Headers

GET /ajax/libs/jqueryui/1.8.13/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 51711
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 04:05:42 GMT
expires: Tue, 05 Dec 2023 04:05:42 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 554042
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7064f6619ec94ac742915441ddf9be63
07864ef6316dfb3bfd38d602d2c38d237da8e61e
501f0b2261360de41668fde33f0518321c9335d5e1eab0f4a1014f75e061cca1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ed7907a166fd6c7a92dccb86a3c9a139
dc441721ffda9224db17cdbdc1c262d21adb93fb
32d16e08caf65d54d2f9aa01191ef9d4b2c56a8f3ab3a9b9d42c3691d5b6a1f1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5568
Cache-Control: max-age=101799
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:44 GMT
Etag: "6394b737-1d7"
Expires: Mon, 12 Dec 2022 18:16:23 GMT
Last-Modified: Sat, 10 Dec 2022 16:43:35 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

is3-ssl.mzstatic.com/image/thumb/Purple122/v4/fe/f4/d9/fef4d9cb-8982-7df3-5e32-8e739cd9bb9d/AppIcon-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-8.png/150x150bb.jpg

23.38.200.24

200 OK

12 kB

URL HTTP/2
is3-ssl.mzstatic.com/image/thumb/Purple122/v4/fe/f4/d9/fef4d9cb-8982-7df3-5e32-8e739cd9bb9d/AppIcon-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-8.png/150x150bb.jpg
IP
23.38.200.24:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 150x150, components 3\012- data
Size
12 kB (12072 bytes)
Hash
d04e1a439a4c608e95c7c7abbef2d2d9
696197deeceb113114269ca683f61c4112af3656
8ec6e2a4f85bd90fc1262f28db4c81378afe66d2209987f3f2e42654e88e94bd

HTTP Headers

GET /image/thumb/Purple122/v4/fe/f4/d9/fef4d9cb-8982-7df3-5e32-8e739cd9bb9d/AppIcon-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-8.png/150x150bb.jpg HTTP/1.1
Host: is3-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/jpeg
content-length: 12072
x-apple-jingle-correlation-key: BJQQ6546FAR5DTAKRUS33NWOPA
x-apple-request-uuid: 0a610f77-9e28-23d1-cc0a-8d25bdb6ce78
b3: 0a610f779e2823d1cc0a8d25bdb6ce78-f21dfc07c65d9cf4
x-b3-spanid: f21dfc07c65d9cf4
x-b3-parentspanid: 1dfa0c1cbc2b69a8
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Thu, 17 Nov 2022 01:47:12 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjY4NjQ5NjMyNDA2LGlzQnVpbGRWZXJzaW9uTm90U2V0LDc2YWFjMGYwLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
x-b3-traceid: 81236f67caff38d6
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22RELEASE148:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: 554c5fe5-493d-428f-a3fb-c9289cbb2515-4533346289
cache-control: no-transform, max-age=13257661
date: Sun, 11 Dec 2022 13:59:44 GMT
x-cache: TCP_MEM_HIT from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
X-Firefox-Spdy: h2

gaminghelper.co/img/coins2.png

91.223.82.61

200 OK

2.1 kB

URL HTTP/1.1
gaminghelper.co/img/coins2.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 31 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2061 bytes)
Hash
de49d679ea1686fa64881f10c0062904
b807f2d9ebb16f59714747732cdcd6944f43c8fe
be338b834d7a7c5b29dbe49c41f50dd84c58f29f651834f46cce86c0fb74ef40

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/coins2.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: image/png
Content-Length: 2061
Last-Modified: Fri, 03 Sep 2021 06:31:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c134-80d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/nbacash2.png

91.223.82.61

200 OK

2.3 kB

URL HTTP/1.1
gaminghelper.co/img/nbacash2.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2338 bytes)
Hash
65716506074de00f1059977305013999
6cfae93ba1f8691d07a629a76d12c78173155b46
55fd8d4b5137df77e5c67c4d83ec123a8db2887cf3b58229e07b45568e091829

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/nbacash2.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: image/png
Content-Length: 2338
Last-Modified: Fri, 03 Sep 2021 06:31:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c146-922"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/main-bg.jpg

