Report - netcdn.co/app/431946152/roblox-script-hack-cheat-engine-game-hack

Report Overview

Submitted URL
netcdn.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
IP
91.223.82.61
ASN
#199968 Iws Networks LLC
Submitted
2022-12-14 13:39:14
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
94

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T05:22:46Z	1.4 kB	2.7 kB	93.184.220.29
s4.histats.com	12782	2012-05-21T19:14:14Z	2023-03-09T05:19:14Z	634 B	183 B	149.56.240.130
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-09T07:05:24Z	416 B	894 B	104.18.10.207
gaminghelper.co	unknown	2021-10-07T06:32:40Z	2022-12-17T11:01:17Z	18 kB	269 kB	91.223.82.61
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T06:38:59Z	503 B	46 kB	216.58.207.227
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	34.210.150.237
track.enigmacdn.com	unknown	2021-07-17T03:36:30Z	2022-12-17T10:20:46Z	1.1 kB	21 kB	91.223.82.61
netcdn.co	unknown	2021-06-14T04:08:46Z	2022-12-17T11:07:10Z	396 B	576 B	91.223.82.61
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	4.1 kB	11 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	337 B	1.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
translate.google.com	1156	2012-05-30T03:30:32Z	2023-03-09T05:12:20Z	408 B	807 B	142.250.74.110
downloadlocked.com	127304	2021-10-06T20:17:41Z	2023-03-07T00:29:12Z	365 B	1.3 kB	23.22.126.183
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	3.1 kB	6.3 kB	142.250.74.131
i0.wp.com	3021	2013-09-17T08:14:42Z	2023-03-09T05:15:08Z	392 B	1.2 kB	192.0.77.2
translate.googleapis.com	1005	2012-05-31T09:21:21Z	2023-03-09T07:17:30Z	415 B	4.6 kB	142.250.74.42
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-09T06:28:40Z	857 B	4.3 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T05:09:25Z	3.2 kB	52 kB	34.120.237.76
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-09T07:18:27Z	788 B	84 kB	142.250.74.106
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T06:38:15Z	402 B	1.8 kB	142.250.74.106
is1-ssl.mzstatic.com	1597	2015-02-12T11:39:50Z	2023-03-09T05:15:38Z	506 B	13 kB	23.38.200.24
s10.histats.com	15211	2012-05-21T19:14:14Z	2023-03-09T05:19:14Z	361 B	4.7 kB	46.105.201.240

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-14	medium	gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack	Phishing
2022-12-14	medium	gaminghelper.co/js/fancySelect.js	Phishing
2022-12-14	medium	gaminghelper.co/js/jquery.countTo.js	Phishing
2022-12-14	medium	gaminghelper.co/js/jquery.magnific-popup.min.js	Phishing
2022-12-14	medium	gaminghelper.co/js/sweetalert2.min.js	Phishing
2022-12-14	medium	gaminghelper.co/js/validator.min.js	Phishing
2022-12-14	medium	gaminghelper.co/js/com.js	Phishing
2022-12-14	medium	gaminghelper.co/js/form-scripts.js	Phishing
2022-12-14	medium	gaminghelper.co/js/sticky.js	Phishing
2022-12-14	medium	gaminghelper.co/js/main.js	Phishing
2022-12-14	medium	gaminghelper.co/fonts/bebasneue_bold-webfont.html	Phishing
2022-12-14	medium	gaminghelper.co/fonts/bebasneue_regular-webfont.html	Phishing
2022-12-14	medium	gaminghelper.co/fonts/et-line.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed
2022-12-14	medium	gaminghelper.co	Sinkholed

JavaScript (20)

	URL	Size	First Seen	Last Seen
	gaminghelper.co/js/sweetalert2.min.js	20 kB	2023-03-07	2024-02-10
Pretty URL gaminghelper.co/js/sweetalert2.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-02-10 04:05:40 Times Seen448 Hash 0ad69b0e70b7da1bb8f8a96e9e6b5d9a 7d21a0c1f43d3edb47dd9e69b05243f3fcb53152 4051f26691def4eafcae32928be110c13d1819e544a12b0a9b95378bfaf9859b Loading...

	gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack	134 B	2023-03-07	2024-04-18
Pretty URL gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-18 16:44:47 Times Seen300 Hash 75606a24bd728e5d7d7256fbb679bc26 7bfbb31c174ab2a6f4c68c9852c8444c075eab43 9932726d2c87611c904eb0b04d822e785cd73f693838aa2cae3fc90a7d8d7746 Loading...

	gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack	22 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-03-17 12:42:32 Times Seen1 Hash 8f1921eedeaf84979b94a5ee06db8361 6e986775e93672eab866417d2700167d0779523c 6ce4811a222a24eb818fb70f6adfc65138c800dc3118a733e143d624c4fb9fcb Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-03-25
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-25 09:24:29 Times Seen1978 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 05:08:12 Times Seen37083785 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	gaminghelper.co/js/jquery.magnific-popup.min.js	21 kB	2023-03-07	2024-04-25
Pretty URL gaminghelper.co/js/jquery.magnific-popup.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 21:53:59 Times Seen2407 Hash be3333626c57af03599abcb59b325e09 3824067348f6485d6b07d3a43660804e3731b21a ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	77 kB	2023-03-09	2023-03-09
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:37:32 Last Seen2023-03-09 08:40:10 Times Seen1 Hash 10a68bcb0dae180b94998ac0dcdb177a d1ff4414798700af693f21d400185be99db957be 2592ae04bb6248e8216c17c90624e2146e12af2c1c7d9d9a383dfeee08eb0ab8 Loading...

	downloadlocked.com/cl/js/114v1	2.8 kB	2023-03-07	2023-03-17
Pretty URL downloadlocked.com/cl/js/114v1 IP 23.22.126.183 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash 1f988d013c5e133555235469c0c92616 d8b81b2e5f125680c977a6e296580e55088db6a9 82989a0b0aa7050c358cdac4edcedada2e6f58f02861418bfa375dd92a037f00 Loading...

	gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack	424 B	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 12:49:45 Times Seen1 Hash 78ba106660ccbf94e4396883aae7f529 ae295fb3fbe8c1306d8a3c268429d0360e82218b adf239ecfa137f53ba82a75fe82b26ed11768e184b8904d2f35655749ad5dd22 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main	212 kB	2023-03-08	2023-12-02
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:09 Last Seen2023-12-02 15:44:19 Times Seen21 Hash 8bf322278cc4d5349d9f216543dad348 836605271acad0b93010bf2a97c2b4d2cdab6527 dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816 Loading...

	s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1671025141954&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:127543900&@b3:1671025142&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-script-hack-cheat-engine-game-hack&@w	51 B	2023-03-09	2023-03-09
Pretty URL s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1671025141954&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:127543900&@b3:1671025142&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-script-hack-cheat-engine-game-hack&@w IP 149.56.240.130 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:40:10 Last Seen2023-03-09 08:40:10 Times Seen1 Hash f02ef6ea33a1a74678cabcaec3c4c477 8d35757c62ab1f65a7ec8d7aa6665d06917a724f 1f1e5f30ac706492e7a06ac0255295614b06c7892a42f006137c36dca21ea596 Loading...

	gaminghelper.co/js/validator.min.js	6.1 kB	2023-03-07	2024-04-25
Pretty URL gaminghelper.co/js/validator.min.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 19:43:11 Times Seen917 Hash 81df0465f243a2e7b7b06b8ad6015173 996eb26bb4bdb44ed5257d048cedaf3ed0a6f90c c31a654938abf168fca328d9663ea83999b87ff36d18b016ea8aace1a9cb2cb1 Loading...

	gaminghelper.co/js/com.js	18 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/js/com.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash 25da4b390ac3c74f08d94136ab818c4f 9f958878fd1eebaa29814ad9fb2ef2b0e64850ca 7c8c1910127d6819826ff82fadaa97c734c68e7b1dca436ab0e52ada016940cc Loading...

	gaminghelper.co/js/form-scripts.js	1.5 kB	2023-03-07	2024-01-23
Pretty URL gaminghelper.co/js/form-scripts.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-01-23 15:52:36 Times Seen12 Hash 1ed21b81ae655c54943ed33ea9109c4a 0aa5bc09f55ef28b87dba9025094ec8b2a9ed8a0 135922615df355461155701925a7534d9e94c0d0433160ffa68c100ed9524e14 Loading...

	gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack	536 B	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:46 Times Seen1 Hash e5b8ea1cfa205b2dac9f8a92205f59fa b128ca1db079d2e4c4b781ea52d16677b18a8f0d e511583166051fad920d844a259034a0186bc0287371ac576de4b33dfc1234ee Loading...

	track.enigmacdn.com/matomo.js	62 kB	2023-03-07	2024-03-21
Pretty URL track.enigmacdn.com/matomo.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-21 00:53:25 Times Seen62 Hash d11aac5ce224776b3bf4b7f3830b5715 3f839e5521a7c2bb935398532d88ed0db6d7ef82 06587cdfccdef20227d296641a33b1d477131b6873024164bcb9a31aa6343018 Loading...

	gaminghelper.co/js/fancySelect.js	6.8 kB	2023-03-07	2024-01-29
Pretty URL gaminghelper.co/js/fancySelect.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-01-29 12:40:14 Times Seen59 Hash c74159f77d12d9998d8c173e153b7999 5dd2266cf7eb14f2967be6691b7ff0e393cba733 be013828b8a66ccdbdc65234532cfd4a04a73c7778a42d7b0bf952278846f1a2 Loading...

	gaminghelper.co/js/jquery.countTo.js	3.8 kB	2023-03-07	2024-04-05
Pretty URL gaminghelper.co/js/jquery.countTo.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-05 06:37:17 Times Seen457 Hash acad36d38da9f68c52bb074b2c478d0f 922c71c5699f9306a415a7a344be46d92e0fc4a1 00619814b3b256720a9ffd9408397d0ffe5559ff301d608eb66f585343fd83a2 Loading...

	gaminghelper.co/js/main.js	41 kB	2023-03-07	2023-03-17
Pretty URL gaminghelper.co/js/main.js IP 91.223.82.61 ASN #199968 Iws Networks LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-03-17 12:49:45 Times Seen1 Hash bede286c34301eb26586b72e75e78b04 9532a06f8a2e823a3e9bf2aad3db9e9ac68fd350 3bcd8ddbc045a523b9ee81867e298a40d75a2a2ecc53d44257f2487c50bbe02c Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js	84 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 04:16:39 Times Seen15691 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

HTTP Transactions (86)

URL IP Response Size

netcdn.co/app/431946152/roblox-script-hack-cheat-engine-game-hack

91.223.82.61

301 Moved Permanently

287 B

URL HTTP/1.1
netcdn.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
287 B (287 bytes)
Hash
88f401968fac8ec45202eb39ef6802b8
8edb2b58320e36adddb66b330b5036233f63ee92
1fbbc7b683a5b4067f0794020158c3e934a75522653c0267ad441539d535c04a

HTTP Headers

GET /app/431946152/roblox-script-hack-cheat-engine-game-hack HTTP/1.1
Host: netcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 287
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b642ec5702fb818c5d1c67168cc68fdb
015146489a8e7fcb4ba0ba74cfe757a072705f93
4846d047a23903856bd113d02639ce7e08a1e40030151d302295b2d12df98ffc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4846D047A23903856BD113D02639CE7E08A1E40030151D302295B2D12DF98FFC"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4408
Expires: Wed, 14 Dec 2022 14:52:31 GMT
Date: Wed, 14 Dec 2022 13:39:03 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4783
Expires: Wed, 14 Dec 2022 14:58:46 GMT
Date: Wed, 14 Dec 2022 13:39:03 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 13:08:52 GMT
content-type: application/json
age: 1811
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5239
Expires: Wed, 14 Dec 2022 15:06:22 GMT
Date: Wed, 14 Dec 2022 13:39:03 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: PMaRV5g1/RJLxsVsMkU0kAYdjBV3HEmS/JRt7eB6vdZXTuBBM2AOQ2OldzefLmFiX6FYdCQh5ZA=
x-amz-request-id: D9BRASVD069BV2AT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 12:52:22 GMT
age: 2801
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
693fb7e154d47e4ca00583d356044bcf
5382a15dac0beba4775213c856171a39f8a5f646
06eed5cae42fe2547330cb15920aabb03e3b5016c0c2e8f94284cd605ccbc752

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06EED5CAE42FE2547330CB15920AABB03E3B5016C0C2E8F94284CD605CCBC752"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20473
Expires: Wed, 14 Dec 2022 19:20:16 GMT
Date: Wed, 14 Dec 2022 13:39:03 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 13:39:03 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Size
20 kB (20003 bytes)
Hash
94d17b53e2271b5c8ee9d31c9c3a57d2
58af2bb33446f359b61abecf0e9260f58a1cfe6f
2332bf48b3f4bed1d741a0ad0a77dee6ce0ab4d1fc1b929ebe8a3c69df1e230d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /app/431946152/roblox-script-hack-cheat-engine-game-hack HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip

gaminghelper.co/css/bootstrap.min.css

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/css/bootstrap.min.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (65371)
Size
20 kB (19597 bytes)
Hash
3f142cfc2d7123b31a1e696e0591f27a
834192dbadf2713cd2ff89f50d7ec2f1d4782e54
3421e2383a7c02f24509d2f1294d3099b658d0773f97706b87b832b0b770c0b6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-1d9bb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/fancySelect.js

91.223.82.61

200 OK

1.7 kB

URL HTTP/1.1
gaminghelper.co/js/fancySelect.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.7 kB (1661 bytes)
Hash
a60791b5b353371813114e815d946494
69d1f371b0ed899641e640b2649c0914302812bd
5d19375a0386f8ea11115e3145c61105cfa1daca00d15ad54b49c84967f518d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/fancySelect.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-1a7a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/css/animate.css

91.223.82.61

200 OK

4.0 kB

URL HTTP/1.1
gaminghelper.co/css/animate.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
4.0 kB (4026 bytes)
Hash
48bc9b81bca18c06ba937cbb880b4cb3
697313edfad185bcca5c7bde18da4a98f93e3adb
b30b4d8565f9af6c8d2cb3839aa09dbccd60ca1a766465d542debade38f45741

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-10cbc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/sweetalert2.min.css

91.223.82.61

200 OK

2.7 kB

URL HTTP/1.1
gaminghelper.co/css/sweetalert2.min.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (13987), with no line terminators
Size
2.7 kB (2737 bytes)
Hash
1cfac88a4a8e1bc20b811757fb028b40
10427c064f703342d031411a3310e2a5ef2083bc
53976df2ad3ce0c0f2632bb620bbb02d930a5eb943298170e97189f029a0d70d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/sweetalert2.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c106-36a3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/magnific-popup.css

91.223.82.61

200 OK

2.0 kB

URL HTTP/1.1
gaminghelper.co/css/magnific-popup.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
2.0 kB (1994 bytes)
Hash
c0275239cb960b014d780d8105b44d72
8db83ac790988232549a3740ecf04fc199da1ce8
211b79363793093a7a2f1d342768844e938e88156b62293093185a6500ead1cf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/magnific-popup.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-1f0a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/css/fancySelect.css

91.223.82.61

200 OK

1.0 kB

URL HTTP/1.1
gaminghelper.co/css/fancySelect.css
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.0 kB (1023 bytes)
Hash
458a1a06f282aa4c457a8b613d6a38e6
b524e1cb32722230e18bc85f414b9a10e43a7e2d
3f41176d4616a36f4325865bb3c0ea652f3616dec60b31bd923df91f600506b2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/fancySelect.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-109d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js

142.250.74.106

200 OK

52 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (563)
Size
52 kB (51711 bytes)
Hash
d3908721b39ebbeffaf1c917bbda06e8
0f9b6c6bdad9cfc057f3e85f52cc417370959fb9
4ae100977cea8b9965e5d231f3ae655783b4f163c56ee703953aff937525ed37

HTTP Headers

GET /ajax/libs/jqueryui/1.8.13/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 51711
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 04:06:37 GMT
expires: Tue, 12 Dec 2023 04:06:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 207146
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gaminghelper.co/js/jquery.countTo.js

91.223.82.61

200 OK

1.1 kB

URL HTTP/1.1
gaminghelper.co/js/jquery.countTo.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
1.1 kB (1125 bytes)
Hash
547f5246e091d19af521dee35588e468
4772f3c1e62865ccbbab04abd39e69510c8f5843
67880d8532d95db3e74b7da985ca2fe7c9d9660e3dd125202cebcda96a2007e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.countTo.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b3-eb1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/jquery.magnific-popup.min.js

91.223.82.61

200 OK

7.7 kB

URL HTTP/1.1
gaminghelper.co/js/jquery.magnific-popup.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (21014)
Size
7.7 kB (7685 bytes)
Hash
12a9a563724e70a895de0fbd5f7b4ee5
a14c616f532deb9ca2d5fa0de6124d47ea60ab57
f2e1cd5f2953925591288bd1cc3f167bbd392497476119083458e33e9ab87079

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b6-5297"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/sweetalert2.min.js

91.223.82.61

200 OK

6.5 kB

URL HTTP/1.1
gaminghelper.co/js/sweetalert2.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (20305), with no line terminators
Size
6.5 kB (6538 bytes)
Hash
b238ef007e57c4c8f9447cba68fdb3a2
2d4ca455aca3fcd8ee7ac2e2883cfa89c87bd532
aeafa1e7bb6a973eac2b4f5462844b1c2d64d53eb2e09e75f265e646320f7080

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/sweetalert2.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-4f51"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/validator.min.js

91.223.82.61

200 OK

2.1 kB

URL HTTP/1.1
gaminghelper.co/js/validator.min.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (5862)
Size
2.1 kB (2094 bytes)
Hash
1ab13fa2eeca5d16de99a1cad839416c
0d0a95bd88d04b02d89e1162dd3ebb20b5543dd8
56b8d7fb44f86809b49d416022455ac170fb0b79d1ab4b6e5192a046e660f667

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/validator.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-17a7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/com.js

91.223.82.61

200 OK

3.3 kB

URL HTTP/1.1
gaminghelper.co/js/com.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
C source, Unicode text, UTF-8 text, with very long lines (2456)
Size
3.3 kB (3265 bytes)
Hash
ecf323c878106fa274f5e9f3b3a82437
86b15826e8a83c81da7ef264dd8e3ff59ef5c1bf
28babf5e232e3dc0985bab21a28eea25b17bc078bafc92a6ba049eefb1e45720

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/com.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-461a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/form-scripts.js

91.223.82.61

200 OK

609 B

URL HTTP/1.1
gaminghelper.co/js/form-scripts.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text
Size
609 B (609 bytes)
Hash
4fb85eb3b2f0dd8b8f5953c58236da3e
1c9f6c7a15a3248147e056672ffbf4fdbaed6718
3dd0f5e5567c73519dc3eeb98ba6fef9d2b2982af24544ba3d7bbc684d6bae6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/form-scripts.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-5bd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

gaminghelper.co/js/sticky.js

91.223.82.61

200 OK

0 B

URL HTTP/1.1
gaminghelper.co/js/sticky.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/sticky.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: application/javascript
Content-Length: 0
Last-Modified: Fri, 03 Sep 2021 06:33:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c1b8-0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/js/main.js

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/js/main.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (16162)
Size
15 kB (15195 bytes)
Hash
562dc83f2f14b713905fe69a0994e11d
43cd616f9ea8c8c1eb0edccd54a29e2490fcf90a
745ecf708bc71ba73f7071b8a35c3f639ec7f3e05ceb826458a1b6a8fb4fe782

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/main.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b7-a08b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
96179d4e397ed473ae1a704a2834d5af
51be2b07d4bea929565cfa4d0ec34d48185c9702
2ad44134c571bf3742055149ef45418f5e1ee78f034d0f040bde28b3ab8be555

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1592
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Last-Modified: Wed, 14 Dec 2022 13:12:31 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

142.250.74.106

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32025)
Size
30 kB (29725 bytes)
Hash
83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421

HTTP Headers

GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Dec 2022 16:58:49 GMT
expires: Sun, 10 Dec 2023 16:58:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 333614
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,700

142.250.74.106

200 OK

1.0 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.0 kB (1013 bytes)
Hash
ce9f42ed548da692ba6a199f28aebccd
7151bfc9c62409982f214ca2f49c4c509f3c1825
55a1b2047a7e384bb9f5a586933c2993a1419899fd05bed33472f4c691b2810e

HTTP Headers

GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Dec 2022 13:39:03 GMT
date: Wed, 14 Dec 2022 13:39:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
354d1c71c6eb7ea571e1c63b44ed38d2
e72580fcbd87651c2591aa7802047598446d62dc
e7d77d4facda5f5683708ba8211bcf1a2253543f6fac8f3d9a82aa2f93fe1d56

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7D77D4FACDA5F5683708BA8211BCF1A2253543F6FAC8F3D9A82AA2F93FE1D56"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20435
Expires: Wed, 14 Dec 2022 19:19:38 GMT
Date: Wed, 14 Dec 2022 13:39:03 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
96179d4e397ed473ae1a704a2834d5af
51be2b07d4bea929565cfa4d0ec34d48185c9702
2ad44134c571bf3742055149ef45418f5e1ee78f034d0f040bde28b3ab8be555

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1592
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Last-Modified: Wed, 14 Dec 2022 13:12:31 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2187
Cache-Control: max-age=158660
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Etag: "63999230-1d7"
Expires: Fri, 16 Dec 2022 09:43:23 GMT
Last-Modified: Wed, 14 Dec 2022 09:06:56 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8f9c691707bc81e0e5a63035dd910a10
f7af1036ba70134a5af919a0cc30b873c1ef608a
715e98dd30732d6e397ba9968116ab47eb65c7c49ba44a83e0c7f654d96a69ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2018
Cache-Control: max-age=99479
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Etag: "6398abac-1d7"
Expires: Thu, 15 Dec 2022 17:17:02 GMT
Last-Modified: Tue, 13 Dec 2022 16:43:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

is1-ssl.mzstatic.com/image/thumb/Purple122/v4/9b/ac/11/9bac11ba-0ca7-a097-9c52-b47dcaf27748/AppIcon-1x_U007emarketing-0-7-0-0-85-220.png/150x150bb.jpg

23.38.200.24

200 OK

12 kB

URL HTTP/2
is1-ssl.mzstatic.com/image/thumb/Purple122/v4/9b/ac/11/9bac11ba-0ca7-a097-9c52-b47dcaf27748/AppIcon-1x_U007emarketing-0-7-0-0-85-220.png/150x150bb.jpg
IP
23.38.200.24:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 150x150, components 3\012- data
Size
12 kB (12213 bytes)
Hash
eaa6067e2c9d149e326fbcfbc7d2367b
e2bb57b2028e5a3f04e59db618d87b0fb4818230
2ad1acfa41c0453140b8739505564112b5c255f6b1eca9a6338310db44061f26

HTTP Headers

GET /image/thumb/Purple122/v4/9b/ac/11/9bac11ba-0ca7-a097-9c52-b47dcaf27748/AppIcon-1x_U007emarketing-0-7-0-0-85-220.png/150x150bb.jpg HTTP/1.1
Host: is1-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/jpeg
content-length: 12213
x-apple-jingle-correlation-key: OOCNGUETKYYAYBWWGPU42467XM
x-apple-request-uuid: 7384d350-9356-300c-06d6-33e9cd73dfbb
b3: 7384d3509356300c06d633e9cd73dfbb-aa58e7e80c2524bd
x-b3-traceid: 7384d3509356300c06d633e9cd73dfbb
x-b3-spanid: aa58e7e80c2524bd
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Thu, 08 Dec 2022 22:54:33 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjcwNTQwMDczMTIxLGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMjg0LG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE175:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: db1ce18a-00fc-451a-9389-ab5a87cb7b33-3886458766
cache-control: no-transform, max-age=14954576
date: Wed, 14 Dec 2022 13:39:03 GMT
x-cache: TCP_MEM_HIT from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
X-Firefox-Spdy: h2

gaminghelper.co/img/robux.png

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/img/robux.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 220 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14564 bytes)
Hash
9c5420a8f8c55be36294fce245595dba
4b9a024b51a475b1b7514a7650ff684ec9323572
44e5a0923e6a0c2157435f215db9d3c2edf95408dfb3d87fa553830f582e24fd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/robux.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/png
Content-Length: 14564
Last-Modified: Fri, 03 Sep 2021 06:31:43 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14f-38e4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/main-bg.jpg

91.223.82.61

200 OK

9.4 kB

URL HTTP/1.1
gaminghelper.co/img/main-bg.jpg
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
9.4 kB (9365 bytes)
Hash
d93b1723b2a2723d48696c5a6cae3b7e
6f69bdc7079dd114f6fc816c5098f80b58c7b794
efbff382982bb66a918e5412741a23a309c6f4ca4e9820e65e67f659767765d6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/main-bg.jpg HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/jpeg
Content-Length: 9365
Last-Modified: Fri, 03 Sep 2021 06:31:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c143-2495"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

i0.wp.com/enigmanetwork.net/dmca.png

192.0.77.2

200 OK

668 B

URL HTTP/2
i0.wp.com/enigmanetwork.net/dmca.png
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
668 B (668 bytes)
Hash
fa302d465f15a34e8264bc761a6902aa
2c73911e3cfcf82860d1d59a0ccd2625ae98fffb
0cbddd5e01b49d35d16b15fc54a481a17a0f2803c2da6807800428139dd50f7f

HTTP Headers

GET /enigmanetwork.net/dmca.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 13:39:03 GMT
content-type: image/webp
content-length: 668
last-modified: Thu, 04 Aug 2022 17:20:08 GMT
expires: Sun, 04 Aug 2024 05:20:08 GMT
cache-control: public, max-age=63115200
link: <http://enigmanetwork.net/dmca.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a264775a6858f15f"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

gaminghelper.co/img/pr-l.png

91.223.82.61

200 OK

7.5 kB

URL HTTP/1.1
gaminghelper.co/img/pr-l.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Size
7.5 kB (7453 bytes)
Hash
91d0b1f8f5b7685478ff0d1f461fa658
7e457376b687add741a5d6cea2713dc4ef37efbc
37e1b903b1a3b99f70dd9b463948bbaed162d7f3cc957dbc5084f0c523b9ec0d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/pr-l.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/png
Content-Length: 7453
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-1d1d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/panel-overlay.png

91.223.82.61

200 OK

3.1 kB

URL HTTP/1.1
gaminghelper.co/img/panel-overlay.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data
Size
3.1 kB (3116 bytes)
Hash
2b026d93f79b384005e4252c80701791
87804a0d83d2e745b31526c8b60d026abecbe73a
b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/panel-overlay.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/png
Content-Length: 3116
Last-Modified: Fri, 03 Sep 2021 06:31:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c146-c2c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/pr-r.png

91.223.82.61

200 OK

11 kB

URL HTTP/1.1
gaminghelper.co/img/pr-r.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11003 bytes)
Hash
284e10ee335890399e8f772c430570a9
188bf895905cee7d579aad2b6b5cdf795741f9cd
e88b54e0aa65055cb25657c0ed283b4d768a79770980c27f424886a48fa046ef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/pr-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/png
Content-Length: 11003
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-2afb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/smallbtnbg-r.png

91.223.82.61

200 OK

1.4 kB

URL HTTP/1.1
gaminghelper.co/img/smallbtnbg-r.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1393 bytes)
Hash
bdfffd47e30bf7d045d45f0125a33164
5834aea23f79a1ddccea3825bd51249307435c5f
0f61dff49d41fddbcc21de3dd4f1a62006f366083361d725bfd92ccf87212067

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/smallbtnbg-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/png
Content-Length: 1393
Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c154-571"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/smallbtnbg.png

91.223.82.61

200 OK

1.4 kB

URL HTTP/1.1
gaminghelper.co/img/smallbtnbg.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1405 bytes)
Hash
92b84c143879abe85792a3408ae4845d
1f8e983f7514d582e81cfee98ad8bb40ced26972
dcf687cc9a059bc7a036faf3a86c50103d04e1fdca867deb7553ec9136719f0d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/smallbtnbg.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/png
Content-Length: 1405
Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c154-57d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/button-dot.png

91.223.82.61

200 OK

672 B

URL HTTP/1.1
gaminghelper.co/img/button-dot.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Size
672 B (672 bytes)
Hash
478aefab2e280b16b0372e607414d3c2
710f5aaa706ec23cbf45006d7c1d25be76b4fa64
a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/button-dot.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/png
Content-Length: 672
Last-Modified: Fri, 03 Sep 2021 06:31:14 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c132-2a0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/fonts/bebasneue_bold-webfont.html

91.223.82.61

200 OK

15 kB

URL HTTP/1.1
gaminghelper.co/fonts/bebasneue_bold-webfont.html
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format (Version 2), TrueType, length 15216, version 1.197\012- data
Size
15 kB (15216 bytes)
Hash
772fc6a0795e2498a1715526dd95ac22
d410a8da10385a0ef11a74e69644493b99315fc3
13c03e5c6b49e447770ba4d0aee22d4aedbeed87e94f54fdcaf990934c109830

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/bebasneue_bold-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: text/html
Content-Length: 15216
Last-Modified: Fri, 03 Sep 2021 06:30:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c118-3b70"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/btn-img.png

91.223.82.61

200 OK

1.3 kB

URL HTTP/1.1
gaminghelper.co/img/btn-img.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 150 x 100, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1335 bytes)
Hash
817cb08a965fe5bf8debba11091e94c0
214d58c18bcbcfebd1606554929e9bc5f65755c6
e7e359cb00b793c60c192fb1dbffa401806d99267e9b55d8bc9ce3c8260568ae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/btn-img.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/png
Content-Length: 1335
Last-Modified: Fri, 03 Sep 2021 06:31:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c131-537"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:52:41 GMT
expires: Tue, 12 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 153983
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gaminghelper.co/fonts/bebasneue_regular-webfont.html

91.223.82.61

200 OK

16 kB

URL HTTP/1.1
gaminghelper.co/fonts/bebasneue_regular-webfont.html
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data
Size
16 kB (15948 bytes)
Hash
af83f1b88fb4654673e9c841bd22a8c7
61e5a340ea87431211d732024f2703dca5b80cbc
bee0bcc11701aea746fd8b734379ba5e003a034460bfd71d88dc364b4d939be6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/bebasneue_regular-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: text/html
Content-Length: 15948
Last-Modified: Fri, 03 Sep 2021 06:30:51 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c11b-3e4c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/fonts/et-line.woff

91.223.82.61

200 OK

55 kB

URL HTTP/1.1
gaminghelper.co/fonts/et-line.woff
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
Web Open Font Format, CFF, length 55220, version 1.0\012- data
Size
55 kB (55220 bytes)
Hash
b01ff252761958325faab1535c90c87f
d33413e7bc42acc8837cc9030ca45d29c1ccf0c6
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/et-line.woff HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: font/woff
Content-Length: 55220
Last-Modified: Fri, 03 Sep 2021 06:30:56 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c120-d7b4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.42

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18670)
Size
3.6 kB (3619 bytes)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 13:15:54 GMT
expires: Wed, 14 Dec 2022 14:15:54 GMT
cache-control: public, max-age=3600
age: 1390
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:39:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gaminghelper.co/close.png

91.223.82.61

200 OK

4.9 kB

URL HTTP/1.1
gaminghelper.co/close.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4878 bytes)
Hash
fb5d414fccc35f19fde0f30a8c98139b
4b4a030923039e56efdad2c2d97f0a74d2c74657
a967335d601fb662b5723f1181b3d07f25811d2ca26131598c48482b9935217b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /close.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Cookie: username1Cookie=Fausto Greco; username2Cookie=Eliano Fallaci; username3Cookie=Marilena; comment1Cookie=Wow. =) This site is awesome ..; comment2Cookie=This trick is amazing  .. =) Perfect! this is what i am looking for!  1000000  Cash. =); comment3Cookie=this is legit website .. works! FREAKING AAMZING!!  1000000  Cash thank you c:
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/png
Content-Length: 4878
Last-Modified: Fri, 03 Sep 2021 06:30:21 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c0fd-130e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Japan.png

91.223.82.61

200 OK

1.5 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Japan.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1521 bytes)
Hash
af2377f2029a3632bc294262b9a5cf40
1345b37e2bf15df531667b5a3a4a47f1b7e48041
814727b089f6a00452bf96d0a81e6dfa0937bfe4506bea6de89d579e609b07fe

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Japan.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Cookie: username1Cookie=Fausto Greco; username2Cookie=Eliano Fallaci; username3Cookie=Marilena; comment1Cookie=Wow. =) This site is awesome ..; comment2Cookie=This trick is amazing  .. =) Perfect! this is what i am looking for!  1000000  Cash. =); comment3Cookie=this is legit website .. works! FREAKING AAMZING!!  1000000  Cash thank you c:
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: image/png
Content-Length: 1521
Last-Modified: Fri, 03 Sep 2021 06:32:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c17f-5f1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
97f12ad39cf8805cd0c0571d1460d689
b117e23300b2f8f14a99d361dd1e4c607a12cfb7
4e1ef500866b9d4617c93fb9ede5946c57933642a9f91ed5b5a71568fe1dab65

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E1EF500866B9D4617C93FB9EDE5946C57933642A9F91ED5B5A71568FE1DAB65"
Last-Modified: Mon, 12 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20473
Expires: Wed, 14 Dec 2022 19:20:17 GMT
Date: Wed, 14 Dec 2022 13:39:04 GMT
Connection: keep-alive

push.services.mozilla.com/

34.210.150.237

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.150.237:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8ENEPYE1wlgm03fnKg2s3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KAnEGxyPdYqaEy9lWVx60zyk3Bo=

gaminghelper.co/app/431946152/img/favicon-16x16.png

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
gaminghelper.co/app/431946152/img/favicon-16x16.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Size
20 kB (20003 bytes)
Hash
94d17b53e2271b5c8ee9d31c9c3a57d2
58af2bb33446f359b61abecf0e9260f58a1cfe6f
2332bf48b3f4bed1d741a0ad0a77dee6ce0ab4d1fc1b929ebe8a3c69df1e230d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /app/431946152/img/favicon-16x16.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Cookie: username1Cookie=Fausto Greco; username2Cookie=Eliano Fallaci; username3Cookie=Marilena; comment1Cookie=Wow. =) This site is awesome ..; comment2Cookie=This trick is amazing  .. =) Perfect! this is what i am looking for!  1000000  Cash. =); comment3Cookie=this is legit website .. works! FREAKING AAMZING!!  1000000  Cash thank you c:
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip

track.enigmacdn.com/matomo.js

91.223.82.61

200 OK

20 kB

URL HTTP/1.1
track.enigmacdn.com/matomo.js
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
ASCII text, with very long lines (1404)
Size
20 kB (20210 bytes)
Hash
8cd72e4f9c8225acdd40bf7dc2406e19
0cd39b8143536dfb54d1224e502ccc6567081204
f7a1fe5cff057b3d4c769d456085425932f39e43050ba4ff77fd9e0a66b57881

HTTP Headers

GET /matomo.js HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:03 GMT
Content-Type: application/javascript
Last-Modified: Wed, 26 May 2021 02:21:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"60adb0af-f330"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56e4eac87fe93f52fc4cc1f8b10c6ca6
4a4ecee9801077d8a0558b623143a710bc3d39ad
4485e3aa578a0a1c12688701737c08d9cd674cb605f1d2ab47c09ce307738d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4485E3AA578A0A1C12688701737C08D9CD674CB605F1D2AB47C09CE307738D27"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11911
Expires: Wed, 14 Dec 2022 16:57:35 GMT
Date: Wed, 14 Dec 2022 13:39:04 GMT
Connection: keep-alive

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Dec 2022 13:35:15 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 572622223
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.35

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 02:38:39 GMT
expires: Thu, 14 Dec 2023 02:38:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 39625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 11:13:42 GMT
expires: Thu, 14 Dec 2023 11:13:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 8722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1671025141954&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:127543900&@b3:1671025142&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-script-hack-cheat-engine-game-hack&@w

149.56.240.130

200 OK

51 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1671025141954&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:127543900&@b3:1671025142&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-script-hack-cheat-engine-game-hack&@w
IP
149.56.240.130:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
f02ef6ea33a1a74678cabcaec3c4c477
8d35757c62ab1f65a7ec8d7aa6665d06917a724f
1f1e5f30ac706492e7a06ac0255295614b06c7892a42f006137c36dca21ea596

HTTP Headers

GET /stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1671025141954&@k0&@l1&@mRobux%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:127543900&@b3:1671025142&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-script-hack-cheat-engine-game-hack&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 13:39:04 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4133
Expires: Wed, 14 Dec 2022 14:47:58 GMT
Date: Wed, 14 Dec 2022 13:39:05 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4133
Expires: Wed, 14 Dec 2022 14:47:58 GMT
Date: Wed, 14 Dec 2022 13:39:05 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4133
Expires: Wed, 14 Dec 2022 14:47:58 GMT
Date: Wed, 14 Dec 2022 13:39:05 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4133
Expires: Wed, 14 Dec 2022 14:47:58 GMT
Date: Wed, 14 Dec 2022 13:39:05 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4133
Expires: Wed, 14 Dec 2022 14:47:58 GMT
Date: Wed, 14 Dec 2022 13:39:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6711 bytes)
Hash
690133687ca909986a7ac4e919193bbb
9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4
d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ee80741a-2c58-4749-8443-c245db7b09a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9hqYHNnoAMF4JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63954975-662de21405a1312c6d5bc15c;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qjrT2_IIgJ6cc5tKv33dl2gfKFAC4GMRZspXCaQwwCk1GMh1-2FXgw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 05:50:16 GMT
age: 28129
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6c898b0-0050-4b61-8c35-e7fd7c302dee.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13172 bytes)
Hash
5493a0b2e7355d986842b80cc9cf978b
382b098f251a31dae8a448440f7900491a149054
e5ea3d6cdffdf06f115ff25b15cf133e0fead78c6c9c0d4ca3d395cbc0903082

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6c898b0-0050-4b61-8c35-e7fd7c302dee.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13172
x-amzn-requestid: 9494d0c6-6dbb-4313-ada0-877e9d3ec38e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEqKRG_FIAMFesA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639823db-3f4ad12b6d3ee9d57b8b1e08;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 07:03:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2Bu00ehfcDFMjWGhJyj-IdRzgp12JIM5ywi6z6toYhaTifXfI1k8ow==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 06:47:26 GMT
age: 24699
etag: "382b098f251a31dae8a448440f7900491a149054"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4703 bytes)
Hash
d8b0477fb90d103e2155bbf7ab47d877
ab668e755bd742b165fa3ba46a4c486c616a7ff6
40e2282cf64da6034f73a2ff0c0d060550caa364244d5bdf282d2f54719d48ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4703
x-amzn-requestid: 975cb427-5feb-4c36-bcfe-bed0cc9bd3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czpW4Hh4IAMFeRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639155c5-63d6d97371f11d6012edae68;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UjIRajW22SkXZZgVKDxjvkO-3g950W_McDg_fa0DeTVGbgIRFDMVMQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 05:29:49 GMT
age: 29356
etag: "ab668e755bd742b165fa3ba46a4c486c616a7ff6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf99cc35-2988-4958-a87c-f7f44e2094c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4294 bytes)
Hash
f8501112ef886bfa0aaf2239cee2d312
f07542e9312ef0b42c96f2687766fe46f57f38cb
296c8dd5bdcb6ff49fcfebe464a7baa9c22bbe8ef6fef0798e92b10e1b3b1ac9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf99cc35-2988-4958-a87c-f7f44e2094c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4294
x-amzn-requestid: a906aaed-cfa3-453a-b872-87f906f6251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGp1ME7aoAMFWyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398f021-23ddca2815a10a181549c5d8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:35:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v5C9KOhwCQKWxvPNJuUXqFckYLMQanLQ9oWzdUPaQk9GLDZ7pJrH9g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:50:24 GMT
age: 56921
etag: "f07542e9312ef0b42c96f2687766fe46f57f38cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4041 bytes)
Hash
027a9fc390a10242c7389ac20d8be93a
9bc06ec4c13fd3f14bde06387d56814f2a886a88
8ef7b73d6657c8d5cfd26fcad97b82f0acd21637d7ee8af84688295ffca85093

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4041
x-amzn-requestid: 5f92302c-f41f-46a4-9283-2c5d49c3c282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpc2Gl5IAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef85-54bd3ad3579e0d081e17b206;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nZ8xLZj1nRTZnduwFxc9QP4EWyP8k3GuJV4Br3o9Q7Zt9ZlwWIudDQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:59:15 GMT
etag: "9bc06ec4c13fd3f14bde06387d56814f2a886a88"
content-type: image/jpeg
age: 56390
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13205 bytes)
Hash
9ddda117cee658be4cfe3a5d04a88c46
a167e2211732837cf07b3b9a0b33610492ab8a47
bc5fae9d44914c804f82d1e0f90a01fe14d86063da59292bf78100f539b3f7a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13205
x-amzn-requestid: 23929642-4b48-40f4-8847-854dfca772b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKoH_4oAMF_8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-19ad3c327c190b9227d232a2;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vx7sZ090BsrHPpf5WTWPKYaCNlYvuh5chiNxw2anH2Kd1WovN9Dc4w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:03 GMT
age: 56762
etag: "a167e2211732837cf07b3b9a0b33610492ab8a47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

track.enigmacdn.com/matomo.php?action_name=Robux%20Generator%20Online&idsite=1&rec=1&r=341225&h=13&m=39&s=1&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-script-hack-cheat-engine-game-hack&_id=04e16f6bf6db5b9d&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=BBAe2X&pf_net=136&pf_srv=49&pf_tfr=31&pf_dm1=654

91.223.82.61

204 No Response

0 B

URL HTTP/1.1
track.enigmacdn.com/matomo.php?action_name=Robux%20Generator%20Online&idsite=1&rec=1&r=341225&h=13&m=39&s=1&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-script-hack-cheat-engine-game-hack&_id=04e16f6bf6db5b9d&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=BBAe2X&pf_net=136&pf_srv=49&pf_tfr=31&pf_dm1=654
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=Robux%20Generator%20Online&idsite=1&rec=1&r=341225&h=13&m=39&s=1&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F431946152%2Froblox-script-hack-cheat-engine-game-hack&_id=04e16f6bf6db5b9d&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=BBAe2X&pf_net=136&pf_srv=49&pf_tfr=31&pf_dm1=654 HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Response
Server: nginx
Date: Wed, 14 Dec 2022 13:39:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/8.0.8RC1
Access-Control-Allow-Origin: https://gaminghelper.co
Access-Control-Allow-Credentials: true

gaminghelper.co/img/cf/Grecee.png

91.223.82.61

200 OK

1.3 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Grecee.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1257 bytes)
Hash
d19290ba3158e138bb241ae669a3bc37
f9c89926e6d6b741ab9662f5a559c79a7d5e8304
54fc9fef0da8843d76e1dbd2a0e523200d54a74b649f2ae18aa132a29e590f56

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Grecee.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Cookie: username1Cookie=Fausto Greco; username2Cookie=Eliano Fallaci; username3Cookie=Marilena; comment1Cookie=Wow. =) This site is awesome ..; comment2Cookie=This trick is amazing  .. =) Perfect! this is what i am looking for!  1000000  Cash. =); comment3Cookie=this is legit website .. works! FREAKING AAMZING!!  1000000  Cash thank you c:; _pk_id.1.166e=04e16f6bf6db5b9d.1671025142.; _pk_ses.1.166e=1; HstCfa4515739=1671025141954; HstCla4515739=1671025141954; HstCmu4515739=1671025141954; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=129177; timePosted22Cookie=39627; timePosted33Cookie=15022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:05 GMT
Content-Type: image/png
Content-Length: 1257
Last-Modified: Fri, 03 Sep 2021 06:32:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c178-4e9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Brazil.png

91.223.82.61

200 OK

3.0 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Brazil.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (2994 bytes)
Hash
6d08e0dcdad5dad61bfe91e9fd10ec43
70a64b36bd71808e2bcb9a1e9b2fae4037f98185
9d7377e3b13cad3f234d2b82c45c9cc1f0bd91daf3ed419b5c2900d4fceebf96

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Brazil.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Cookie: username1Cookie=Fausto Greco; username2Cookie=Eliano Fallaci; username3Cookie=Marilena; comment1Cookie=Wow. =) This site is awesome ..; comment2Cookie=This trick is amazing  .. =) Perfect! this is what i am looking for!  1000000  Cash. =); comment3Cookie=this is legit website .. works! FREAKING AAMZING!!  1000000  Cash thank you c:; _pk_id.1.166e=04e16f6bf6db5b9d.1671025142.; _pk_ses.1.166e=1; HstCfa4515739=1671025141954; HstCla4515739=1671025141954; HstCmu4515739=1671025141954; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=132177; timePosted22Cookie=42627; timePosted33Cookie=18022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:08 GMT
Content-Type: image/png
Content-Length: 2994
Last-Modified: Fri, 03 Sep 2021 06:32:07 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c167-bb2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Denmark.png

91.223.82.61

200 OK

1.2 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Denmark.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1202 bytes)
Hash
f8655f1f24c7ee6e7f3812df40abd058
a2b2b0e18e634d6d88fa4fe8096faa0e23587094
9ba452d86b662525ea222c7aeba61d07142d68d0832198957d10d1ef1b228986

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Denmark.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Cookie: username1Cookie=Fausto Greco; username2Cookie=Eliano Fallaci; username3Cookie=Marilena; comment1Cookie=Wow. =) This site is awesome ..; comment2Cookie=This trick is amazing  .. =) Perfect! this is what i am looking for!  1000000  Cash. =); comment3Cookie=this is legit website .. works! FREAKING AAMZING!!  1000000  Cash thank you c:; _pk_id.1.166e=04e16f6bf6db5b9d.1671025142.; _pk_ses.1.166e=1; HstCfa4515739=1671025141954; HstCla4515739=1671025141954; HstCmu4515739=1671025141954; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=133177; timePosted22Cookie=43627; timePosted33Cookie=19022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:09 GMT
Content-Type: image/png
Content-Length: 1202
Last-Modified: Fri, 03 Sep 2021 06:32:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c170-4b2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

gaminghelper.co/img/cf/Chile.png

91.223.82.61

200 OK

1.4 kB

URL HTTP/1.1
gaminghelper.co/img/cf/Chile.png
IP
91.223.82.61:0
ASN
#199968 Iws Networks LLC

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1443 bytes)
Hash
1cec2276b9f4cddfe87347004015d35f
2f4c99b50669a6d0012425c2c3a4da81e4ecb53f
94a8fe1f7fb27095d3d5c8dfeec71812129cb3ab68ec52f3d51247bff7dc2c3b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/cf/Chile.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/431946152/roblox-script-hack-cheat-engine-game-hack
Cookie: username1Cookie=Fausto Greco; username2Cookie=Eliano Fallaci; username3Cookie=Marilena; comment1Cookie=Wow. =) This site is awesome ..; comment2Cookie=This trick is amazing  .. =) Perfect! this is what i am looking for!  1000000  Cash. =); comment3Cookie=this is legit website .. works! FREAKING AAMZING!!  1000000  Cash thank you c:; _pk_id.1.166e=04e16f6bf6db5b9d.1671025142.; _pk_ses.1.166e=1; HstCfa4515739=1671025141954; HstCla4515739=1671025141954; HstCmu4515739=1671025141954; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; timePosted11Cookie=134177; timePosted22Cookie=44627; timePosted33Cookie=20022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:39:10 GMT
Content-Type: image/png
Content-Length: 1443
Last-Modified: Fri, 03 Sep 2021 06:32:11 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c16b-5a3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

142.250.74.110

200 OK

0 B

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Dec 2022 13:39:03 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+299; expires=Fri, 13-Dec-2024 13:39:03 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Dec 2022 13:39:03 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 16469391
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 779757ec49dcb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

downloadlocked.com/cl/js/114v1

23.22.126.183

200 OK

0 B

URL HTTP/2
downloadlocked.com/cl/js/114v1
IP
23.22.126.183:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cl/js/114v1 HTTP/1.1
Host: downloadlocked.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 13:39:03 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: none
set-cookie: XSRF-TOKEN=eyJpdiI6Ijhpc2xadjZkS0JRaUlJL2ZWb3FVc1E9PSIsInZhbHVlIjoiOXFxaC9NV2x4S1ZKRVJzMi93OEt1bEtCNzEvREs1NU96Q0ZsM3RDQUVPdTZNSDRIeXBGN2QzZXcrSTRqZkpJdWtqbnJTWTVySG5xeXNLWWc0bWNYZFhESTdyRGFtWlIwYldncUJEMzlNRDcvV3lzYXF2WkkrOHJqMXdBbFBTRHAiLCJtYWMiOiIxYTAwZjIwMTY1MTczODgyMzg1NjA0YTg3NTVkNGVkMzVlOTcyOWEyOWQ4NjUwOGU3OTVjZWQzMGJkNGMwMDI5IiwidGFnIjoiIn0%3D; expires=Thu, 15 Dec 2022 09:39:03 GMT; Max-Age=72000; path=/; secure; samesite=none
ogads_session=eyJpdiI6InJqa1hFSDdmdEFNa3BEb3IvMWxnaUE9PSIsInZhbHVlIjoiWDREV0ptNUFDajhlK0tYVnhVV0dqSTBTT00zVFBoa1hGOEZCRGN0WHlxUE9vUWQ2eVhmUnk4U2wvTVFnMnJBRFVDNDgxN3hwRERpU1piZ1Q5MTNIYjhSRCs1dHh4MWc2ZHlDVjZvelFtY3lVNVdYbGl2amJqcDNCcnE1Z2VVOVoiLCJtYWMiOiJkYTFkNTdmMTdmOGUxZDRhZWFiM2UyY2E5ZTA2NTZhZWJiNWZkZTQ3YjA1MzQ2YTQwMjk2N2E1Njg0ZDI5ZTNhIiwidGFnIjoiIn0%3D; expires=Thu, 15 Dec 2022 09:39:03 GMT; Max-Age=72000; path=/; secure; httponly; samesite=none
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: DENY, nosniff
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP