urlquery - report: netcdn.co/app/431946152/1x1x1x1-roblox-id-game-hack

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
s4.histats.com (1)	12782	2012-05-21 17:14:14 UTC	2022-12-06 19:29:43 UTC	149.56.240.131
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-12-06 17:17:39 UTC	34.160.144.191
ajax.googleapis.com (1)	12905	2012-05-22 10:38:03 UTC	2022-12-07 01:00:33 UTC	142.250.74.74
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-12-06 17:19:43 UTC	44.240.57.100
translate.googleapis.com (2)	1005	2012-05-31 07:21:21 UTC	2022-12-07 01:01:50 UTC	172.217.21.170
i0.wp.com (1)	3021	2013-09-17 06:14:42 UTC	2022-12-06 17:12:58 UTC	192.0.77.2
fonts.gstatic.com (1)	0	2014-04-02 10:51:04 UTC	2022-12-06 21:54:56 UTC	216.58.207.227	Domain (gstatic.com) ranked at: 540
www.gstatic.com (1)	0	2012-05-29 15:36:17 UTC	2022-12-06 23:43:03 UTC	216.58.211.3	Domain (gstatic.com) ranked at: 540
downloadlocked.com (1)	127304	2021-10-06 18:17:41 UTC	2022-12-07 01:42:19 UTC	23.22.126.183
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-12-06 17:31:54 UTC	34.120.237.76
translate.google.com (1)	1156	2012-05-30 01:30:32 UTC	2022-12-06 17:15:10 UTC	216.58.211.14
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2022-12-06 17:12:34 UTC	35.241.9.150
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-06 17:13:17 UTC	34.117.237.239
is1-ssl.mzstatic.com (1)	1597	2015-02-12 10:39:50 UTC	2022-12-06 22:33:49 UTC	23.38.200.24
fonts.googleapis.com (1)	8877	2012-05-23 12:41:44 UTC	2022-12-06 23:11:27 UTC	142.250.74.74
ocsp.pki.goog (12)	175	2017-06-14 07:23:31 UTC	2022-12-06 17:12:08 UTC	142.250.74.131
track.enigmacdn.com (2)	0	2021-07-17 01:36:30 UTC	2022-12-06 14:10:44 UTC	91.223.82.61	Unknown ranking
s10.histats.com (1)	15211	2012-05-21 17:14:14 UTC	2022-12-06 20:06:48 UTC	46.105.201.240
maxcdn.bootstrapcdn.com (1)	724	2014-06-18 00:37:31 UTC	2022-12-06 23:46:29 UTC	104.18.11.207
netcdn.co (1)	0	2021-06-14 02:08:46 UTC	2022-12-07 04:10:11 UTC	91.223.82.61	Unknown ranking
r3.o.lencr.org (12)	344	2020-12-02 08:52:13 UTC	2022-12-06 17:12:17 UTC	23.33.119.27
gaminghelper.co (32)	0	2021-10-07 04:32:40 UTC	2022-12-07 04:23:01 UTC	91.223.82.61	Unknown ranking
ocsp.digicert.com (4)	86	2012-05-21 07:02:23 UTC	2022-12-06 21:45:35 UTC	93.184.220.29

Scan Date	Severity	Indicator	Comment
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed
2022-12-07	2	gaminghelper.co	Sinkholed

Date	UQ / IDS / BL	URL	IP
2022-12-17 09:20:56 +0000	0 - 0 - 50	gaminghelper.co/app/431946152/ninja-assassin- (...)	91.223.82.61
2022-12-17 06:18:11 +0000	0 - 0 - 49	gaminghelper.co/app/431946152/roblox-free-rob (...)	91.223.82.61
2022-12-16 09:03:55 +0000	0 - 0 - 48	gaminghelper.co/app/431946152/how-do-you-get- (...)	91.223.82.61
2022-12-16 08:11:44 +0000	0 - 0 - 48	netcdn.co/app/431946152/roblox-hack-tower-bat (...)	91.223.82.61
2022-12-16 07:12:35 +0000	0 - 0 - 50	gaminghelper.co/app/431946152/roblox-maps-fre (...)	91.223.82.61

Date	UQ / IDS / BL	URL	IP
2023-03-15 00:27:15 +0000	0 - 0 - 12	moviemediaz.com/sk/movie/47094/The%20Genesis% (...)	91.223.82.201
2023-03-08 14:10:43 +0000	0 - 7 - 7	hentaijl.com/hentai/55/yari-agari/episodio-1	185.7.33.56
2023-03-06 10:30:50 +0000	0 - 0 - 8	91.223.82.6/	91.223.82.6
2023-02-27 19:23:01 +0000	0 - 3 - 1	www.newbosspass.xyz/laptop/pt2.exe	91.223.82.124
2023-02-25 13:32:28 +0000	0 - 0 - 1	mgdll.com/Login.php	185.7.33.56

Date	UQ / IDS / BL	URL	IP
2022-12-16 08:11:44 +0000	0 - 0 - 48	netcdn.co/app/431946152/roblox-hack-tower-bat (...)	91.223.82.61
2022-12-16 06:23:00 +0000	0 - 0 - 46	netcdn.co/app/431946152/roblox-ninja-warrior- (...)	91.223.82.61
2022-12-15 14:04:00 +0000	0 - 0 - 46	netcdn.co/app/431946152/buy-free-robux-card-g (...)	91.223.82.61
2022-12-15 09:06:44 +0000	0 - 0 - 48	netcdn.co/app/431946152/how-to-hack-in-roblox (...)	91.223.82.61
2022-12-15 08:47:05 +0000	0 - 0 - 48	netcdn.co/app/431946152/get-800-robux-for-fre (...)	91.223.82.61

Date	UQ / IDS / BL	URL	IP
2022-12-17 09:20:56 +0000	0 - 0 - 50	gaminghelper.co/app/431946152/ninja-assassin- (...)	91.223.82.61
2022-12-17 06:18:11 +0000	0 - 0 - 49	gaminghelper.co/app/431946152/roblox-free-rob (...)	91.223.82.61
2022-12-16 08:11:44 +0000	0 - 0 - 48	netcdn.co/app/431946152/roblox-hack-tower-bat (...)	91.223.82.61
2022-12-16 06:23:00 +0000	0 - 0 - 46	netcdn.co/app/431946152/roblox-ninja-warrior- (...)	91.223.82.61
2022-12-16 06:21:12 +0000	0 - 0 - 50	gaminghelper.co/app/431946152/roblox-login-ch (...)	91.223.82.61

HTTP Transactions (87)

Request	Response
GET /app/431946152/1x1x1x1-roblox-id-game-hack HTTP/1.1 Host: netcdn.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: netcdn.co/app/431946152/1x1x1x1-roblox-id-game-hack FQDN: netcdn.co IP: 91.223.82.61 HASH: 85c71843f26b2e4f2be76a6fc1265e5b6ce413df1418206f1a64e6ea3c001299 91.223.82.61 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Server: nginx Date: Wed, 07 Dec 2022 16:12:32 GMT Content-Length: 273 Connection: keep-alive Keep-Alive: timeout=60 Location: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 273 Md5: 2559f9de58377a99a0afe749568cd772 Sha1: 6d0c5f0720869738a90c22f7ae12bdd7890bbd97 Sha256: 85c71843f26b2e4f2be76a6fc1265e5b6ce413df1418206f1a64e6ea3c001299
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7691 Expires: Wed, 07 Dec 2022 18:20:44 GMT Date: Wed, 07 Dec 2022 16:12:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5ceaca9fd4ad000cb435820812fc69c8 Sha1: 8168397aaf7b572c89a9c83f46c0b65e4ac509f2 Sha256: 9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: e00eaad18ffa9f5181fe540b156608df88565b09e98ca78b87eba97f3fbc6e79 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79" Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17824 Expires: Wed, 07 Dec 2022 21:09:37 GMT Date: Wed, 07 Dec 2022 16:12:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2630c6482aef4e822d6634e417f65ab6 Sha1: 6bd1264568eb9647d1665e51521b3bfc15d4df4a Sha256: e00eaad18ffa9f5181fe540b156608df88565b09e98ca78b87eba97f3fbc6e79
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6768 Expires: Wed, 07 Dec 2022 18:05:21 GMT Date: Wed, 07 Dec 2022 16:12:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0abf10fb7e96c1c98dacf2f013a68b4 Sha1: acdd839bce85eadc78a8e821e32e00a958d5c0c8 Sha256: b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 07 Dec 2022 16:08:04 GMT age: 269 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 998zFCwheZmaGk1WzJVhOQfOkJ+lIW5NZCogxGb7+tfPcduEvPQS097e6pq1vYVjMmIkke+XWmM= x-amz-request-id: PFWV6DXVBPC2WJBN content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 07 Dec 2022 15:49:25 GMT age: 1388 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 07 Dec 2022 16:12:33 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 1f5e7a6f60f0d74868be69b00ce49814c4a6087dd081d1d40fa09708bf9062c4 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1F5E7A6F60F0D74868BE69B00CE49814C4A6087DD081D1D40FA09708BF9062C4" Last-Modified: Tue, 06 Dec 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Wed, 07 Dec 2022 22:12:33 GMT Date: Wed, 07 Dec 2022 16:12:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8a6993735f24c3a251dde80d5f02f0d8 Sha1: 678ebfc798b523dfd09402a3a28cab650eeb3cb8 Sha256: 1f5e7a6f60f0d74868be69b00ce49814c4a6087dd081d1d40fa09708bf9062c4
GET /app/431946152/1x1x1x1-roblox-id-game-hack HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 85135e250f1ecaa08eda5189127f3f588ec1fa2ac1fa5774256f1cddd127b227 91.223.82.61 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Wed, 07 Dec 2022 16:12:32 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/8.0.8RC1 Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923) Size: 20003 Md5: 9718c9b8482d1c30d291668213aff3cc Sha1: 63f8f60e96d82c4a2b6158ab0ce93200ed0cd290 Sha256: 85135e250f1ecaa08eda5189127f3f588ec1fa2ac1fa5774256f1cddd127b227 Alerts: Blocklists: - quad9: Sinkholed
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 07 Dec 2022 16:07:55 GMT age: 278 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /css/bootstrap.min.css HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/css/bootstrap.min.css FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 3421e2383a7c02f24509d2f1294d3099b658d0773f97706b87b832b0b770c0b6 91.223.82.61 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c104-1d9bb" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (65371) Size: 19597 Md5: 3f142cfc2d7123b31a1e696e0591f27a Sha1: 834192dbadf2713cd2ff89f50d7ec2f1d4782e54 Sha256: 3421e2383a7c02f24509d2f1294d3099b658d0773f97706b87b832b0b770c0b6 Alerts: Blocklists: - quad9: Sinkholed
GET /js/fancySelect.js HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/js/fancySelect.js FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 5d19375a0386f8ea11115e3145c61105cfa1daca00d15ad54b49c84967f518d0 91.223.82.61 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c1b2-1a7a" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 1661 Md5: a60791b5b353371813114e815d946494 Sha1: 69d1f371b0ed899641e640b2649c0914302812bd Sha256: 5d19375a0386f8ea11115e3145c61105cfa1daca00d15ad54b49c84967f518d0 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 254 Cache-Control: max-age=139988 Date: Wed, 07 Dec 2022 16:12:34 GMT Etag: "63903a48-117" Expires: Fri, 09 Dec 2022 07:05:42 GMT Last-Modified: Wed, 07 Dec 2022 07:01:28 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 3025b4c51fa49b1cfb04323171de5be1 Sha1: 2e90e313500f8c8614913c7adb2451f11a2e097e Sha256: 4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
GET /css/animate.css HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/css/animate.css FQDN: gaminghelper.co IP: 91.223.82.61 HASH: b30b4d8565f9af6c8d2cb3839aa09dbccd60ca1a766465d542debade38f45741 91.223.82.61 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c104-10cbc" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 4026 Md5: 48bc9b81bca18c06ba937cbb880b4cb3 Sha1: 697313edfad185bcca5c7bde18da4a98f93e3adb Sha256: b30b4d8565f9af6c8d2cb3839aa09dbccd60ca1a766465d542debade38f45741 Alerts: Blocklists: - quad9: Sinkholed
GET /css/magnific-popup.css HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/css/magnific-popup.css FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 211b79363793093a7a2f1d342768844e938e88156b62293093185a6500ead1cf 91.223.82.61 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c105-1f0a" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 1994 Md5: c0275239cb960b014d780d8105b44d72 Sha1: 8db83ac790988232549a3740ecf04fc199da1ce8 Sha256: 211b79363793093a7a2f1d342768844e938e88156b62293093185a6500ead1cf Alerts: Blocklists: - quad9: Sinkholed
GET /css/fancySelect.css HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/css/fancySelect.css FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 3f41176d4616a36f4325865bb3c0ea652f3616dec60b31bd923df91f600506b2 91.223.82.61 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c105-109d" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 1023 Md5: 458a1a06f282aa4c457a8b613d6a38e6 Sha1: b524e1cb32722230e18bc85f414b9a10e43a7e2d Sha256: 3f41176d4616a36f4325865bb3c0ea652f3616dec60b31bd923df91f600506b2 Alerts: Blocklists: - quad9: Sinkholed
GET /js/jquery.countTo.js HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/js/jquery.countTo.js FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 67880d8532d95db3e74b7da985ca2fe7c9d9660e3dd125202cebcda96a2007e2 91.223.82.61 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:33:23 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c1b3-eb1" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 1125 Md5: 547f5246e091d19af521dee35588e468 Sha1: 4772f3c1e62865ccbbab04abd39e69510c8f5843 Sha256: 67880d8532d95db3e74b7da985ca2fe7c9d9660e3dd125202cebcda96a2007e2 Alerts: Blocklists: - quad9: Sinkholed
GET /css/sweetalert2.min.css HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/css/sweetalert2.min.css FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 53976df2ad3ce0c0f2632bb620bbb02d930a5eb943298170e97189f029a0d70d 91.223.82.61 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c106-36a3" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (13987), with no line terminators Size: 2737 Md5: 1cfac88a4a8e1bc20b811757fb028b40 Sha1: 10427c064f703342d031411a3310e2a5ef2083bc Sha256: 53976df2ad3ce0c0f2632bb620bbb02d930a5eb943298170e97189f029a0d70d Alerts: Blocklists: - quad9: Sinkholed
GET /css/style.css HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/css/style.css FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 08bb84420272831b8755bc5bd2858bf8a486006a9367b670d826ee516262a2c8 91.223.82.61 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c106-bd7b" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (1512) Size: 8520 Md5: 4d36bdeba8bb00f4ee280771fddfa689 Sha1: 8dfbed7251f5bb010d5fe8f64e0d60abc3e9fd54 Sha256: 08bb84420272831b8755bc5bd2858bf8a486006a9367b670d826ee516262a2c8 Alerts: Blocklists: - quad9: Sinkholed
GET /js/form-scripts.js HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/js/form-scripts.js FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 3dd0f5e5567c73519dc3eeb98ba6fef9d2b2982af24544ba3d7bbc684d6bae6c 91.223.82.61 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c1b2-5bd" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 609 Md5: 4fb85eb3b2f0dd8b8f5953c58236da3e Sha1: 1c9f6c7a15a3248147e056672ffbf4fdbaed6718 Sha256: 3dd0f5e5567c73519dc3eeb98ba6fef9d2b2982af24544ba3d7bbc684d6bae6c Alerts: Blocklists: - quad9: Sinkholed
GET /js/sweetalert2.min.js HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/js/sweetalert2.min.js FQDN: gaminghelper.co IP: 91.223.82.61 HASH: aeafa1e7bb6a973eac2b4f5462844b1c2d64d53eb2e09e75f265e646320f7080 91.223.82.61 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c1b9-4f51" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (20305), with no line terminators Size: 6538 Md5: b238ef007e57c4c8f9447cba68fdb3a2 Sha1: 2d4ca455aca3fcd8ee7ac2e2883cfa89c87bd532 Sha256: aeafa1e7bb6a973eac2b4f5462844b1c2d64d53eb2e09e75f265e646320f7080 Alerts: Blocklists: - quad9: Sinkholed
GET /js/validator.min.js HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/js/validator.min.js FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 56b8d7fb44f86809b49d416022455ac170fb0b79d1ab4b6e5192a046e660f667 91.223.82.61 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c1b9-17a7" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (5862) Size: 2094 Md5: 1ab13fa2eeca5d16de99a1cad839416c Sha1: 0d0a95bd88d04b02d89e1162dd3ebb20b5543dd8 Sha256: 56b8d7fb44f86809b49d416022455ac170fb0b79d1ab4b6e5192a046e660f667 Alerts: Blocklists: - quad9: Sinkholed
GET /js/com.js HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/js/com.js FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 28babf5e232e3dc0985bab21a28eea25b17bc078bafc92a6ba049eefb1e45720 91.223.82.61 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c1b2-461a" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: C source, Unicode text, UTF-8 text, with very long lines (2456) Size: 3265 Md5: ecf323c878106fa274f5e9f3b3a82437 Sha1: 86b15826e8a83c81da7ef264dd8e3ff59ef5c1bf Sha256: 28babf5e232e3dc0985bab21a28eea25b17bc078bafc92a6ba049eefb1e45720 Alerts: Blocklists: - quad9: Sinkholed
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3074a66f6d9b2e2af9b41ec0e2f4e2db Sha1: 942e2c49b3848f11da966937f5914c62aed24bce Sha256: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3074a66f6d9b2e2af9b41ec0e2f4e2db Sha1: 942e2c49b3848f11da966937f5914c62aed24bce Sha256: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
GET /js/jquery.magnific-popup.min.js HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/js/jquery.magnific-popup.min.js FQDN: gaminghelper.co IP: 91.223.82.61 HASH: f2e1cd5f2953925591288bd1cc3f167bbd392497476119083458e33e9ab87079 91.223.82.61 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:33:26 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c1b6-5297" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (21014) Size: 7685 Md5: 12a9a563724e70a895de0fbd5f7b4ee5 Sha1: a14c616f532deb9ca2d5fa0de6124d47ea60ab57 Sha256: f2e1cd5f2953925591288bd1cc3f167bbd392497476119083458e33e9ab87079 Alerts: Blocklists: - quad9: Sinkholed
GET /js/sticky.js HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/js/sticky.js FQDN: gaminghelper.co IP: 91.223.82.61 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 91.223.82.61 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Content-Length: 0 Last-Modified: Fri, 03 Sep 2021 06:33:28 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c1b8-0" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /js/main.js HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/js/main.js FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 745ecf708bc71ba73f7071b8a35c3f639ec7f3e05ceb826458a1b6a8fb4fe782 91.223.82.61 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Wed, 07 Dec 2022 16:12:33 GMT Last-Modified: Fri, 03 Sep 2021 06:33:27 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"6131c1b7-a08b" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (16162) Size: 15195 Md5: 562dc83f2f14b713905fe69a0994e11d Sha1: 43cd616f9ea8c8c1eb0edccd54a29e2490fcf90a Sha256: 745ecf708bc71ba73f7071b8a35c3f639ec7f3e05ceb826458a1b6a8fb4fe782 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 624 Cache-Control: max-age=147880 Date: Wed, 07 Dec 2022 16:12:34 GMT Etag: "639057aa-1d7" Expires: Fri, 09 Dec 2022 09:17:14 GMT Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 053aff7451e55d4269dd9610ab070f3f Sha1: b3376256d11d159b0c7280ba1515b78d7d9e12ca Sha256: 24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: cd6dabd083ee1c237c8ea3ba38cc48d5 Sha1: bbe4420bf1c0fe0d5621336865563418d2f16f39 Sha256: c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js FQDN: ajax.googleapis.com IP: 142.250.74.74 HASH: 675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421 142.250.74.74 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 29725 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 01 Dec 2022 08:31:51 GMT expires: Fri, 01 Dec 2023 08:31:51 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 546043 last-modified: Tue, 03 Mar 2020 19:15:00 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32025) Size: 29725 Md5: 83b3b5729cdff3976db52c51831e96b8 Sha1: d23dc823e37f58e5366340be755730f3fa9a850d Sha256: 675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 254 Cache-Control: max-age=139988 Date: Wed, 07 Dec 2022 16:12:34 GMT Etag: "63903a48-117" Expires: Fri, 09 Dec 2022 07:05:42 GMT Last-Modified: Wed, 07 Dec 2022 07:01:28 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 3025b4c51fa49b1cfb04323171de5be1 Sha1: 2e90e313500f8c8614913c7adb2451f11a2e097e Sha256: 4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3074a66f6d9b2e2af9b41ec0e2f4e2db Sha1: 942e2c49b3848f11da966937f5914c62aed24bce Sha256: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3074a66f6d9b2e2af9b41ec0e2f4e2db Sha1: 942e2c49b3848f11da966937f5914c62aed24bce Sha256: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: cd6dabd083ee1c237c8ea3ba38cc48d5 Sha1: bbe4420bf1c0fe0d5621336865563418d2f16f39 Sha256: c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: d0evTMXpB773zPI4vsd03g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 44.240.57.100 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 44.240.57.100 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: gZGRAis79kq3+0mbWw36RWPhIsk= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3074a66f6d9b2e2af9b41ec0e2f4e2db Sha1: 942e2c49b3848f11da966937f5914c62aed24bce Sha256: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 5f9599db7547e4c6aa45741a8af4f75ebc649d5d264aa6e11864178e44d02b9b 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5F9599DB7547E4C6AA45741A8AF4F75EBC649D5D264AA6E11864178E44D02B9B" Last-Modified: Mon, 05 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2294 Expires: Wed, 07 Dec 2022 16:50:49 GMT Date: Wed, 07 Dec 2022 16:12:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2a968eabc6cee919e075669d87b831b7 Sha1: 893ea41b0a46d2380200c3e10bca9cc160949bfa Sha256: 5f9599db7547e4c6aa45741a8af4f75ebc649d5d264aa6e11864178e44d02b9b
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e8312d694cf22c6c03b5d6c2e1e1e9bf5bf15ae72dd4c561cf5b2cc08690cc97 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3089 Cache-Control: 'max-age=158059' Date: Wed, 07 Dec 2022 16:12:35 GMT Last-Modified: Wed, 07 Dec 2022 15:21:06 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e3a84ff69d450f8dbbb876b09c91e3fa Sha1: f0f8be05011a384bc38970a5cd162c9007ab3e2e Sha256: e8312d694cf22c6c03b5d6c2e1e1e9bf5bf15ae72dd4c561cf5b2cc08690cc97
GET /image/thumb/Purple122/v4/e8/15/af/e815af0f-afea-dd2c-5005-19c1f3734487/AppIcon-1x_U007emarketing-0-7-0-0-85-220.png/150x150bb.jpg HTTP/1.1 Host: is1-ssl.mzstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: is1-ssl.mzstatic.com/image/thumb/Purple122/v4/e8/15/af/ (...) FQDN: is1-ssl.mzstatic.com IP: 23.38.200.24 HASH: ac4af40769a0017fdb41feb512993d7634175aa928c4a8856480a1123b3d80ff 23.38.200.24 HTTP/2 200 OK content-type: image/jpeg server: daiquiri/3.0.0 content-length: 12213 x-apple-jingle-correlation-key: PZ2JT73L64OZOELVWSSP6IGGAI x-apple-request-uuid: 7e7499ff-6bf7-1d97-1175-b4a4ff20c602 b3: 7e7499ff6bf71d971175b4a4ff20c602-70bac44de94ecda2 x-b3-traceid: 7e7499ff6bf71d971175b4a4ff20c602 x-b3-spanid: 70bac44de94ecda2 apple-seq: 0.0 apple-tk: false apple-originating-system: UnknownOriginatingSystem last-modified: Mon, 05 Dec 2022 17:11:06 GMT etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjcwMjYwMjY2MTc4LGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMTE1LG5vRWZmZWN0" access-control-allow-origin: * access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified timing-allow-origin: * strict-transport-security: max-age=31536000; includeSubDomains x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE175:daiquiri-amp-processing-shared-int-001-mr cdnuuid: 2418753c-5579-4a18-8eb0-121db17dcc2a-3702702138 cache-control: no-transform, max-age=15825949 date: Wed, 07 Dec 2022 16:12:35 GMT x-cache: TCP_MEM_HIT from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-) X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 150x150, components 3\012- data Size: 12213 Md5: c126eba67cafe0d69ed03a046685691a Sha1: 0c2501825843ae5afdc38de5aa4d6eaf15420242 Sha256: ac4af40769a0017fdb41feb512993d7634175aa928c4a8856480a1123b3d80ff
GET /img/main-bg.jpg HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/main-bg.jpg FQDN: gaminghelper.co IP: 91.223.82.61 HASH: efbff382982bb66a918e5412741a23a309c6f4ca4e9820e65e67f659767765d6 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Wed, 07 Dec 2022 16:12:34 GMT Content-Length: 9365 Last-Modified: Fri, 03 Sep 2021 06:31:31 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c143-2495" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data Size: 9365 Md5: d93b1723b2a2723d48696c5a6cae3b7e Sha1: 6f69bdc7079dd114f6fc816c5098f80b58c7b794 Sha256: efbff382982bb66a918e5412741a23a309c6f4ca4e9820e65e67f659767765d6 Alerts: Blocklists: - quad9: Sinkholed
GET /enigmanetwork.net/dmca.png HTTP/1.1 Host: i0.wp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: i0.wp.com/enigmanetwork.net/dmca.png FQDN: i0.wp.com IP: 192.0.77.2 HASH: 0cbddd5e01b49d35d16b15fc54a481a17a0f2803c2da6807800428139dd50f7f 192.0.77.2 HTTP/2 200 OK content-type: image/webp server: nginx date: Wed, 07 Dec 2022 16:12:35 GMT content-length: 668 last-modified: Thu, 04 Aug 2022 17:20:08 GMT expires: Sun, 04 Aug 2024 05:20:08 GMT cache-control: public, max-age=63115200 link: <http://enigmanetwork.net/dmca.png>; rel="canonical" x-content-type-options: nosniff etag: "a264775a6858f15f" vary: Accept x-nc: HIT arn 5 access-control-allow-origin: * access-control-allow-methods: GET, HEAD timing-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 668 Md5: fa302d465f15a34e8264bc761a6902aa Sha1: 2c73911e3cfcf82860d1d59a0ccd2625ae98fffb Sha256: 0cbddd5e01b49d35d16b15fc54a481a17a0f2803c2da6807800428139dd50f7f
GET /img/robux.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/robux.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 44e5a0923e6a0c2157435f215db9d3c2edf95408dfb3d87fa553830f582e24fd 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:34 GMT Content-Length: 14564 Last-Modified: Fri, 03 Sep 2021 06:31:43 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c14f-38e4" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 220 x 220, 8-bit/color RGBA, non-interlaced\012- data Size: 14564 Md5: 9c5420a8f8c55be36294fce245595dba Sha1: 4b9a024b51a475b1b7514a7650ff684ec9323572 Sha256: 44e5a0923e6a0c2157435f215db9d3c2edf95408dfb3d87fa553830f582e24fd Alerts: Blocklists: - quad9: Sinkholed
GET /img/panel-overlay.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/panel-overlay.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:34 GMT Content-Length: 3116 Last-Modified: Fri, 03 Sep 2021 06:31:34 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c146-c2c" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data Size: 3116 Md5: 2b026d93f79b384005e4252c80701791 Sha1: 87804a0d83d2e745b31526c8b60d026abecbe73a Sha256: b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e Alerts: Blocklists: - quad9: Sinkholed
GET /img/pr-r.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/pr-r.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: e88b54e0aa65055cb25657c0ed283b4d768a79770980c27f424886a48fa046ef 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:34 GMT Content-Length: 11003 Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c14d-2afb" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data Size: 11003 Md5: 284e10ee335890399e8f772c430570a9 Sha1: 188bf895905cee7d579aad2b6b5cdf795741f9cd Sha256: e88b54e0aa65055cb25657c0ed283b4d768a79770980c27f424886a48fa046ef Alerts: Blocklists: - quad9: Sinkholed
GET /img/smallbtnbg-r.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/smallbtnbg-r.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 0f61dff49d41fddbcc21de3dd4f1a62006f366083361d725bfd92ccf87212067 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:34 GMT Content-Length: 1393 Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c154-571" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data Size: 1393 Md5: bdfffd47e30bf7d045d45f0125a33164 Sha1: 5834aea23f79a1ddccea3825bd51249307435c5f Sha256: 0f61dff49d41fddbcc21de3dd4f1a62006f366083361d725bfd92ccf87212067 Alerts: Blocklists: - quad9: Sinkholed
GET /css?family=Open+Sans:300,400,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Open+Sans:300,400,700 FQDN: fonts.googleapis.com IP: 142.250.74.74 HASH: 256ad8cdef4c69d4fa9fd8b092f72c5e161255ba283b060d7dac1d8beec5dc29 142.250.74.74 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 07 Dec 2022 16:12:34 GMT date: Wed, 07 Dec 2022 16:12:34 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 2089 Md5: 537d808153490cf938474e4f9c98b070 Sha1: 5e6ebae85f9c97f7202aad41d8186df59f64c257 Sha256: 256ad8cdef4c69d4fa9fd8b092f72c5e161255ba283b060d7dac1d8beec5dc29
GET /img/pr-l.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/pr-l.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 37e1b903b1a3b99f70dd9b463948bbaed162d7f3cc957dbc5084f0c523b9ec0d 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:34 GMT Content-Length: 7453 Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c14d-1d1d" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data Size: 7453 Md5: 91d0b1f8f5b7685478ff0d1f461fa658 Sha1: 7e457376b687add741a5d6cea2713dc4ef37efbc Sha256: 37e1b903b1a3b99f70dd9b463948bbaed162d7f3cc957dbc5084f0c523b9ec0d Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6700 Expires: Wed, 07 Dec 2022 18:04:15 GMT Date: Wed, 07 Dec 2022 16:12:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ab1615b2c8cc26b12fc0cf41734ff07 Sha1: a7d54b3709ce75a20210e20013e6f06b0aa88e2d Sha256: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
GET /img/button-dot.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/button-dot.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:34 GMT Content-Length: 672 Last-Modified: Fri, 03 Sep 2021 06:31:14 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c132-2a0" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data Size: 672 Md5: 478aefab2e280b16b0372e607414d3c2 Sha1: 710f5aaa706ec23cbf45006d7c1d25be76b4fa64 Sha256: a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc Alerts: Blocklists: - quad9: Sinkholed
GET /img/btn-img.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/btn-img.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: e7e359cb00b793c60c192fb1dbffa401806d99267e9b55d8bc9ce3c8260568ae 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:35 GMT Content-Length: 1335 Last-Modified: Fri, 03 Sep 2021 06:31:13 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c131-537" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 150 x 100, 8-bit colormap, non-interlaced\012- data Size: 1335 Md5: 817cb08a965fe5bf8debba11091e94c0 Sha1: 214d58c18bcbcfebd1606554929e9bc5f65755c6 Sha256: e7e359cb00b793c60c192fb1dbffa401806d99267e9b55d8bc9ce3c8260568ae Alerts: Blocklists: - quad9: Sinkholed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8438 x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cvlqVGMjoAMFS6w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Dec 2022 21:53:40 GMT age: 65935 etag: "985c6761675e6bcc0186f64d55f94cf09352f05c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8438 Md5: e95ebce9d79ba46cb96af9a45af1762f Sha1: 985c6761675e6bcc0186f64d55f94cf09352f05c Sha256: 5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8351 x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cvlitFk9oAMFakQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Dec 2022 21:57:19 GMT etag: "b8eb2e11f9655f19334befc036f21489a6473827" age: 65716 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8351 Md5: 98d2cf29c710d25bd2f03ff216fdd369 Sha1: b8eb2e11f9655f19334befc036f21489a6473827 Sha256: 614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6557 x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cmcuMG6bIAMFUng= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 08:32:51 GMT age: 27584 etag: "08d241e56622cb900754d95bc5d58ed8826d9f32" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6557 Md5: 210b27f5f6310d8fad640acce3d9ae0e Sha1: 08d241e56622cb900754d95bc5d58ed8826d9f32 Sha256: 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6700 Expires: Wed, 07 Dec 2022 18:04:15 GMT Date: Wed, 07 Dec 2022 16:12:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ab1615b2c8cc26b12fc0cf41734ff07 Sha1: a7d54b3709ce75a20210e20013e6f06b0aa88e2d Sha256: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6700 Expires: Wed, 07 Dec 2022 18:04:15 GMT Date: Wed, 07 Dec 2022 16:12:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ab1615b2c8cc26b12fc0cf41734ff07 Sha1: a7d54b3709ce75a20210e20013e6f06b0aa88e2d Sha256: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6700 Expires: Wed, 07 Dec 2022 18:04:15 GMT Date: Wed, 07 Dec 2022 16:12:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ab1615b2c8cc26b12fc0cf41734ff07 Sha1: a7d54b3709ce75a20210e20013e6f06b0aa88e2d Sha256: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6700 Expires: Wed, 07 Dec 2022 18:04:15 GMT Date: Wed, 07 Dec 2022 16:12:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ab1615b2c8cc26b12fc0cf41734ff07 Sha1: a7d54b3709ce75a20210e20013e6f06b0aa88e2d Sha256: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11224 x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csUINEwdoAMFuOw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT x-amz-cf-pop: YVR50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ== via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Dec 2022 20:49:34 GMT age: 69781 etag: "36082b7329d473829178f280cb71a83b1531e486" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11224 Md5: b15136d60fd0a5e0f657a4f5c75d540f Sha1: 36082b7329d473829178f280cb71a83b1531e486 Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8701 x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cm3-2HRWIAMFjfg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Dec 2022 22:01:53 GMT age: 65442 etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8701 Md5: 604a4132da78a0c013b5818644adb121 Sha1: ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566 Sha256: eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ec6ece82a7cb8faa3ba171efae3a9eda Sha1: 7ee75fba9a9d1078960f7834d71961c38f514b82 Sha256: 301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6846 x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cdGx4E-mIAMFatg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: fo3lMa6shsclTxMwkqU7b-FdfADL1J2vHt8BNpEImo0gsmmI01BNTQ== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 06:31:28 GMT age: 34867 etag: "6d55b299f906908309f91eaf0a720ad65866db04" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6846 Md5: a7ee62c5e846e8ad4808f4724f15146d Sha1: 6d55b299f906908309f91eaf0a720ad65866db04 Sha256: 0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 4f48748dc87020a0f1368e6d3bb9a24c Sha1: 4eeade3f02cc6b02390af43bd5e7d67da4a707e0 Sha256: 7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ec6ece82a7cb8faa3ba171efae3a9eda Sha1: 7ee75fba9a9d1078960f7834d71961c38f514b82 Sha256: 301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://gaminghelper.co Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWb (...) FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 44856 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 05 Dec 2022 18:52:41 GMT expires: Tue, 05 Dec 2023 18:52:41 GMT cache-control: public, max-age=31536000 age: 163194 last-modified: Mon, 15 Aug 2022 18:20:18 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Size: 44856 Md5: 565ce506190ad3af920b40baf1794cec Sha1: ad3cba5d06100e09449a864d3b5e58403b478b3d Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /translate_static/css/translateelement.css HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: translate.googleapis.com/translate_static/css/translate (...) FQDN: translate.googleapis.com IP: 172.217.21.170 HASH: 696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0 172.217.21.170 HTTP/2 200 OK content-type: text/css accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="rosetta" report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-length: 3619 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 07 Dec 2022 16:07:08 GMT expires: Wed, 07 Dec 2022 17:07:08 GMT cache-control: public, max-age=3600 last-modified: Wed, 17 Aug 2022 23:38:00 GMT age: 327 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (18670) Size: 3619 Md5: 897ba9a21d9625286674da769dacc2e2 Sha1: 84b4923ab7dee562395160824d53496314499b77 Sha256: 696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /img/cf/Indonesia.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Cookie: username1Cookie=Priscilla; username2Cookie=Eliano Fallaci; username3Cookie=Anacleto; comment1Cookie=thank you admin! works for me!! thanks ! =3; comment2Cookie=thanks for sharing . thanks a lot dude!!!! WORKS like a charm!!! .. c:; comment3Cookie=Wow.. :) that was amazing!!! thanks a lot for this. now i dont need to buy Cash! thanks a lot ! c: thanks for sharing .. many thanks! Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/cf/Indonesia.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 47d80373c50c7ebb8f938597b0e6a69dde14575270bf3667d5681a11fdea75f0 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:35 GMT Content-Length: 1181 Last-Modified: Fri, 03 Sep 2021 06:32:29 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c17d-49d" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data Size: 1181 Md5: c1bd29515ef87d52d8cedc77783563e2 Sha1: afe216e4eea16e660127ed4ada74f1237b2b0a54 Sha256: 47d80373c50c7ebb8f938597b0e6a69dde14575270bf3667d5681a11fdea75f0 Alerts: Blocklists: - quad9: Sinkholed
GET /close.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Cookie: username1Cookie=Priscilla; username2Cookie=Eliano Fallaci; username3Cookie=Anacleto; comment1Cookie=thank you admin! works for me!! thanks ! =3; comment2Cookie=thanks for sharing . thanks a lot dude!!!! WORKS like a charm!!! .. c:; comment3Cookie=Wow.. :) that was amazing!!! thanks a lot for this. now i dont need to buy Cash! thanks a lot ! c: thanks for sharing .. many thanks! Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/close.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: a967335d601fb662b5723f1181b3d07f25811d2ca26131598c48482b9935217b 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:35 GMT Content-Length: 4878 Last-Modified: Fri, 03 Sep 2021 06:30:21 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c0fd-130e" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data Size: 4878 Md5: fb5d414fccc35f19fde0f30a8c98139b Sha1: 4b4a030923039e56efdad2c2d97f0a74d2c74657 Sha256: a967335d601fb662b5723f1181b3d07f25811d2ca26131598c48482b9935217b Alerts: Blocklists: - quad9: Sinkholed
GET /fonts/bebasneue_regular-webfont.html HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://gaminghelper.co/css/style.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/fonts/bebasneue_regular-webfont.html FQDN: gaminghelper.co IP: 91.223.82.61 HASH: bee0bcc11701aea746fd8b734379ba5e003a034460bfd71d88dc364b4d939be6 91.223.82.61 HTTP/1.1 200 OK Content-Type: text/html Server: nginx Date: Wed, 07 Dec 2022 16:12:35 GMT Content-Length: 15948 Last-Modified: Fri, 03 Sep 2021 06:30:51 GMT Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: "6131c11b-3e4c" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data Size: 15948 Md5: af83f1b88fb4654673e9c841bd22a8c7 Sha1: 61e5a340ea87431211d732024f2703dca5b80cbc Sha256: bee0bcc11701aea746fd8b734379ba5e003a034460bfd71d88dc364b4d939be6 Alerts: Blocklists: - quad9: Sinkholed
GET /fonts/bebasneue_bold-webfont.html HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://gaminghelper.co/css/style.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/fonts/bebasneue_bold-webfont.html FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 13c03e5c6b49e447770ba4d0aee22d4aedbeed87e94f54fdcaf990934c109830 91.223.82.61 HTTP/1.1 200 OK Content-Type: text/html Server: nginx Date: Wed, 07 Dec 2022 16:12:35 GMT Content-Length: 15216 Last-Modified: Fri, 03 Sep 2021 06:30:48 GMT Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: "6131c118-3b70" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15216, version 1.197\012- data Size: 15216 Md5: 772fc6a0795e2498a1715526dd95ac22 Sha1: d410a8da10385a0ef11a74e69644493b99315fc3 Sha256: 13c03e5c6b49e447770ba4d0aee22d4aedbeed87e94f54fdcaf990934c109830 Alerts: Blocklists: - quad9: Sinkholed
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ec6ece82a7cb8faa3ba171efae3a9eda Sha1: 7ee75fba9a9d1078960f7834d71961c38f514b82 Sha256: 301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
GET /fonts/et-line.woff HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://gaminghelper.co/css/style.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/fonts/et-line.woff FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c 91.223.82.61 HTTP/1.1 200 OK Content-Type: font/woff Server: nginx Date: Wed, 07 Dec 2022 16:12:35 GMT Content-Length: 55220 Last-Modified: Fri, 03 Sep 2021 06:30:56 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c120-d7b4" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: Web Open Font Format, CFF, length 55220, version 1.0\012- data Size: 55220 Md5: b01ff252761958325faab1535c90c87f Sha1: d33413e7bc42acc8837cc9030ca45d29c1ccf0c6 Sha256: 19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 637188ae41751baf54e15118fbc4eb9843439999c985ad878df4ed2697a47425 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "637188AE41751BAF54E15118FBC4EB9843439999C985AD878DF4ED2697A47425" Last-Modified: Tue, 06 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Wed, 07 Dec 2022 22:12:36 GMT Date: Wed, 07 Dec 2022 16:12:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d606ffbcb9c4b488237ebb5158a199c4 Sha1: ba1cbe8c82aed0f331e5f9cd6b1591b1c61f0f9d Sha256: 637188ae41751baf54e15118fbc4eb9843439999c985ad878df4ed2697a47425
GET /_/translate_http/_/js/k=translate_http.tr.no.-1M3Gp9Xl7M.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq0ggZFoVeigagsNVCTXEiRqpVJTQ/m=el_main HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: translate.googleapis.com/_/translate_http/_/js/k=transl (...) FQDN: translate.googleapis.com IP: 172.217.21.170 HASH: 2da6deee56e80a36d746b8f1b4bd8840d84092465a02e33fdfd102e099c72513 172.217.21.170 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="rosetta" report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-length: 75162 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 05 Dec 2022 20:59:13 GMT expires: Tue, 05 Dec 2023 20:59:13 GMT cache-control: public, max-age=31536000 last-modified: Sat, 03 Dec 2022 22:11:16 GMT age: 155603 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1613) Size: 75162 Md5: 15289add7809b936b7e36ebe5e0fde87 Sha1: be7b27824c8a52c3b4eb23ad109f5d7db874c27f Sha256: 2da6deee56e80a36d746b8f1b4bd8840d84092465a02e33fdfd102e099c72513
GET /matomo.js HTTP/1.1 Host: track.enigmacdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: track.enigmacdn.com/matomo.js FQDN: track.enigmacdn.com IP: 91.223.82.61 HASH: f7a1fe5cff057b3d4c769d456085425932f39e43050ba4ff77fd9e0a66b57881 91.223.82.61 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Wed, 07 Dec 2022 16:12:35 GMT Last-Modified: Wed, 26 May 2021 02:21:35 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding ETag: W/"60adb0af-f330" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (1404) Size: 20210 Md5: 8cd72e4f9c8225acdd40bf7dc2406e19 Sha1: 0cd39b8143536dfb54d1224e502ccc6567081204 Sha256: f7a1fe5cff057b3d4c769d456085425932f39e43050ba4ff77fd9e0a66b57881
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 9b471a64f51d01dc302ad60957ad702f536d4e2682ee9a594fe2253e1101d909 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9B471A64F51D01DC302AD60957AD702F536D4E2682EE9A594FE2253E1101D909" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14812 Expires: Wed, 07 Dec 2022 20:19:28 GMT Date: Wed, 07 Dec 2022 16:12:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 93cd4106946bc499c4dbdfcab6ea7718 Sha1: 5628412fd5319f549699b48bc27ff0f2f334e6bd Sha256: 9b471a64f51d01dc302ad60957ad702f536d4e2682ee9a594fe2253e1101d909
GET /app/431946152/img/favicon-16x16.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Cookie: username1Cookie=Priscilla; username2Cookie=Eliano Fallaci; username3Cookie=Anacleto; comment1Cookie=thank you admin! works for me!! thanks ! =3; comment2Cookie=thanks for sharing . thanks a lot dude!!!! WORKS like a charm!!! .. c:; comment3Cookie=Wow.. :) that was amazing!!! thanks a lot for this. now i dont need to buy Cash! thanks a lot ! c: thanks for sharing .. many thanks! Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/app/431946152/img/favicon-16x16.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 85135e250f1ecaa08eda5189127f3f588ec1fa2ac1fa5774256f1cddd127b227 91.223.82.61 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Wed, 07 Dec 2022 16:12:35 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/8.0.8RC1 Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923) Size: 20003 Md5: 9718c9b8482d1c30d291668213aff3cc Sha1: 63f8f60e96d82c4a2b6158ab0ce93200ed0cd290 Sha256: 85135e250f1ecaa08eda5189127f3f588ec1fa2ac1fa5774256f1cddd127b227 Alerts: Blocklists: - quad9: Sinkholed
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 9c302444a6061fae42d35bed8925886e8a40da5451854bb8532609fc8fcbe4af 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 16:12:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: fc2588383a243df01d1255141b903d58 Sha1: 4b5d8ef65adff20fb016f71fc106058c39b6de46 Sha256: 9c302444a6061fae42d35bed8925886e8a40da5451854bb8532609fc8fcbe4af
GET /js15_as.js HTTP/1.1 Host: s10.histats.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: s10.histats.com/js15_as.js FQDN: s10.histats.com IP: 46.105.201.240 HASH: 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1 46.105.201.240 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Wed, 07 Dec 2022 16:09:10 GMT etag: "-375139978" last-modified: Thu, 16 Apr 2020 10:44:16 GMT x-request-id: 733315137 content-encoding: br x-cdn-pop: sbg x-cdn-pop-ip: 137.74.120.0/27 x-cacheable: Matched cache accept-ranges: bytes content-length: 4364 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (11440), with no line terminators Size: 4364 Md5: ed192092c129db6123a3397855f42619 Sha1: 067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e Sha256: 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/images/branding/product/1x/translate_24 (...) FQDN: www.gstatic.com IP: 216.58.211.3 HASH: 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99 216.58.211.3 HTTP/2 200 OK content-type: image/png accept-ranges: bytes vary: Origin cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 846 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 07 Dec 2022 15:59:23 GMT expires: Thu, 07 Dec 2023 15:59:23 GMT cache-control: public, max-age=31536000 last-modified: Thu, 14 Oct 2021 09:08:00 GMT age: 793 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size: 846 Md5: e9cd262114358f26b7608b56905185dc Sha1: 6dbde0a96deaab2b529723ce26c62043cf9180ab Sha256: 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670429555847&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-71515688&@b3:1670429556&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2F1x1x1x1-roblox-id-game-hack&@w HTTP/1.1 Host: s4.histats.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1 (...) FQDN: s4.histats.com IP: 149.56.240.131 HASH: 843b3d523f115c807f49f65d862a3e26a6a35a4f0ba3d8f33e285013973e40ba 149.56.240.131 HTTP/1.1 200 OK Content-Type: text/html;charset=UTF-8 Date: Wed, 07 Dec 2022 16:12:36 GMT Content-Length: 51 Connection: close --- Additional Info --- Magic: ASCII text, with no line terminators Size: 51 Md5: 8f0b6943afe685890bb2a5b536939487 Sha1: a4c989314303b6e4a4aa7dc76a55d10e5147fa10 Sha256: 843b3d523f115c807f49f65d862a3e26a6a35a4f0ba3d8f33e285013973e40ba
POST /matomo.php?action_name=Robux%20Generator%20Online&idsite=1&rec=1&r=420213&h=16&m=12&s=35&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2F1x1x1x1-roblox-id-game-hack&_id=959ba2a74173b26f&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=FpRgfu&pf_net=356&pf_srv=56&pf_tfr=39&pf_dm1=1869 HTTP/1.1 Host: track.enigmacdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=utf-8 Content-Length: 0 Origin: https://gaminghelper.co Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: track.enigmacdn.com/matomo.php?action_name=Robux%20Gene (...) FQDN: track.enigmacdn.com IP: 91.223.82.61 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 91.223.82.61 HTTP/1.1 204 No Response Content-Type: text/html; charset=UTF-8 Server: nginx Date: Wed, 07 Dec 2022 16:12:36 GMT Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=60 X-Powered-By: PHP/8.0.8RC1 Access-Control-Allow-Origin: https://gaminghelper.co Access-Control-Allow-Credentials: true --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/cf/Spain.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Cookie: username1Cookie=Priscilla; username2Cookie=Eliano Fallaci; username3Cookie=Anacleto; comment1Cookie=thank you admin! works for me!! thanks ! =3; comment2Cookie=thanks for sharing . thanks a lot dude!!!! WORKS like a charm!!! .. c:; comment3Cookie=Wow.. :) that was amazing!!! thanks a lot for this. now i dont need to buy Cash! thanks a lot ! c: thanks for sharing .. many thanks!; _pk_id.1.166e=959ba2a74173b26f.1670429556.; _pk_ses.1.166e=1; HstCfa4515739=1670429555847; HstCla4515739=1670429555847; HstCmu4515739=1670429555847; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=160059; timePosted22Cookie=103474; timePosted33Cookie=64926 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/cf/Spain.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: 536e878615b908a0a15838096aaaffdadf7c079c73cdee4457bc964001b12428 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:37 GMT Content-Length: 1413 Last-Modified: Fri, 03 Sep 2021 06:33:03 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c19f-585" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data Size: 1413 Md5: 1b4684a24835b94ae1550ab478916e78 Sha1: c84b6e0ce342ecdd2f789b4f092e2139e859091b Sha256: 536e878615b908a0a15838096aaaffdadf7c079c73cdee4457bc964001b12428 Alerts: Blocklists: - quad9: Sinkholed
GET /img/cf/Australia.png HTTP/1.1 Host: gaminghelper.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/app/431946152/1x1x1x1-roblox-id-game-hack Cookie: username1Cookie=Priscilla; username2Cookie=Eliano Fallaci; username3Cookie=Anacleto; comment1Cookie=thank you admin! works for me!! thanks ! =3; comment2Cookie=thanks for sharing . thanks a lot dude!!!! WORKS like a charm!!! .. c:; comment3Cookie=Wow.. :) that was amazing!!! thanks a lot for this. now i dont need to buy Cash! thanks a lot ! c: thanks for sharing .. many thanks!; _pk_id.1.166e=959ba2a74173b26f.1670429556.; _pk_ses.1.166e=1; HstCfa4515739=1670429555847; HstCla4515739=1670429555847; HstCmu4515739=1670429555847; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=163059; timePosted22Cookie=106474; timePosted33Cookie=67926 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: gaminghelper.co/img/cf/Australia.png FQDN: gaminghelper.co IP: 91.223.82.61 HASH: fd95fecd771de335148c8bfa9ae7623d432bf6ec237c61cc42b03203c7752736 91.223.82.61 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Wed, 07 Dec 2022 16:12:40 GMT Content-Length: 2236 Last-Modified: Fri, 03 Sep 2021 06:32:01 GMT Connection: keep-alive Keep-Alive: timeout=60 ETag: "6131c161-8bc" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data Size: 2236 Md5: 6e02b268dd832cf821f5a979231df494 Sha1: 303ccd6186acd8a641d1ab745e12028f75d1cd8e Sha256: fd95fecd771de335148c8bfa9ae7623d432bf6ec237c61cc42b03203c7752736 Alerts: Blocklists: - quad9: Sinkholed
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awe (...) FQDN: maxcdn.bootstrapcdn.com IP: 104.18.11.207 104.18.11.207 HTTP/2 200 OK content-type: text/css; charset=utf-8 date: Wed, 07 Dec 2022 16:12:34 GMT vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE cdn-edgestorageid: 565, 617, 617 last-modified: Mon, 25 Jan 2021 22:04:54 GMT cdn-cachedat: 2021-06-08 19:04:20 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cache-control: public, max-age=31919000 timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * x-content-type-options: nosniff cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5 cdn-status: 200 cdn-cache: HIT cf-cache-status: HIT age: 15873802 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 775e8b29298fb4f4-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1 Host: translate.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: translate.google.com/translate_a/element.js?cb=googleTr (...) FQDN: translate.google.com IP: 216.58.211.14 216.58.211.14 HTTP/2 200 OK content-type: text/javascript; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Wed, 07 Dec 2022 16:12:34 GMT cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: CONSENT=PENDING+283; expires=Fri, 06-Dec-2024 16:12:34 GMT; path=/; domain=.google.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /cl/js/114v1 HTTP/1.1 Host: downloadlocked.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaminghelper.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: downloadlocked.com/cl/js/114v1 FQDN: downloadlocked.com IP: 23.22.126.183 23.22.126.183 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 server: nginx date: Wed, 07 Dec 2022 16:12:35 GMT cache-control: no-cache, private access-control-allow-origin: * strict-transport-security: max-age=31536000; includeSubDomains x-robots-tag: none set-cookie: XSRF-TOKEN=eyJpdiI6InJ4UGZVQXZuM2NnekNHYU1OOXZjSmc9PSIsInZhbHVlIjoiUE93RXVZdHhrY2MvVElLcUhWVlQ5OS9NQ3BOTFEwSW92OVJyUG0rZGlRT0xEaHduaFEyeGRQeVhSQUlpWGJia0FtUmxIWTJaNGhvOEZ6MWR1bzVkcXdIdmdqVjNZa1g4emREZFdYTkhQVS92ZThJWHgxS2JGUnEwdkpoQ0Y4eG0iLCJtYWMiOiJkNmNjNjI3Y2E3NzUwNzFkNmM0MjVmZTE2ZTlmMWZiOTdhMDg4OGE1NDQ1MGViMjQwYTM2MmYzZGFkMjU3ODlhIiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 12:12:35 GMT; Max-Age=72000; path=/; secure; samesite=none ogads_session=eyJpdiI6IlZLU3pydzkvQTFPT0VZYkFqRHJqN1E9PSIsInZhbHVlIjoiTC9GUm82eko2cDdabHdWSEU5b2FISVU0YWxyVXlpTVVJZDlqSEgxSlU0NlV3anZVbzN3eGFZZE90d3pjUGk5NitOWndyZ3V2TjBQRmZ3bWRZK3d2WklLbk1VOEQzc3pzYnlXVE1HdVdkZDdCWlpwTjRvTmNKeFFhWUxXUll0a1UiLCJtYWMiOiJlMjMwYzJlOTE4MTZhY2ZmZDdjZDA1NjBhMDFmYzIyYThjMDA4YjU2ZmMzMTg1ODg0MGMyNjJhNTAyZDEyODZlIiwidGFnIjoiIn0%3D; expires=Thu, 08 Dec 2022 12:12:35 GMT; Max-Age=72000; path=/; secure; httponly; samesite=none x-xss-protection: 1; mode=block, 1; mode=block x-content-type-options: DENY, nosniff X-Firefox-Spdy: h2 --- Additional Info ---

URL	netcdn.co/app/431946152/1x1x1x1-roblox-id-game-hack
IP	91.223.82.61 (Netherlands)
ASN	#199968 Iws Networks LLC
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-07 16:12:44 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	32
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (23)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 91.223.82.61

Last 5 reports on ASN: Iws Networks LLC

Last 5 reports on domain: netcdn.co

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (21)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (87)

Overview

Domain Summary (23)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 91.223.82.61

Last 5 reports on ASN: Iws Networks LLC

Last 5 reports on domain: netcdn.co

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (21)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (87)

Network Intrusion Detection Systems