91.223.82.61

200 OK

9.4 kB

URL HTTP/1.1
gaminghelper.co/img/main-bg.jpg
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
9.4 kB (9365 bytes)
Hash
d93b1723b2a2723d48696c5a6cae3b7e
6f69bdc7079dd114f6fc816c5098f80b58c7b794
efbff382982bb66a918e5412741a23a309c6f4ca4e9820e65e67f659767765d6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/main-bg.jpg HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: image/jpeg
Content-Length: 9365
Last-Modified: Fri, 03 Sep 2021 06:31:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c143-2495"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

i0.wp.com/enigmanetwork.net/dmca.png

192.0.77.2

200 OK

668 B

URL HTTP/2
i0.wp.com/enigmanetwork.net/dmca.png
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
668 B (668 bytes)
Hash
fa302d465f15a34e8264bc761a6902aa
2c73911e3cfcf82860d1d59a0ccd2625ae98fffb
0cbddd5e01b49d35d16b15fc54a481a17a0f2803c2da6807800428139dd50f7f

HTTP Headers

GET /enigmanetwork.net/dmca.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Dec 2022 13:59:44 GMT
content-type: image/webp
content-length: 668
last-modified: Thu, 04 Aug 2022 17:20:08 GMT
expires: Sun, 04 Aug 2024 05:20:08 GMT
cache-control: public, max-age=63115200
link: <http://enigmanetwork.net/dmca.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a264775a6858f15f"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

gaminghelper.co/img/pr-r.png

91.223.82.61

200 OK

11 kB

URL HTTP/1.1
gaminghelper.co/img/pr-r.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11003 bytes)
Hash
284e10ee335890399e8f772c430570a9
188bf895905cee7d579aad2b6b5cdf795741f9cd
e88b54e0aa65055cb25657c0ed283b4d768a79770980c27f424886a48fa046ef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/pr-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: image/png
Content-Length: 11003
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-2afb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/pr-l.png

91.223.82.61

200 OK

7.5 kB

URL HTTP/1.1
gaminghelper.co/img/pr-l.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Size
7.5 kB (7453 bytes)
Hash
91d0b1f8f5b7685478ff0d1f461fa658
7e457376b687add741a5d6cea2713dc4ef37efbc
37e1b903b1a3b99f70dd9b463948bbaed162d7f3cc957dbc5084f0c523b9ec0d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/pr-l.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: image/png
Content-Length: 7453
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-1d1d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Open+Sans:300,400,700

142.250.74.106

200 OK

2.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
2.1 kB (2089 bytes)
Hash
537d808153490cf938474e4f9c98b070
5e6ebae85f9c97f7202aad41d8186df59f64c257
256ad8cdef4c69d4fa9fd8b092f72c5e161255ba283b060d7dac1d8beec5dc29

HTTP Headers

GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Dec 2022 13:59:44 GMT
date: Sun, 11 Dec 2022 13:59:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gaminghelper.co/img/panel-overlay.png

91.223.82.61

200 OK

3.1 kB

URL HTTP/1.1
gaminghelper.co/img/panel-overlay.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data
Size
3.1 kB (3116 bytes)
Hash
2b026d93f79b384005e4252c80701791
87804a0d83d2e745b31526c8b60d026abecbe73a
b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/panel-overlay.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: image/png
Content-Length: 3116
Last-Modified: Fri, 03 Sep 2021 06:31:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c146-c2c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/smallbtnbg-r.png

91.223.82.61

200 OK

1.4 kB

URL HTTP/1.1
gaminghelper.co/img/smallbtnbg-r.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1393 bytes)
Hash
bdfffd47e30bf7d045d45f0125a33164
5834aea23f79a1ddccea3825bd51249307435c5f
0f61dff49d41fddbcc21de3dd4f1a62006f366083361d725bfd92ccf87212067

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/smallbtnbg-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: image/png
Content-Length: 1393
Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c154-571"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

188.114.99.234

200 OK

6.8 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
188.114.99.234:0
ASN
#0

File type
ASCII text, with very long lines (27303)
Size
6.8 kB (6839 bytes)
Hash
567cfe01ece2fd12dbfa121a2c4dd82c
40bebdc6bb238a42ec0391d7e0da7715b630195e
3579b0959999dba0a88e7d6989dbdb94de59a726908003ed76f628e7c016d2b6

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Dec 2022 13:59:44 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 16211432
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 777ebe1839cbb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 11 Dec 2022 13:33:16 GMT
age: 1589
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

gaminghelper.co/img/btn-img.png

91.223.82.61

200 OK

1.3 kB

URL HTTP/1.1
gaminghelper.co/img/btn-img.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 150 x 100, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1335 bytes)
Hash
817cb08a965fe5bf8debba11091e94c0
214d58c18bcbcfebd1606554929e9bc5f65755c6
e7e359cb00b793c60c192fb1dbffa401806d99267e9b55d8bc9ce3c8260568ae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/btn-img.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: image/png
Content-Length: 1335
Last-Modified: Fri, 03 Sep 2021 06:31:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c131-537"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/fonts/bebasneue_bold-webfont.html

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/fonts/bebasneue_bold-webfont.html
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format (Version 2), TrueType, length 15216, version 1.197\012- data
Size
15 kB (15216 bytes)
Hash
772fc6a0795e2498a1715526dd95ac22
d410a8da10385a0ef11a74e69644493b99315fc3
13c03e5c6b49e447770ba4d0aee22d4aedbeed87e94f54fdcaf990934c109830

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/bebasneue_bold-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: text/html
Content-Length: 15216
Last-Modified: Fri, 03 Sep 2021 06:30:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c118-3b70"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/fonts/et-line.woff

91.223.82.61

200 OK

55 kB

URL HTTP/1.1
gaminghelper.co/fonts/et-line.woff
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format, CFF, length 55220, version 1.0\012- data
Size
55 kB (55220 bytes)
Hash
b01ff252761958325faab1535c90c87f
d33413e7bc42acc8837cc9030ca45d29c1ccf0c6
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/et-line.woff HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: font/woff
Content-Length: 55220
Last-Modified: Fri, 03 Sep 2021 06:30:56 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c120-d7b4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 500824
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gaminghelper.co/fonts/bebasneue_regular-webfont.html

91.223.82.61

200 OK

16 kB

URL HTTP/1.1
gaminghelper.co/fonts/bebasneue_regular-webfont.html
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data
Size
16 kB (15948 bytes)
Hash
af83f1b88fb4654673e9c841bd22a8c7
61e5a340ea87431211d732024f2703dca5b80cbc
bee0bcc11701aea746fd8b734379ba5e003a034460bfd71d88dc364b4d939be6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/bebasneue_regular-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: text/html
Content-Length: 15948
Last-Modified: Fri, 03 Sep 2021 06:30:51 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c11b-3e4c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.170

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18670)
Size
3.6 kB (3619 bytes)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Dec 2022 13:59:44 GMT
expires: Sun, 11 Dec 2022 14:59:44 GMT
cache-control: public, max-age=3600
age: 1
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/img/cf/Grecee.png

91.223.82.61

200 OK

1.3 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Grecee.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1257 bytes)
Hash
d19290ba3158e138bb241ae669a3bc37
f9c89926e6d6b741ab9662f5a559c79a7d5e8304
54fc9fef0da8843d76e1dbd2a0e523200d54a74b649f2ae18aa132a29e590f56

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Grecee.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Ermes; username3Cookie=Calvin; comment1Cookie=thanks . :D; comment2Cookie=i wonder why this wasn’t on the news. this is stunning tool! .. :) this generator is incredible! :D; comment3Cookie=Thanks for this dude… at first i thought this is some shit again.. thanks a lot!   awesome man! you should sell this method.. =3 this website is giving some real stuff ..
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: image/png
Content-Length: 1257
Last-Modified: Fri, 03 Sep 2021 06:32:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c178-4e9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/close.png

91.223.82.61

200 OK

4.9 kB

URL HTTP/1.1
gaminghelper.co/close.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4878 bytes)
Hash
fb5d414fccc35f19fde0f30a8c98139b
4b4a030923039e56efdad2c2d97f0a74d2c74657
a967335d601fb662b5723f1181b3d07f25811d2ca26131598c48482b9935217b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /close.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Ermes; username3Cookie=Calvin; comment1Cookie=thanks . :D; comment2Cookie=i wonder why this wasn’t on the news. this is stunning tool! .. :) this generator is incredible! :D; comment3Cookie=Thanks for this dude… at first i thought this is some shit again.. thanks a lot!   awesome man! you should sell this method.. =3 this website is giving some real stuff ..
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: image/png
Content-Length: 4878
Last-Modified: Fri, 03 Sep 2021 06:30:21 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c0fd-130e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7749c0bf35d294edac7f11a31cafcc87
d11025891bdafd7b298d6f7945da798efeb0d66a
96b6e945d16e40268dac987dcdd30c6f8c3fb5c368a5172c4aae2798dc75716b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96B6E945D16E40268DAC987DCDD30C6F8C3FB5C368A5172C4AAE2798DC75716B"
Last-Modified: Sat, 10 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18812
Expires: Sun, 11 Dec 2022 19:13:17 GMT
Date: Sun, 11 Dec 2022 13:59:45 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e12bb655426d080117693ba116f398cf
8fe1f7f8d0b191baed2decba3523656da97077f5
2c25ba0d1c806de98d5489934acd8e2f17487e4f7e40c7f0d39094ce49f91b8d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1629
Cache-Control: max-age=156860
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 13:59:45 GMT
Etag: "63959db0-1d7"
Expires: Tue, 13 Dec 2022 09:34:05 GMT
Last-Modified: Sun, 11 Dec 2022 09:06:56 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

track.enigmacdn.com/matomo.js

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
track.enigmacdn.com/matomo.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (1404)
Size
20 kB (20210 bytes)
Hash
8cd72e4f9c8225acdd40bf7dc2406e19
0cd39b8143536dfb54d1224e502ccc6567081204
f7a1fe5cff057b3d4c769d456085425932f39e43050ba4ff77fd9e0a66b57881

HTTP Headers

GET /matomo.js HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: application/javascript
Last-Modified: Wed, 26 May 2021 02:21:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"60adb0af-f330"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/app/1330123889/img/favicon-16x16.png

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/app/1330123889/img/favicon-16x16.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Size
20 kB (20224 bytes)
Hash
522a22adb5a3da271f5349b3706c850c
7197afa445715299f2e645fe080c5e02b53cf643
d61f21e06c8a3e32e1e92451497b3381810032efc48598a0e8c5bcdd4aea5595

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /app/1330123889/img/favicon-16x16.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Ermes; username3Cookie=Calvin; comment1Cookie=thanks . :D; comment2Cookie=i wonder why this wasn’t on the news. this is stunning tool! .. :) this generator is incredible! :D; comment3Cookie=Thanks for this dude… at first i thought this is some shit again.. thanks a lot!   awesome man! you should sell this method.. =3 this website is giving some real stuff ..
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2da865741e6e2a09b5698eae1cdb3ff
40911ac1e9efb14d6f007fc3f286740ed58974a3
a35e53b0a234bc0073c60157245bcac2e5f4f0bc0f08c57428b6a7e488e46f97

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A35E53B0A234BC0073C60157245BCAC2E5F4F0BC0F08C57428B6A7E488E46F97"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4664
Expires: Sun, 11 Dec 2022 15:17:29 GMT
Date: Sun, 11 Dec 2022 13:59:45 GMT
Connection: keep-alive

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Dec 2022 13:55:10 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 695468188
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.228.207.167

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.207.167:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lVODKJuhrBzvGKMUeFV8DQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: njUcMrtI0ghhdx4inWigaLWpDt0=

s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670767183908&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:154858676&@b3:1670767184&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-2021-uc-redeem-code-game-hack&@w

149.56.240.131

200 OK

51 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670767183908&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:154858676&@b3:1670767184&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-2021-uc-redeem-code-game-hack&@w
IP
149.56.240.131:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
f376e8a4a5615746d348780a6533d201
0d7aac3464ff676f6759344e560777edf92bd5ff
e47c7b74b655954cc3a2add72c224af895d85f4cc8de924f5a078ae42240742c

HTTP Headers

GET /stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670767183908&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:154858676&@b3:1670767184&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-2021-uc-redeem-code-game-hack&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 13:59:45 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close

track.enigmacdn.com/matomo.php?action_name=PUBG%20MOBILE%20Generator%20Online&idsite=1&rec=1&r=865985&h=13&m=59&s=43&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-2021-uc-redeem-code-game-hack&_id=1d53d3721d75c3d1&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=25mMBG&pf_net=365&pf_srv=53&pf_tfr=32&pf_dm1=614

91.223.82.61

204 No Response

0 B

URL HTTP/1.1
track.enigmacdn.com/matomo.php?action_name=PUBG%20MOBILE%20Generator%20Online&idsite=1&rec=1&r=865985&h=13&m=59&s=43&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-2021-uc-redeem-code-game-hack&_id=1d53d3721d75c3d1&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=25mMBG&pf_net=365&pf_srv=53&pf_tfr=32&pf_dm1=614
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=PUBG%20MOBILE%20Generator%20Online&idsite=1&rec=1&r=865985&h=13&m=59&s=43&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-2021-uc-redeem-code-game-hack&_id=1d53d3721d75c3d1&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=25mMBG&pf_net=365&pf_srv=53&pf_tfr=32&pf_dm1=614 HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Response
Server: nginx
Date: Sun, 11 Dec 2022 13:59:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/8.0.8RC1
Access-Control-Allow-Origin: https://gaminghelper.co
Access-Control-Allow-Credentials: true

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Sun, 11 Dec 2022 15:19:42 GMT
Date: Sun, 11 Dec 2022 13:59:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Sun, 11 Dec 2022 15:19:42 GMT
Date: Sun, 11 Dec 2022 13:59:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Sun, 11 Dec 2022 15:19:42 GMT
Date: Sun, 11 Dec 2022 13:59:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Sun, 11 Dec 2022 15:19:42 GMT
Date: Sun, 11 Dec 2022 13:59:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6850 bytes)
Hash
78068ece5c05e5936bfc1eac61c627f8
0c1118eaf153c16f6bcb731767b1237ee72a5541
9b7f84ec789ec853dc463e5839c63d8395e8921cc0599b8b7e694eebb1d22b9e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6850
x-amzn-requestid: a7a24880-17cf-4873-9da2-1cdedb1d351b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csWC5GsFIAMF_jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6a12-186b17d55261c18243dc0302;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:00:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sDsH55clVyWxDLGhhtm54gFyuNmot4rM-vu8Qm3ic4zNjiOpw_fnwA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:54:58 GMT
age: 57888
etag: "0c1118eaf153c16f6bcb731767b1237ee72a5541"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6311 bytes)
Hash
2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SG-8rL_rUN3MpXHhkAaHmIqKf7mSHtv0kEAkBOAIPcqq755Qh-mc3Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:52:26 GMT
age: 58040
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6442de2-4fd8-4da6-915e-0c84574e540c.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9783 bytes)
Hash
911ce18e0af5cc8e260ea1fe52545d36
b275849bb704505af83e87b121c21888948c0926
b7be399d579a8449b4e8472b76f1cf02b576589e9cf0b2991058085df20aaeec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6442de2-4fd8-4da6-915e-0c84574e540c.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9783
x-amzn-requestid: 17fb47d7-c1e1-4a38-902f-02ca87148280
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c7VqEGUXIAMFfSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63946973-777ee2d97f140b53639ade83;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 11:11:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P28-O5QdegjUdLR0HfC1E3XtcOxR3XK8RezT6yykfrPmNnPHb3dFMQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 23:06:33 GMT
age: 53593
etag: "b275849bb704505af83e87b121c21888948c0926"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4526 bytes)
Hash
f01260130a9ea66e994137a2ac221122
85e58c55619e2cc855ff9dc5861e70be682bb247
987e83bd21ee86ba8384e5b28ab4e5536fc17c290d2e34f31734358208b246c0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4526
x-amzn-requestid: 3b956935-0d79-4261-845f-df3684758cd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c83HuGTDIAMF77g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950564-759a4eec01b8fa2e6ced2fb1;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:17:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kLP-F0QfKozesNZrS45FZrA8rKMHThhBZab3ejTy-8tZO4twI-meww==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 13:02:28 GMT
age: 3438
etag: "85e58c55619e2cc855ff9dc5861e70be682bb247"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

216.58.211.14

200 OK

28 kB

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type
data
Size
28 kB (27935 bytes)
Hash
2f5890a2cdccc7915dfa7a233dec7944
22c0fb9d241d4d5b31062622cae3b1c377b4dcd8
27abfbc6a0b11b1c2fbb3ebbb8c3a45db4f091085167d4ebb70bc6dfc1757a34

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Dec 2022 13:59:44 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+424; expires=Tue, 10-Dec-2024 13:59:44 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa890f071-ec5c-4223-9724-f63b2c9a73f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.6 kB (4565 bytes)
Hash
afb336b3180aa4e95a887d41561bf2b6
f26da3ddd126b938bf330e9f1a0f4adfd991fb99
d540eea94d006728d68801a8914490e636fc96ec104fe5bdfa0833aa51e3488f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa890f071-ec5c-4223-9724-f63b2c9a73f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4565
x-amzn-requestid: cf7eba9f-35f6-456e-b4ea-1d667a006291
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZgeHeuIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2cf-58c886a627064bb4346cbd3f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P-x8SX5tC03rmpXqfIdOXJWc06Jg_Kd7ve955Z0P8eMwct_beLDXOQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 03:14:05 GMT
age: 38741
etag: "f26da3ddd126b938bf330e9f1a0f4adfd991fb99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gaminghelper.co/img/cf/Czech-Republic.png

91.223.82.61

200 OK

1.7 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Czech-Republic.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1716 bytes)
Hash
a42f43abb39ae89c6d8fc4e32d82c9db
bd6199e8baf1886592d04b85d35e9455e6bb20fd
3fb0821137e44562ed77147e2da4137738c64120a859438baea07c8e71b2da98

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Czech-Republic.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Ermes; username3Cookie=Calvin; comment1Cookie=thanks . :D; comment2Cookie=i wonder why this wasn’t on the news. this is stunning tool! .. :) this generator is incredible! :D; comment3Cookie=Thanks for this dude… at first i thought this is some shit again.. thanks a lot!   awesome man! you should sell this method.. =3 this website is giving some real stuff ..; _pk_id.1.166e=1d53d3721d75c3d1.1670767184.; _pk_ses.1.166e=1; HstCfa4515739=1670767183908; HstCla4515739=1670767183908; HstCmu4515739=1670767183908; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=136581; timePosted22Cookie=128278; timePosted33Cookie=87121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:47 GMT
Content-Type: image/png
Content-Length: 1716
Last-Modified: Fri, 03 Sep 2021 06:32:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c170-6b4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Korea,-South.png

91.223.82.61

200 OK

3.3 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Korea,-South.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3275 bytes)
Hash
41f0f3705aa596b0f6962ea9399ee6dd
3d4aad8fa66a3efb9caf8be47c4b4377d261ad8c
fa548cf60443c67ada1a3189f294b1192d6cebabbfe9e6c50d9dcae4926a1457

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Korea,-South.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Ermes; username3Cookie=Calvin; comment1Cookie=thanks . :D; comment2Cookie=i wonder why this wasn’t on the news. this is stunning tool! .. :) this generator is incredible! :D; comment3Cookie=Thanks for this dude… at first i thought this is some shit again.. thanks a lot!   awesome man! you should sell this method.. =3 this website is giving some real stuff ..; _pk_id.1.166e=1d53d3721d75c3d1.1670767184.; _pk_ses.1.166e=1; HstCfa4515739=1670767183908; HstCla4515739=1670767183908; HstCmu4515739=1670767183908; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=139581; timePosted22Cookie=131278; timePosted33Cookie=90121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:49 GMT
Content-Type: image/png
Content-Length: 3275
Last-Modified: Fri, 03 Sep 2021 06:32:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c182-ccb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Saudi-Arabia.png

91.223.82.61

200 OK

3.8 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Saudi-Arabia.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3804 bytes)
Hash
17442b5aeae873f02f4315e68bb9168b
75f7252104d1c0480c6e8389a48dfba3cb2109a6
3a5caead074a7965008d5b701f9c8fb67d5e1b64e27b15fb8172db05504f7f40

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Saudi-Arabia.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Ermes; username3Cookie=Calvin; comment1Cookie=thanks . :D; comment2Cookie=i wonder why this wasn’t on the news. this is stunning tool! .. :) this generator is incredible! :D; comment3Cookie=Thanks for this dude… at first i thought this is some shit again.. thanks a lot!   awesome man! you should sell this method.. =3 this website is giving some real stuff ..; _pk_id.1.166e=1d53d3721d75c3d1.1670767184.; _pk_ses.1.166e=1; HstCfa4515739=1670767183908; HstCla4515739=1670767183908; HstCmu4515739=1670767183908; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=140581; timePosted22Cookie=132278; timePosted33Cookie=91121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:51 GMT
Content-Type: image/png
Content-Length: 3804
Last-Modified: Fri, 03 Sep 2021 06:32:58 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c19a-edc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Ireland.png

91.223.82.61

200 OK

1.2 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Ireland.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1189 bytes)
Hash
21f489acdddaae890450b01936248b9a
c5dabe5b630c36f47d7b92f3160d460e63a75a85
deb5a787ec58672db4328b9233d0217c0f4c063c3dd46dcbc744e3978eb55c73

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Ireland.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-2021-uc-redeem-code-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Ermes; username3Cookie=Calvin; comment1Cookie=thanks . :D; comment2Cookie=i wonder why this wasn’t on the news. this is stunning tool! .. :) this generator is incredible! :D; comment3Cookie=Thanks for this dude… at first i thought this is some shit again.. thanks a lot!   awesome man! you should sell this method.. =3 this website is giving some real stuff ..; _pk_id.1.166e=1d53d3721d75c3d1.1670767184.; _pk_ses.1.166e=1; HstCfa4515739=1670767183908; HstCla4515739=1670767183908; HstCmu4515739=1670767183908; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=141581; timePosted22Cookie=133278; timePosted33Cookie=92121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 13:59:52 GMT
Content-Type: image/png
Content-Length: 1189
Last-Modified: Fri, 03 Sep 2021 06:32:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c17e-4a5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

downloadlocked.com/cl/js/114v1

23.22.126.183

200 OK

0 B

URL HTTP/2
downloadlocked.com/cl/js/114v1
IP
23.22.126.183:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cl/js/114v1 HTTP/1.1
Host: downloadlocked.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Dec 2022 13:59:44 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: none
set-cookie: XSRF-TOKEN=eyJpdiI6Inh6cVgybEZLSEVOR3FyUll3c1gxc3c9PSIsInZhbHVlIjoiQUM2cU5QL1FycE44Y2pEcGVXZ1EvYlRVOTlQVjJpNW9ZQkM0cjlvS3VBeU1TTEJZcDZCY0JNWVZHS0MxNFBtYUNOTFNVMWE3blRoWEQvOXU2Z2JUY3NuZGc2bHlOYmtBLy9HTHY1L2RLZ09uV3Z1UHFkT2pXK25wOTVHUVQzbEwiLCJtYWMiOiI2YWVjNjI4NWM0MTFiOTZlYjA3MjFiNjM5MzRkYzBiMjNiYzdmMzE0YjM1NzM1OTliOGMyMTg0NGIyNjlmN2ViIiwidGFnIjoiIn0%3D; expires=Mon, 12 Dec 2022 09:59:44 GMT; Max-Age=72000; path=/; secure; samesite=none
ogads_session=eyJpdiI6Im9qckUycjFtbFE0RWZiUHpsVy9vNFE9PSIsInZhbHVlIjoiN2R2Zm1vbnlLeFV5SERpSU41WWd0ZmQwRGgzcERMRGFaRXBpOEltbXNrT1QrMXc0MWNhMlA3MkpHZ29DYlc3TzVEUzNiMnhIcjNqbmhsMG9EQi80QlFFb3c4MFZ5UDZFbGpWcWlYMVpMRTFBSUVrTHZ2STZSS3Z6Sll5VU1qajUiLCJtYWMiOiJhZDQ2NmU1YTQwMDU0MWIzNDE2ZmJhZDVjY2NiY2Q3ODRlZWYwYTk0ZDM5N2I5MzJmNGJjOTMzOTZmYTlhMDcwIiwidGFnIjoiIn0%3D; expires=Mon, 12 Dec 2022 09:59:44 GMT; Max-Age=72000; path=/; secure; httponly; samesite=none
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: DENY, nosniff
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations