Report - netcdn.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack

Report Overview

Submitted URL
netcdn.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
IP
91.223.82.61
ASN
#199968 Iws Networks LLC
Submitted
2022-12-15 09:06:44
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
96

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-09T06:28:40Z	843 B	4.3 kB	142.250.74.3
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	4.8 kB	9.8 kB	142.250.74.131
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-09T07:18:27Z	788 B	84 kB	142.250.74.106
i0.wp.com	3021	2013-09-17T08:14:42Z	2023-03-09T05:15:08Z	392 B	1.2 kB	192.0.77.2
is1-ssl.mzstatic.com	1597	2015-02-12T11:39:50Z	2023-03-09T05:15:38Z	506 B	13 kB	23.38.200.24
track.enigmacdn.com	unknown	2021-07-17T03:36:30Z	2022-12-17T10:20:46Z	1.2 kB	21 kB	91.223.82.61
netcdn.co	unknown	2021-06-14T04:08:46Z	2022-12-17T11:07:10Z	404 B	592 B	91.223.82.61
downloadlocked.com	127304	2021-10-06T20:17:41Z	2023-03-07T00:29:12Z	365 B	4.5 kB	23.22.126.183
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T06:38:59Z	503 B	46 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T05:09:25Z	3.2 kB	40 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T06:38:15Z	402 B	746 B	142.250.74.106
translate.google.com	1156	2012-05-30T03:30:32Z	2023-03-09T05:12:20Z	408 B	807 B	216.58.211.14
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	3.7 kB	9.8 kB	23.33.119.27
gaminghelper.co	unknown	2021-10-07T06:32:40Z	2022-12-17T11:01:17Z	19 kB	278 kB	91.223.82.61
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	54.186.169.128
s10.histats.com	15211	2012-05-21T19:14:14Z	2023-03-09T05:19:14Z	361 B	4.7 kB	46.105.201.240
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T05:22:46Z	1.0 kB	2.0 kB	93.184.220.29
s4.histats.com	12782	2012-05-21T19:14:14Z	2023-03-09T05:19:14Z	643 B	183 B	54.39.156.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-15	medium	gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack	Phishing
2022-12-15	medium	gaminghelper.co/js/fancySelect.js	Phishing
2022-12-15	medium	gaminghelper.co/js/jquery.countTo.js	Phishing
2022-12-15	medium	gaminghelper.co/js/sweetalert2.min.js	Phishing
2022-12-15	medium	gaminghelper.co/js/validator.min.js	Phishing
2022-12-15	medium	gaminghelper.co/js/form-scripts.js	Phishing
2022-12-15	medium	gaminghelper.co/js/com.js	Phishing
2022-12-15	medium	gaminghelper.co/js/jquery.magnific-popup.min.js	Phishing
2022-12-15	medium	gaminghelper.co/js/sticky.js	Phishing
2022-12-15	medium	gaminghelper.co/js/main.js	Phishing
2022-12-15	medium	gaminghelper.co/fonts/bebasneue_bold-webfont.html	Phishing
2022-12-15	medium	gaminghelper.co/fonts/bebasneue_regular-webfont.html	Phishing
2022-12-15	medium	gaminghelper.co/fonts/et-line.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed
2022-12-15	medium	gaminghelper.co	Sinkholed

JavaScript (20)

	URL	Size	First Seen	Last Seen
	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	77 kB	2023-03-09	2023-03-09
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:03:56 Last Seen2023-03-09 10:03:56 Times Seen1 Hash 8223f7114877a9648d748c1af535b058 28c8a602a4549b7d8849ebccfe21ac8470bfa85d 3a7c86351fa44e75b0f21975e7b96843a6c6c9eed4b79d32f78bcb2b39c368a9 Loading...

	gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack	134 B	2023-03-07	2024-04-18
Pretty URL gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-18 00:42:05 Times Seen298 Hash 75606a24bd728e5d7d7256fbb679bc26 7bfbb31c174ab2a6f4c68c9852c8444c075eab43 9932726d2c87611c904eb0b04d822e785cd73f693838aa2cae3fc90a7d8d7746 Loading...

	track.enigmacdn.com/matomo.js	62 kB	2023-03-07	2024-03-21
Pretty URL track.enigmacdn.com/matomo.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-21 00:53:25 Times Seen62 Hash d11aac5ce224776b3bf4b7f3830b5715 3f839e5521a7c2bb935398532d88ed0db6d7ef82 06587cdfccdef20227d296641a33b1d477131b6873024164bcb9a31aa6343018 Loading...

	gaminghelper.co/js/sweetalert2.min.js	20 kB	2023-03-07	2024-02-10
Pretty URL gaminghelper.co/js/sweetalert2.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-02-10 04:05:40 Times Seen448 Hash 0ad69b0e70b7da1bb8f8a96e9e6b5d9a 7d21a0c1f43d3edb47dd9e69b05243f3fcb53152 4051f26691def4eafcae32928be110c13d1819e544a12b0a9b95378bfaf9859b Loading...

	ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js	200 kB	2023-03-07	2024-03-22
Pretty URL ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2024-03-22 19:16:45 Times Seen485 Hash 234f1553c7d27cce512062c59800a9a8 b48e01c35c1e6ad622386b9a3161bd1bf02723c8 d87043ac816dbfadae73fcc32f84eadb9a665cf97ae938bea9702a27d3e9a54a Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 08:08:43 Times Seen36931488 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	gaminghelper.co/js/main.js	41 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/js/main.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:45 Times Seen1 Hash bede286c34301eb26586b72e75e78b04 9532a06f8a2e823a3e9bf2aad3db9e9ac68fd350 3bcd8ddbc045a523b9ee81867e298a40d75a2a2ecc53d44257f2487c50bbe02c Loading...

	downloadlocked.com/cl/js/114v1	2.8 kB	2023-03-07	2023-03-17
Pretty URL downloadlocked.com/cl/js/114v1 IP 23.22.126.183 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash 1f988d013c5e133555235469c0c92616 d8b81b2e5f125680c977a6e296580e55088db6a9 82989a0b0aa7050c358cdac4edcedada2e6f58f02861418bfa375dd92a037f00 Loading...

	gaminghelper.co/js/jquery.countTo.js	3.8 kB	2023-03-07	2024-04-05
Pretty URL gaminghelper.co/js/jquery.countTo.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-05 06:37:17 Times Seen457 Hash acad36d38da9f68c52bb074b2c478d0f 922c71c5699f9306a415a7a344be46d92e0fc4a1 00619814b3b256720a9ffd9408397d0ffe5559ff301d608eb66f585343fd83a2 Loading...

	gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack	22 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-03-17 12:42:32 Times Seen1 Hash 8f1921eedeaf84979b94a5ee06db8361 6e986775e93672eab866417d2700167d0779523c 6ce4811a222a24eb818fb70f6adfc65138c800dc3118a733e143d624c4fb9fcb Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main	212 kB	2023-03-08	2023-12-02
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:09 Last Seen2023-12-02 15:44:19 Times Seen21 Hash 8bf322278cc4d5349d9f216543dad348 836605271acad0b93010bf2a97c2b4d2cdab6527 dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816 Loading...

	gaminghelper.co/js/validator.min.js	6.1 kB	2023-03-07	2024-04-12
Pretty URL gaminghelper.co/js/validator.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-12 19:45:27 Times Seen915 Hash 81df0465f243a2e7b7b06b8ad6015173 996eb26bb4bdb44ed5257d048cedaf3ed0a6f90c c31a654938abf168fca328d9663ea83999b87ff36d18b016ea8aace1a9cb2cb1 Loading...

	gaminghelper.co/js/jquery.magnific-popup.min.js	21 kB	2023-03-07	2024-04-17
Pretty URL gaminghelper.co/js/jquery.magnific-popup.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-17 19:29:15 Times Seen2397 Hash be3333626c57af03599abcb59b325e09 3824067348f6485d6b07d3a43660804e3731b21a ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc Loading...

	s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1671095192458&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-164584887&@b3:1671095192&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Fhow-to-hack-in-roblox-games-on-computer-game-hack&@w	51 B	2023-03-09	2023-03-09
Pretty URL s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1671095192458&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-164584887&@b3:1671095192&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Fhow-to-hack-in-roblox-games-on-computer-game-hack&@w IP 54.39.156.32 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:03:56 Last Seen2023-03-09 10:03:56 Times Seen1 Hash 900ddb05f5672f370e5a90c0c291433e 4fa1cd7af582e62c3b49f1597f30dba88c335e8e 8cdcb31710e2f2e801439f7c852939fe0e3865bd18c0317b5dd1cf5db50d39ee Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-03-25
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-25 09:24:29 Times Seen1978 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	gaminghelper.co/js/fancySelect.js	6.8 kB	2023-03-07	2024-01-29
Pretty URL gaminghelper.co/js/fancySelect.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-01-29 12:40:14 Times Seen59 Hash c74159f77d12d9998d8c173e153b7999 5dd2266cf7eb14f2967be6691b7ff0e393cba733 be013828b8a66ccdbdc65234532cfd4a04a73c7778a42d7b0bf952278846f1a2 Loading...

	gaminghelper.co/js/com.js	18 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/js/com.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash 25da4b390ac3c74f08d94136ab818c4f 9f958878fd1eebaa29814ad9fb2ef2b0e64850ca 7c8c1910127d6819826ff82fadaa97c734c68e7b1dca436ab0e52ada016940cc Loading...

	gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack	536 B	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash e5b8ea1cfa205b2dac9f8a92205f59fa b128ca1db079d2e4c4b781ea52d16677b18a8f0d e511583166051fad920d844a259034a0186bc0287371ac576de4b33dfc1234ee Loading...

	gaminghelper.co/js/form-scripts.js	1.5 kB	2023-03-07	2024-01-23
Pretty URL gaminghelper.co/js/form-scripts.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-01-23 15:52:36 Times Seen12 Hash 1ed21b81ae655c54943ed33ea9109c4a 0aa5bc09f55ef28b87dba9025094ec8b2a9ed8a0 135922615df355461155701925a7534d9e94c0d0433160ffa68c100ed9524e14 Loading...

	gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack	424 B	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 12:49:45 Times Seen1 Hash 78ba106660ccbf94e4396883aae7f529 ae295fb3fbe8c1306d8a3c268429d0360e82218b adf239ecfa137f53ba82a75fe82b26ed11768e184b8904d2f35655749ad5dd22 Loading...

HTTP Transactions (89)

URL IP Response Size

netcdn.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack

91.223.82.61

301 Moved Permanently

295 B

URL HTTP/1.1
netcdn.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
295 B (295 bytes)
Hash
8064a2e299d8115cecf310259d56a66a
1237b5b51cee42ebe0eaf300fc6474e87bca75d0
d1cd6a827b4451376499f0d70b74ccdb5f8e0d392bea3aa15b154d054c5c2ff6

HTTP Headers

GET /app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack HTTP/1.1
Host: netcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9838
Expires: Thu, 15 Dec 2022 11:50:31 GMT
Date: Thu, 15 Dec 2022 09:06:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20585
Expires: Thu, 15 Dec 2022 14:49:38 GMT
Date: Thu, 15 Dec 2022 09:06:33 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 08:33:53 GMT
content-type: application/json
age: 1960
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9588
Expires: Thu, 15 Dec 2022 11:46:21 GMT
Date: Thu, 15 Dec 2022 09:06:33 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: lg55TiBwUO0LKywL8J6cgDjuLvgPIs0eCm4V0YRKQ0VyJqhIQB9Tg37tOwFoUZPx+VNfmIVmo1I=
x-amz-request-id: T7TZ206NVGKRZRQB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 08:50:51 GMT
age: 942
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
693fb7e154d47e4ca00583d356044bcf
5382a15dac0beba4775213c856171a39f8a5f646
06eed5cae42fe2547330cb15920aabb03e3b5016c0c2e8f94284cd605ccbc752

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06EED5CAE42FE2547330CB15920AABB03E3B5016C0C2E8F94284CD605CCBC752"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12646
Expires: Thu, 15 Dec 2022 12:37:19 GMT
Date: Thu, 15 Dec 2022 09:06:33 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 09:06:33 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Size
20 kB (20003 bytes)
Hash
94d17b53e2271b5c8ee9d31c9c3a57d2
58af2bb33446f359b61abecf0e9260f58a1cfe6f
2332bf48b3f4bed1d741a0ad0a77dee6ce0ab4d1fc1b929ebe8a3c69df1e230d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip

gaminghelper.co/css/bootstrap.min.css

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/css/bootstrap.min.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (65371)
Size
20 kB (19597 bytes)
Hash
3f142cfc2d7123b31a1e696e0591f27a
834192dbadf2713cd2ff89f50d7ec2f1d4782e54
3421e2383a7c02f24509d2f1294d3099b658d0773f97706b87b832b0b770c0b6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-1d9bb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/animate.css

91.223.82.61

200 OK

4.0 kB

URL HTTP/1.1
gaminghelper.co/css/animate.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
4.0 kB (4026 bytes)
Hash
48bc9b81bca18c06ba937cbb880b4cb3
697313edfad185bcca5c7bde18da4a98f93e3adb
b30b4d8565f9af6c8d2cb3839aa09dbccd60ca1a766465d542debade38f45741

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-10cbc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/sweetalert2.min.css

91.223.82.61

200 OK

2.7 kB

URL HTTP/1.1
gaminghelper.co/css/sweetalert2.min.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (13987), with no line terminators
Size
2.7 kB (2737 bytes)
Hash
1cfac88a4a8e1bc20b811757fb028b40
10427c064f703342d031411a3310e2a5ef2083bc
53976df2ad3ce0c0f2632bb620bbb02d930a5eb943298170e97189f029a0d70d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/sweetalert2.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c106-36a3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/fancySelect.js

91.223.82.61

200 OK

1.7 kB

URL HTTP/1.1
gaminghelper.co/js/fancySelect.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.7 kB (1661 bytes)
Hash
a60791b5b353371813114e815d946494
69d1f371b0ed899641e640b2649c0914302812bd
5d19375a0386f8ea11115e3145c61105cfa1daca00d15ad54b49c84967f518d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/fancySelect.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-1a7a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/magnific-popup.css

91.223.82.61

200 OK

2.0 kB

URL HTTP/1.1
gaminghelper.co/css/magnific-popup.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
2.0 kB (1994 bytes)
Hash
c0275239cb960b014d780d8105b44d72
8db83ac790988232549a3740ecf04fc199da1ce8
211b79363793093a7a2f1d342768844e938e88156b62293093185a6500ead1cf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/magnific-popup.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-1f0a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/fancySelect.css

91.223.82.61

200 OK

1.0 kB

URL HTTP/1.1
gaminghelper.co/css/fancySelect.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.0 kB (1023 bytes)
Hash
458a1a06f282aa4c457a8b613d6a38e6
b524e1cb32722230e18bc85f414b9a10e43a7e2d
3f41176d4616a36f4325865bb3c0ea652f3616dec60b31bd923df91f600506b2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/fancySelect.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-109d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/style.css

91.223.82.61

200 OK

8.5 kB

URL HTTP/1.1
gaminghelper.co/css/style.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (1512)
Size
8.5 kB (8520 bytes)
Hash
4d36bdeba8bb00f4ee280771fddfa689
8dfbed7251f5bb010d5fe8f64e0d60abc3e9fd54
08bb84420272831b8755bc5bd2858bf8a486006a9367b670d826ee516262a2c8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c106-bd7b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/jquery.countTo.js

91.223.82.61

200 OK

1.1 kB

URL HTTP/1.1
gaminghelper.co/js/jquery.countTo.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.1 kB (1125 bytes)
Hash
547f5246e091d19af521dee35588e468
4772f3c1e62865ccbbab04abd39e69510c8f5843
67880d8532d95db3e74b7da985ca2fe7c9d9660e3dd125202cebcda96a2007e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.countTo.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b3-eb1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/sweetalert2.min.js

91.223.82.61

200 OK

6.5 kB

URL HTTP/1.1
gaminghelper.co/js/sweetalert2.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (20305), with no line terminators
Size
6.5 kB (6538 bytes)
Hash
b238ef007e57c4c8f9447cba68fdb3a2
2d4ca455aca3fcd8ee7ac2e2883cfa89c87bd532
aeafa1e7bb6a973eac2b4f5462844b1c2d64d53eb2e09e75f265e646320f7080

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/sweetalert2.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-4f51"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/validator.min.js

91.223.82.61

200 OK

2.1 kB

URL HTTP/1.1
gaminghelper.co/js/validator.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (5862)
Size
2.1 kB (2094 bytes)
Hash
1ab13fa2eeca5d16de99a1cad839416c
0d0a95bd88d04b02d89e1162dd3ebb20b5543dd8
56b8d7fb44f86809b49d416022455ac170fb0b79d1ab4b6e5192a046e660f667

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/validator.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-17a7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/js/form-scripts.js

91.223.82.61

200 OK

609 B

URL HTTP/1.1
gaminghelper.co/js/form-scripts.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
609 B (609 bytes)
Hash
4fb85eb3b2f0dd8b8f5953c58236da3e
1c9f6c7a15a3248147e056672ffbf4fdbaed6718
3dd0f5e5567c73519dc3eeb98ba6fef9d2b2982af24544ba3d7bbc684d6bae6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/form-scripts.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-5bd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/com.js

91.223.82.61

200 OK

3.3 kB

URL HTTP/1.1
gaminghelper.co/js/com.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
C source, Unicode text, UTF-8 text, with very long lines (2456)
Size
3.3 kB (3265 bytes)
Hash
ecf323c878106fa274f5e9f3b3a82437
86b15826e8a83c81da7ef264dd8e3ff59ef5c1bf
28babf5e232e3dc0985bab21a28eea25b17bc078bafc92a6ba049eefb1e45720

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/com.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-461a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/js/jquery.magnific-popup.min.js

91.223.82.61

200 OK

7.7 kB

URL HTTP/1.1
gaminghelper.co/js/jquery.magnific-popup.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (21014)
Size
7.7 kB (7685 bytes)
Hash
12a9a563724e70a895de0fbd5f7b4ee5
a14c616f532deb9ca2d5fa0de6124d47ea60ab57
f2e1cd5f2953925591288bd1cc3f167bbd392497476119083458e33e9ab87079

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b6-5297"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/js/sticky.js

91.223.82.61

200 OK

0 B

URL HTTP/1.1
gaminghelper.co/js/sticky.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/sticky.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: application/javascript
Content-Length: 0
Last-Modified: Fri, 03 Sep 2021 06:33:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c1b8-0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6c9f05fb499af4966a29ef3512602332
4b9a332ca18810028ea54c3b867feed1c49267e3
75342aaa31f02e9359554002a384b25bad7e12352bb89859068d07a62d4c2e2b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5595
Cache-Control: max-age=170881
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Etag: "639ac640-117"
Expires: Sat, 17 Dec 2022 08:34:35 GMT
Last-Modified: Thu, 15 Dec 2022 07:01:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

142.250.74.106

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32025)
Size
30 kB (29725 bytes)
Hash
83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421

HTTP Headers

GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Dec 2022 16:58:49 GMT
expires: Sun, 10 Dec 2023 16:58:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 403665
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js

142.250.74.106

200 OK

52 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (563)
Size
52 kB (51711 bytes)
Hash
d3908721b39ebbeffaf1c917bbda06e8
0f9b6c6bdad9cfc057f3e85f52cc417370959fb9
4ae100977cea8b9965e5d231f3ae655783b4f163c56ee703953aff937525ed37

HTTP Headers

GET /ajax/libs/jqueryui/1.8.13/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 51711
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 04:06:37 GMT
expires: Tue, 12 Dec 2023 04:06:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 277197
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
215b076267525eee2fadb8d889e5f351
28d0a048b68627916191262fee89a8db4b1614b2
44da07142c9aad7201a7ccb38b4bf03c82f1a66b730a953c0306fe09e3025ad5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/js/main.js

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/js/main.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (16162)
Size
15 kB (15195 bytes)
Hash
562dc83f2f14b713905fe69a0994e11d
43cd616f9ea8c8c1eb0edccd54a29e2490fcf90a
745ecf708bc71ba73f7071b8a35c3f639ec7f3e05ceb826458a1b6a8fb4fe782

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/main.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b7-a08b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
354d1c71c6eb7ea571e1c63b44ed38d2
e72580fcbd87651c2591aa7802047598446d62dc
e7d77d4facda5f5683708ba8211bcf1a2253543f6fac8f3d9a82aa2f93fe1d56

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7D77D4FACDA5F5683708BA8211BCF1A2253543F6FAC8F3D9A82AA2F93FE1D56"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1590
Expires: Thu, 15 Dec 2022 09:33:04 GMT
Date: Thu, 15 Dec 2022 09:06:34 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 08:33:21 GMT
age: 1993
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6c9f05fb499af4966a29ef3512602332
4b9a332ca18810028ea54c3b867feed1c49267e3
75342aaa31f02e9359554002a384b25bad7e12352bb89859068d07a62d4c2e2b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5595
Cache-Control: max-age=170881
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Etag: "639ac640-117"
Expires: Sat, 17 Dec 2022 08:34:35 GMT
Last-Modified: Thu, 15 Dec 2022 07:01:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
215b076267525eee2fadb8d889e5f351
28d0a048b68627916191262fee89a8db4b1614b2
44da07142c9aad7201a7ccb38b4bf03c82f1a66b730a953c0306fe09e3025ad5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

downloadlocked.com/cl/js/114v1

23.22.126.183

200 OK

3.3 kB

URL HTTP/2
downloadlocked.com/cl/js/114v1
IP
23.22.126.183:0
ASN
#14618 AMAZON-AES

File type
data
Size
3.3 kB (3270 bytes)
Hash
0665c277e9c11d3f6780d4cf91a41013
2ee7fc0320b5ed32d7ab1f058244b536bc46a993
315ca8b91e07485fa6d4c446186dc10eee57a1eb76dafd5f945033f6f105a943

HTTP Headers

GET /cl/js/114v1 HTTP/1.1
Host: downloadlocked.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 09:06:34 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: none
set-cookie: XSRF-TOKEN=eyJpdiI6Im9JN3RSc2dxL1ZzOGRGdnlNczlEVkE9PSIsInZhbHVlIjoiRys1Z01VZjlucGdzQnBwdVpqMDVNVUlPTFlTN1NwaHl6QXJ0clZYcmxxOXY4WWticldHNDRFN0poME5hME0zRTBxL2g1Y1RTQVhQTjNHaE9ESXFKRlFtTTlHa2dubUE1T1hwUXFkMmVMRFBQZ3ZvWUxqTEZQM0JuV3JYWVVyTmUiLCJtYWMiOiJkMGQ1YmU5NDdiYjVlYWY5ZTZlMDY5OGQ2ZTliZDRlOTljMWY0M2M5OWJmNmQ3YTU2ODkzN2Y5ODJiMjdmZjdhIiwidGFnIjoiIn0%3D; expires=Fri, 16 Dec 2022 05:06:34 GMT; Max-Age=72000; path=/; secure; samesite=none
ogads_session=eyJpdiI6IlNIbTZ3UmdDeHZrTDZYcWp4d1ZFVGc9PSIsInZhbHVlIjoiUmtZbVZ1TWxrMWRlck9OeEYxRmd2MkNpU3Y3bE5nNnFSdFJOaEgxMWh6UFdramxIaEsxQVViTG0wTXF2Q3llMXZFVjk1MVFjTWxQbXVGYk9MMWNnczdnMW5MZWdtaXkyaHVPd1lyeHpZUktjeUV5eVNldk5UdzBJY1hIUm5Pdk4iLCJtYWMiOiIwMjMxNGU0OTIwNjAyZjE3OGFlYTcxMmE2ZDQwMTlhODg1OWRlYzg2MzI2Yjc1OTJjODY0ZmQ5YTI3MDdmOWI3IiwidGFnIjoiIn0%3D; expires=Fri, 16 Dec 2022 05:06:34 GMT; Max-Age=72000; path=/; secure; httponly; samesite=none
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: DENY, nosniff
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d222dbabfba908b165152f8246ce101f
cd11bd45f74ad81c46f9a27cbe16abc90d3d27c4
8dc54a7502743c86c5e6b1da0eb3b811a161b51d8ad627e491ca97176258aa37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3921
Cache-Control: max-age=117733
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Etag: "6399fd2e-1d7"
Expires: Fri, 16 Dec 2022 17:48:47 GMT
Last-Modified: Wed, 14 Dec 2022 16:43:26 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

i0.wp.com/enigmanetwork.net/dmca.png

192.0.77.2

200 OK

668 B

URL HTTP/2
i0.wp.com/enigmanetwork.net/dmca.png
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
668 B (668 bytes)
Hash
fa302d465f15a34e8264bc761a6902aa
2c73911e3cfcf82860d1d59a0ccd2625ae98fffb
0cbddd5e01b49d35d16b15fc54a481a17a0f2803c2da6807800428139dd50f7f

HTTP Headers

GET /enigmanetwork.net/dmca.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 09:06:34 GMT
content-type: image/webp
content-length: 668
last-modified: Thu, 04 Aug 2022 17:20:08 GMT
expires: Sun, 04 Aug 2024 05:20:08 GMT
cache-control: public, max-age=63115200
link: <http://enigmanetwork.net/dmca.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a264775a6858f15f"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

is1-ssl.mzstatic.com/image/thumb/Purple122/v4/9b/ac/11/9bac11ba-0ca7-a097-9c52-b47dcaf27748/AppIcon-1x_U007emarketing-0-7-0-0-85-220.png/150x150bb.jpg

23.38.200.24

200 OK

12 kB

URL HTTP/2
is1-ssl.mzstatic.com/image/thumb/Purple122/v4/9b/ac/11/9bac11ba-0ca7-a097-9c52-b47dcaf27748/AppIcon-1x_U007emarketing-0-7-0-0-85-220.png/150x150bb.jpg
IP
23.38.200.24:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 150x150, components 3\012- data
Size
12 kB (12213 bytes)
Hash
eaa6067e2c9d149e326fbcfbc7d2367b
e2bb57b2028e5a3f04e59db618d87b0fb4818230
2ad1acfa41c0453140b8739505564112b5c255f6b1eca9a6338310db44061f26

HTTP Headers

GET /image/thumb/Purple122/v4/9b/ac/11/9bac11ba-0ca7-a097-9c52-b47dcaf27748/AppIcon-1x_U007emarketing-0-7-0-0-85-220.png/150x150bb.jpg HTTP/1.1
Host: is1-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/jpeg
content-length: 12213
x-apple-jingle-correlation-key: OOCNGUETKYYAYBWWGPU42467XM
x-apple-request-uuid: 7384d350-9356-300c-06d6-33e9cd73dfbb
b3: 7384d3509356300c06d633e9cd73dfbb-aa58e7e80c2524bd
x-b3-traceid: 7384d3509356300c06d633e9cd73dfbb
x-b3-spanid: aa58e7e80c2524bd
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Thu, 08 Dec 2022 22:54:33 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjcwNTQwMDczMTIxLGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMjg0LG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE175:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: db1ce18a-00fc-451a-9389-ab5a87cb7b33-3886458766
cache-control: no-transform, max-age=14884525
date: Thu, 15 Dec 2022 09:06:34 GMT
x-cache: TCP_MEM_HIT from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
X-Firefox-Spdy: h2

gaminghelper.co/img/robux.png

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/img/robux.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 220 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14564 bytes)
Hash
9c5420a8f8c55be36294fce245595dba
4b9a024b51a475b1b7514a7650ff684ec9323572
44e5a0923e6a0c2157435f215db9d3c2edf95408dfb3d87fa553830f582e24fd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/robux.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/png
Content-Length: 14564
Last-Modified: Fri, 03 Sep 2021 06:31:43 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14f-38e4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/main-bg.jpg

91.223.82.61

200 OK

9.4 kB

URL HTTP/1.1
gaminghelper.co/img/main-bg.jpg
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
9.4 kB (9365 bytes)
Hash
d93b1723b2a2723d48696c5a6cae3b7e
6f69bdc7079dd114f6fc816c5098f80b58c7b794
efbff382982bb66a918e5412741a23a309c6f4ca4e9820e65e67f659767765d6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/main-bg.jpg HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/jpeg
Content-Length: 9365
Last-Modified: Fri, 03 Sep 2021 06:31:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c143-2495"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/pr-l.png

91.223.82.61

200 OK

7.5 kB

URL HTTP/1.1
gaminghelper.co/img/pr-l.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Size
7.5 kB (7453 bytes)
Hash
91d0b1f8f5b7685478ff0d1f461fa658
7e457376b687add741a5d6cea2713dc4ef37efbc
37e1b903b1a3b99f70dd9b463948bbaed162d7f3cc957dbc5084f0c523b9ec0d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/pr-l.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/png
Content-Length: 7453
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-1d1d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/smallbtnbg.png

91.223.82.61

200 OK

1.4 kB

URL HTTP/1.1
gaminghelper.co/img/smallbtnbg.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1405 bytes)
Hash
92b84c143879abe85792a3408ae4845d
1f8e983f7514d582e81cfee98ad8bb40ced26972
dcf687cc9a059bc7a036faf3a86c50103d04e1fdca867deb7553ec9136719f0d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/smallbtnbg.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/png
Content-Length: 1405
Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c154-57d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/smallbtnbg-r.png

91.223.82.61

200 OK

1.4 kB

URL HTTP/1.1
gaminghelper.co/img/smallbtnbg-r.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1393 bytes)
Hash
bdfffd47e30bf7d045d45f0125a33164
5834aea23f79a1ddccea3825bd51249307435c5f
0f61dff49d41fddbcc21de3dd4f1a62006f366083361d725bfd92ccf87212067

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/smallbtnbg-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/png
Content-Length: 1393
Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c154-571"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/button-dot.png

91.223.82.61

200 OK

672 B

URL HTTP/1.1
gaminghelper.co/img/button-dot.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Size
672 B (672 bytes)
Hash
478aefab2e280b16b0372e607414d3c2
710f5aaa706ec23cbf45006d7c1d25be76b4fa64
a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/button-dot.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/png
Content-Length: 672
Last-Modified: Fri, 03 Sep 2021 06:31:14 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c132-2a0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/panel-overlay.png

91.223.82.61

200 OK

3.1 kB

URL HTTP/1.1
gaminghelper.co/img/panel-overlay.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data
Size
3.1 kB (3116 bytes)
Hash
2b026d93f79b384005e4252c80701791
87804a0d83d2e745b31526c8b60d026abecbe73a
b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/panel-overlay.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/png
Content-Length: 3116
Last-Modified: Fri, 03 Sep 2021 06:31:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c146-c2c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/pr-r.png

91.223.82.61

200 OK

11 kB

URL HTTP/1.1
gaminghelper.co/img/pr-r.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11003 bytes)
Hash
284e10ee335890399e8f772c430570a9
188bf895905cee7d579aad2b6b5cdf795741f9cd
e88b54e0aa65055cb25657c0ed283b4d768a79770980c27f424886a48fa046ef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/pr-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/png
Content-Length: 11003
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-2afb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:52:41 GMT
expires: Tue, 12 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 224033
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gaminghelper.co/img/btn-img.png

91.223.82.61

200 OK

1.3 kB

URL HTTP/1.1
gaminghelper.co/img/btn-img.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 150 x 100, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1335 bytes)
Hash
817cb08a965fe5bf8debba11091e94c0
214d58c18bcbcfebd1606554929e9bc5f65755c6
e7e359cb00b793c60c192fb1dbffa401806d99267e9b55d8bc9ce3c8260568ae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/btn-img.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/png
Content-Length: 1335
Last-Modified: Fri, 03 Sep 2021 06:31:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c131-537"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/fonts/bebasneue_bold-webfont.html

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/fonts/bebasneue_bold-webfont.html
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format (Version 2), TrueType, length 15216, version 1.197\012- data
Size
15 kB (15216 bytes)
Hash
772fc6a0795e2498a1715526dd95ac22
d410a8da10385a0ef11a74e69644493b99315fc3
13c03e5c6b49e447770ba4d0aee22d4aedbeed87e94f54fdcaf990934c109830

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/bebasneue_bold-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: text/html
Content-Length: 15216
Last-Modified: Fri, 03 Sep 2021 06:30:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c118-3b70"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/fonts/bebasneue_regular-webfont.html

91.223.82.61

200 OK

16 kB

URL HTTP/1.1
gaminghelper.co/fonts/bebasneue_regular-webfont.html
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data
Size
16 kB (15948 bytes)
Hash
af83f1b88fb4654673e9c841bd22a8c7
61e5a340ea87431211d732024f2703dca5b80cbc
bee0bcc11701aea746fd8b734379ba5e003a034460bfd71d88dc364b4d939be6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/bebasneue_regular-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: text/html
Content-Length: 15948
Last-Modified: Fri, 03 Sep 2021 06:30:51 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c11b-3e4c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/close.png

91.223.82.61

200 OK

4.9 kB

URL HTTP/1.1
gaminghelper.co/close.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4878 bytes)
Hash
fb5d414fccc35f19fde0f30a8c98139b
4b4a030923039e56efdad2c2d97f0a74d2c74657
a967335d601fb662b5723f1181b3d07f25811d2ca26131598c48482b9935217b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /close.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Cookie: username1Cookie=Anacleto; username2Cookie=Marilena; username3Cookie=Eliano Fallaci; comment1Cookie=thanks for sharing !; comment2Cookie=works like a charm.. thanks admin..    I can not believe believe that this really works, generated 80000 Cash.. =D this is legit website .. thank you so much. =); comment3Cookie=WOW.. works like a charm.. thanks admin..  this is legit website   =3 thank you admin!  200000  Cash.
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/png
Content-Length: 4878
Last-Modified: Fri, 03 Sep 2021 06:30:21 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c0fd-130e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Sweden.png

91.223.82.61

200 OK

1.2 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Sweden.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1211 bytes)
Hash
7feabb1881584be6eebec51635c660a3
a59a164705c5a80894fad514257abe660d4dc5fb
f577b1bb05cbd810b2a0b040113f68b568f12a1649ed6321c7762d4898820279

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Sweden.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Cookie: username1Cookie=Anacleto; username2Cookie=Marilena; username3Cookie=Eliano Fallaci; comment1Cookie=thanks for sharing !; comment2Cookie=works like a charm.. thanks admin..    I can not believe believe that this really works, generated 80000 Cash.. =D this is legit website .. thank you so much. =); comment3Cookie=WOW.. works like a charm.. thanks admin..  this is legit website   =3 thank you admin!  200000  Cash.
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: image/png
Content-Length: 1211
Last-Modified: Fri, 03 Sep 2021 06:33:05 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c1a1-4bb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/fonts/et-line.woff

91.223.82.61

200 OK

55 kB

URL HTTP/1.1
gaminghelper.co/fonts/et-line.woff
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format, CFF, length 55220, version 1.0\012- data
Size
55 kB (55220 bytes)
Hash
b01ff252761958325faab1535c90c87f
d33413e7bc42acc8837cc9030ca45d29c1ccf0c6
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/et-line.woff HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: font/woff
Content-Length: 55220
Last-Modified: Fri, 03 Sep 2021 06:30:56 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c120-d7b4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
049f5e7458078d37e94c3457ec1d8c94
58c25a6279ecc9b11aeac59c904ef7faceb8ec8d
50c5b94c7c0b721e338944fd3cab4733b6bff53351ad0e545c6130746a681b06

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50C5B94C7C0B721E338944FD3CAB4733B6BFF53351AD0E545C6130746A681B06"
Last-Modified: Tue, 13 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12668
Expires: Thu, 15 Dec 2022 12:37:42 GMT
Date: Thu, 15 Dec 2022 09:06:34 GMT
Connection: keep-alive

push.services.mozilla.com/

54.186.169.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.169.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I98elL80XbGJmUPVEYLgMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e7qS7KgwUvv9qrgw+P7FKFBMhyY=

track.enigmacdn.com/matomo.js

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
track.enigmacdn.com/matomo.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (1404)
Size
20 kB (20210 bytes)
Hash
8cd72e4f9c8225acdd40bf7dc2406e19
0cd39b8143536dfb54d1224e502ccc6567081204
f7a1fe5cff057b3d4c769d456085425932f39e43050ba4ff77fd9e0a66b57881

HTTP Headers

GET /matomo.js HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: application/javascript
Last-Modified: Wed, 26 May 2021 02:21:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"60adb0af-f330"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a2d26c39e35884fba93ecbe753165e7
9fc88cd345a6dad1adeb3352de2498653106a735
c33cd921dcd2bc58b48d83d2ea4ae109bd854e7460862ed2dc37f49ffd637787

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C33CD921DCD2BC58B48D83D2EA4AE109BD854E7460862ED2DC37F49FFD637787"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18032
Expires: Thu, 15 Dec 2022 14:07:07 GMT
Date: Thu, 15 Dec 2022 09:06:35 GMT
Connection: keep-alive

gaminghelper.co/app/431946152/img/favicon-16x16.png

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/app/431946152/img/favicon-16x16.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Size
20 kB (20003 bytes)
Hash
94d17b53e2271b5c8ee9d31c9c3a57d2
58af2bb33446f359b61abecf0e9260f58a1cfe6f
2332bf48b3f4bed1d741a0ad0a77dee6ce0ab4d1fc1b929ebe8a3c69df1e230d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /app/431946152/img/favicon-16x16.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Cookie: username1Cookie=Anacleto; username2Cookie=Marilena; username3Cookie=Eliano Fallaci; comment1Cookie=thanks for sharing !; comment2Cookie=works like a charm.. thanks admin..    I can not believe believe that this really works, generated 80000 Cash.. =D this is legit website .. thank you so much. =); comment3Cookie=WOW.. works like a charm.. thanks admin..  this is legit website   =3 thank you admin!  200000  Cash.
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 15 Dec 2022 09:03:52 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 675710637
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
088037aa3cd3f678776d4443ee3feec3
4e8c2c84585e93acaeaba3c4a5704a98a315b33d
5f6edbe6d09f7efebc225ecb6d07c98f1ec12fa127febec52a4194130affdc88

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
088037aa3cd3f678776d4443ee3feec3
4e8c2c84585e93acaeaba3c4a5704a98a315b33d
5f6edbe6d09f7efebc225ecb6d07c98f1ec12fa127febec52a4194130affdc88

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.3

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 03:49:48 GMT
expires: Fri, 15 Dec 2023 03:49:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 19007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.3

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 23:44:48 GMT
expires: Thu, 14 Dec 2023 23:44:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 33707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
088037aa3cd3f678776d4443ee3feec3
4e8c2c84585e93acaeaba3c4a5704a98a315b33d
5f6edbe6d09f7efebc225ecb6d07c98f1ec12fa127febec52a4194130affdc88

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 09:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1671095192458&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-164584887&@b3:1671095192&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Fhow-to-hack-in-roblox-games-on-computer-game-hack&@w

54.39.156.32

200 OK

51 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1671095192458&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-164584887&@b3:1671095192&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Fhow-to-hack-in-roblox-games-on-computer-game-hack&@w
IP
54.39.156.32:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
900ddb05f5672f370e5a90c0c291433e
4fa1cd7af582e62c3b49f1597f30dba88c335e8e
8cdcb31710e2f2e801439f7c852939fe0e3865bd18c0317b5dd1cf5db50d39ee

HTTP Headers

GET /stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1671095192458&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-164584887&@b3:1671095192&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Fhow-to-hack-in-roblox-games-on-computer-game-hack&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 09:06:35 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close

track.enigmacdn.com/matomo.php?action_name=Robux%20Generator%20Online&idsite=1&rec=1&r=847947&h=9&m=6&s=32&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Fhow-to-hack-in-roblox-games-on-computer-game-hack&_id=5ef6e6eaeeb910a9&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=ZP2SuS&pf_net=175&pf_srv=47&pf_tfr=35&pf_dm1=784

91.223.82.61

204 No Response

0 B

URL HTTP/1.1
track.enigmacdn.com/matomo.php?action_name=Robux%20Generator%20Online&idsite=1&rec=1&r=847947&h=9&m=6&s=32&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Fhow-to-hack-in-roblox-games-on-computer-game-hack&_id=5ef6e6eaeeb910a9&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=ZP2SuS&pf_net=175&pf_srv=47&pf_tfr=35&pf_dm1=784
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=Robux%20Generator%20Online&idsite=1&rec=1&r=847947&h=9&m=6&s=32&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Fhow-to-hack-in-roblox-games-on-computer-game-hack&_id=5ef6e6eaeeb910a9&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=ZP2SuS&pf_net=175&pf_srv=47&pf_tfr=35&pf_dm1=784 HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Response
Server: nginx
Date: Thu, 15 Dec 2022 09:06:35 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/8.0.8RC1
Access-Control-Allow-Origin: https://gaminghelper.co
Access-Control-Allow-Credentials: true

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6891
Expires: Thu, 15 Dec 2022 11:01:27 GMT
Date: Thu, 15 Dec 2022 09:06:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6891
Expires: Thu, 15 Dec 2022 11:01:27 GMT
Date: Thu, 15 Dec 2022 09:06:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6891
Expires: Thu, 15 Dec 2022 11:01:27 GMT
Date: Thu, 15 Dec 2022 09:06:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6891
Expires: Thu, 15 Dec 2022 11:01:27 GMT
Date: Thu, 15 Dec 2022 09:06:36 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F886cc6e3-a038-4e4d-8da0-caf399786ff4.jpeg

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F886cc6e3-a038-4e4d-8da0-caf399786ff4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4523 bytes)
Hash
b76e8c43482cb1f6e9d3f5dd55185382
364236e338c799f7d7a604882451428d12cdc7c7
375600e8bedfec8fa85da9298fc3322b91e97261dee7fd94b1dad8e6f4faed67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F886cc6e3-a038-4e4d-8da0-caf399786ff4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4523
x-amzn-requestid: 5404595d-f42f-49a0-9438-093b2fb1b852
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dBXWTGEcIAMFdnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6396d28e-17f927945ee836a91a3148e0;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 07:04:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JBIoHXeeJIsyl_wj57ZEP_f1mg3eq0WJjgKveuc_DslNZzSiVf62Og==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 07:14:54 GMT
age: 6702
etag: "364236e338c799f7d7a604882451428d12cdc7c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42b56293-d558-42d1-901f-867d37373fc6.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8895 bytes)
Hash
7640549ee9aa35337ab50d76c1feb9d5
2668abdaf4bfba3f21f656582ad8953befefd237
28491baf033b5d2c4c128fa477591005490936faef2b057a6ad50eb152919aff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42b56293-d558-42d1-901f-867d37373fc6.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8895
x-amzn-requestid: 7352e732-b98a-4baa-b0c2-a65c70ce6189
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ8zAGvAIAMF9-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a41ac-087b60d0270029100cf2ddc7;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aufLfAfh-yM9MwUCs3uPyIr471M_lHDlY_JVzqkuYibjzGhHxqyoiA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:50:29 GMT
age: 40567
etag: "2668abdaf4bfba3f21f656582ad8953befefd237"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f949bdd-b2f9-4eba-91cf-0c0588f819de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5166 bytes)
Hash
860298771622d100fe1feafb0a1aac50
e5d9b7454c471d5e5dea8b4352ba7595a8a04ce3
93ea9f1b9a0276075ff9752dc31a5a19e4378ca481895a3cd22f461a8ca6040a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f949bdd-b2f9-4eba-91cf-0c0588f819de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5166
x-amzn-requestid: fa8e9bd0-e5ee-48e9-86b6-0330ccac7d69
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6xc4GQYIAMFriA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63942f85-5f7472d631c1c9f560d88378;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 07:04:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: B_yXACjMh8LALqEgc6Ld85CUk_CpEQrSsWsEUc0IwKrOQl2ExsIwlQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 02:23:39 GMT
age: 24177
etag: "e5d9b7454c471d5e5dea8b4352ba7595a8a04ce3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01abf6b9-c226-4fb9-a04c-780bd7d2c72b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4458 bytes)
Hash
8cb5e379cd1deb179af4327a86d050a0
b2fa0167851b144bac3d3bd15d3757fa0af3bfd4
2bb59761578f1cf22838c159b92f09a4b498f9edfc71f011c7e46ec237d48cf6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01abf6b9-c226-4fb9-a04c-780bd7d2c72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4458
x-amzn-requestid: 3deddf47-7d8e-44fa-a99e-f91115c41a34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c83JiEjmoAMFgQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950570-511c31485398647522ec02f7;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:17:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0XEUwxeJW20lQ42eiMZf_3szdBdpYggvD4YGYzN_10V6K65MjDBOYQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 11:09:03 GMT
age: 79053
etag: "b2fa0167851b144bac3d3bd15d3757fa0af3bfd4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7616 bytes)
Hash
0d2294cdacdc84b8b19874ba56035a6d
53009a81b15e464d5529d36b1e04b841b2ae034e
67d59aa026b43ed3f698f3853b986fc7c07e4e6e5f7b3551e59238f79978480a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: 71bbe208-11e3-4280-bf09-bff8bd18fcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c82fXGmPoAMF3Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950462-12393ca432808b7f0b2771dc;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:12:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G1MopDnv-WOAbIBMe0v-V9xXeJIVDReKWSMG33dQt1q5GpK41RU0PQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 11:18:24 GMT
age: 78492
etag: "53009a81b15e464d5529d36b1e04b841b2ae034e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa84ff272-725d-4ea2-9b73-d56ddbd06979.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.2 kB (3187 bytes)
Hash
1e72301b10bca35b0a570adb01aea806
ff5817aecda71a982779d5b12ba19e3264e964a3
3de1caddc5e0214a69e34ecb64be729a70462f8ea1852f2b9b97901bdc0fd3cb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa84ff272-725d-4ea2-9b73-d56ddbd06979.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3187
x-amzn-requestid: 01e45059-3240-4c5b-bd89-4cce8387e6f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUX0FUgoAMFYqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6765-1db6a3fd5433985e5f0687a7;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:49:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TclkFJlGT1ZDytZk9bIzUsJyzOTUp66anwZNtKnJIwbRHgxkoatdWQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 06:55:34 GMT
age: 7862
etag: "ff5817aecda71a982779d5b12ba19e3264e964a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gaminghelper.co/img/cf/Korea,-South.png

91.223.82.61

200 OK

3.3 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Korea,-South.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3275 bytes)
Hash
41f0f3705aa596b0f6962ea9399ee6dd
3d4aad8fa66a3efb9caf8be47c4b4377d261ad8c
fa548cf60443c67ada1a3189f294b1192d6cebabbfe9e6c50d9dcae4926a1457

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Korea,-South.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Cookie: username1Cookie=Anacleto; username2Cookie=Marilena; username3Cookie=Eliano Fallaci; comment1Cookie=thanks for sharing !; comment2Cookie=works like a charm.. thanks admin..    I can not believe believe that this really works, generated 80000 Cash.. =D this is legit website .. thank you so much. =); comment3Cookie=WOW.. works like a charm.. thanks admin..  this is legit website   =3 thank you admin!  200000  Cash.; _pk_id.1.166e=5ef6e6eaeeb910a9.1671095192.; _pk_ses.1.166e=1; HstCfa4515739=1671095192458; HstCla4515739=1671095192458; HstCmu4515739=1671095192458; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=207413; timePosted22Cookie=142585; timePosted33Cookie=109433
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:36 GMT
Content-Type: image/png
Content-Length: 3275
Last-Modified: Fri, 03 Sep 2021 06:32:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c182-ccb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Spain.png

91.223.82.61

200 OK

1.4 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Spain.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1413 bytes)
Hash
1b4684a24835b94ae1550ab478916e78
c84b6e0ce342ecdd2f789b4f092e2139e859091b
536e878615b908a0a15838096aaaffdadf7c079c73cdee4457bc964001b12428

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Spain.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Cookie: username1Cookie=Anacleto; username2Cookie=Marilena; username3Cookie=Eliano Fallaci; comment1Cookie=thanks for sharing !; comment2Cookie=works like a charm.. thanks admin..    I can not believe believe that this really works, generated 80000 Cash.. =D this is legit website .. thank you so much. =); comment3Cookie=WOW.. works like a charm.. thanks admin..  this is legit website   =3 thank you admin!  200000  Cash.; _pk_id.1.166e=5ef6e6eaeeb910a9.1671095192.; _pk_ses.1.166e=1; HstCfa4515739=1671095192458; HstCla4515739=1671095192458; HstCmu4515739=1671095192458; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=210413; timePosted22Cookie=145585; timePosted33Cookie=112433
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:39 GMT
Content-Type: image/png
Content-Length: 1413
Last-Modified: Fri, 03 Sep 2021 06:33:03 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c19f-585"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Indonesia.png

91.223.82.61

200 OK

1.2 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Indonesia.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1181 bytes)
Hash
c1bd29515ef87d52d8cedc77783563e2
afe216e4eea16e660127ed4ada74f1237b2b0a54
47d80373c50c7ebb8f938597b0e6a69dde14575270bf3667d5681a11fdea75f0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Indonesia.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Cookie: username1Cookie=Anacleto; username2Cookie=Marilena; username3Cookie=Eliano Fallaci; comment1Cookie=thanks for sharing !; comment2Cookie=works like a charm.. thanks admin..    I can not believe believe that this really works, generated 80000 Cash.. =D this is legit website .. thank you so much. =); comment3Cookie=WOW.. works like a charm.. thanks admin..  this is legit website   =3 thank you admin!  200000  Cash.; _pk_id.1.166e=5ef6e6eaeeb910a9.1671095192.; _pk_ses.1.166e=1; HstCfa4515739=1671095192458; HstCla4515739=1671095192458; HstCmu4515739=1671095192458; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=211413; timePosted22Cookie=146585; timePosted33Cookie=113433
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:40 GMT
Content-Type: image/png
Content-Length: 1181
Last-Modified: Fri, 03 Sep 2021 06:32:29 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c17d-49d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Denmark.png

91.223.82.61

200 OK

1.2 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Denmark.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1202 bytes)
Hash
f8655f1f24c7ee6e7f3812df40abd058
a2b2b0e18e634d6d88fa4fe8096faa0e23587094
9ba452d86b662525ea222c7aeba61d07142d68d0832198957d10d1ef1b228986

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Denmark.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/how-to-hack-in-roblox-games-on-computer-game-hack
Cookie: username1Cookie=Anacleto; username2Cookie=Marilena; username3Cookie=Eliano Fallaci; comment1Cookie=thanks for sharing !; comment2Cookie=works like a charm.. thanks admin..    I can not believe believe that this really works, generated 80000 Cash.. =D this is legit website .. thank you so much. =); comment3Cookie=WOW.. works like a charm.. thanks admin..  this is legit website   =3 thank you admin!  200000  Cash.; _pk_id.1.166e=5ef6e6eaeeb910a9.1671095192.; _pk_ses.1.166e=1; HstCfa4515739=1671095192458; HstCla4515739=1671095192458; HstCmu4515739=1671095192458; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=212413; timePosted22Cookie=147585; timePosted33Cookie=114433
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 09:06:41 GMT
Content-Type: image/png
Content-Length: 1202
Last-Modified: Fri, 03 Sep 2021 06:32:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c170-4b2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Open+Sans:300,400,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Dec 2022 09:06:34 GMT
date: Thu, 15 Dec 2022 09:06:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

216.58.211.14

200 OK

0 B

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 15 Dec 2022 09:06:34 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+129; expires=Sat, 14-Dec-2024 09:06:34 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP