| cdnjs.cloudflare.com/ajax/libs/script.js/2.0.2/script.min.js | 104.17.25.14 | 200 OK | 684 B |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/script.js/2.0.2/script.min.js IP104.17.25.14:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1233) Hash0425e414c5c771ea19751d344586a945 0cd64d6a8b8c87bb47b008e2ef4181a07c1ed93a 674f5eaec7036971b28f595dc5fd4d55a93994e282ab2a232d2486d30640d453
GET /ajax/libs/script.js/2.0.2/script.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 684
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-594"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 342489
expires: Thu, 24 Apr 2025 16:33:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZLT93YwWvrUIdbO3jYCcs6KpkrwZ8CdeRAU5y7UneTK4234Cu1im6SWc0Ms%2BbxCNaJXuQNPkQXZTYaXpHSl%2BIuOvYJWSoG3qTCj38GNlXUu8xQhvwDeIlCD4FXPq%2Bz%2FA6LJC5nG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e9e435c87d5699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js | 151.101.129.229 | 200 OK | 6.4 kB |
URL GET HTTP/2cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js IP151.101.129.229:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (23002) Hash00debcf6cf0789a19cee2278011afcd4 8017f8b1869077db728573f1ca4684a00af69462 faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
GET /particles.js/2.0.0/particles.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"5b44-gBf4sYaQd9tyhXPxykaEoAr2lGI"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 16:33:15 GMT
age: 2483384
x-served-by: cache-fra-eddf8230124-FRA, cache-hel1410026-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6363
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/assets/js/index.js | 76.76.21.142 | 200 OK | 918 B |
URL GET HTTP/2math-help-for-losers.vercel.app/assets/js/index.js IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
Hash815340f4d0164925524b313679698dae d77f83ff8bad8f196341892068e29e26805131dc 4639aa1a5a7aa1f4dec1769536f09b7803885243623c577c4cd27c32e4f526e2
GET /assets/js/index.js HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0
content-type: application/javascript; charset=UTF-8
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"396-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::j5k8c-1714840395166-d7a77cc7aff0
content-length: 918
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-6YEQ7Q0XRC | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-6YEQ7Q0XRC IP142.250.74.168:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101634 bytes) Hash9033c395734d10c832d37c20ec7185b8 acaa731c5d06f2d611f31ef75c7fa1a305694a55 37b78561b7f9bf8b84da009fc986e5caa7cad626008190db310318a7e3566135
GET /gtag/js?id=G-6YEQ7Q0XRC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 16:33:15 GMT
expires: Sat, 04 May 2024 16:33:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css | 151.101.129.229 | 200 OK | 14 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css IP151.101.129.229:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hashedf74488a993c84b266b2de3b9c14456 1bec138083d3b27ff687a9d41b80b797cf20b709 bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48
GET /npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 13601
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.11.1
x-jsd-version-type: version
etag: W/"17fcf-G+wTgIPTsn/2h6nUG4C3l88gtwk"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 16:33:15 GMT
age: 17938947
x-served-by: cache-fra-eddf8230023-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| math-help-for-losers.vercel.app/assets/img/doge.jpg | 76.76.21.142 | 200 OK | 31 kB |
URL GET HTTP/2math-help-for-losers.vercel.app/assets/img/doge.jpg IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hashac80f0b43b2a84b35975b1b2b48bfc7a 5a78298cd73b90bb5d36f73363eb5d4ac431dad9 f9c9470dec76e058928d7a214163eb354c79bb24fd59cb315803712fc127370a
GET /assets/img/doge.jpg HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0
content-type: image/jpeg
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"76e7-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::2h7nb-1714840395163-4fce0b2e4843
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/fonts/bootstrap-icons.woff2?2820a3852bdb9a5832199cc61cec4e65 | 151.101.129.229 | 200 OK | 131 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/fonts/bootstrap-icons.woff2?2820a3852bdb9a5832199cc61cec4e65 IP151.101.129.229:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 130608, version 1.0 Size131 kB (130608 bytes) Hashed62b9f1e0c75121f4d797a4a85730a2 d33714cb0836ea9ebe02f4ccc22806593903167a bacd70afda7da1deac2bbd49b5717a4dd133bcd59c379525d705b8492f678e95
GET /npm/bootstrap-icons@1.11.1/font/fonts/bootstrap-icons.woff2?2820a3852bdb9a5832199cc61cec4e65 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 130608
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.11.1
x-jsd-version-type: version
etag: W/"1fe30-0zcUywg26p6+AvTMwigGWTkDFno"
accept-ranges: bytes
date: Sat, 04 May 2024 16:33:15 GMT
age: 2396096
x-served-by: cache-fra-etou8220153-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 17:55:04 GMT
expires: Fri, 02 May 2025 17:55:04 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 167891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pl22991509.profitablegatecpm.com/df/d2/e1/dfd2e1c094b00a158058ce0068d7df84.js | 192.243.61.227 | 200 OK | 16 kB |
URL GET HTTP/1.1pl22991509.profitablegatecpm.com/df/d2/e1/dfd2e1c094b00a158058ce0068d7df84.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44091), with no line terminators Hash613e4383f79f9b5f81985880eee137d3 487b7b3be65f7eda3b7a40125c559736c392f1ef ed924911000b3e23e70191f152c73cc90d245b53589e7e20946d4405d650e190
GET /df/d2/e1/dfd2e1c094b00a158058ce0068d7df84.js HTTP/1.1
Host: pl22991509.profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:33:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=0; expires=Tue, 07 May 2024 19:33:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 313eba99cf9c4e95a99a6ad039c5079c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashc95e94534b41cdc9d7ca177dfa016dcb 2dfbc0561e85341dcad97015e4f29c37a7c0ded8 2c0ffe2b9a35f115c890f9691cfc32bf4bdaec4a5cbb28de40b3e04cef22627b
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://math-help-for-losers.vercel.app
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=19efa73d-3475-4b9d-b00c-4845b047c2fb:1:1; expires=Tue, 02 May 2034 16:33:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/uv/uv.config.js | 76.76.21.142 | 200 OK | 291 B |
URL GET HTTP/2math-help-for-losers.vercel.app/uv/uv.config.js IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeASCII text, with CRLF line terminators Hash71ce42fbda3e2abed32e5320a8812cf7 7a01f9a81b957816121a98421c99c50f63b09b23 71cbd5a515918f868cea099f452f35e50576df2494866b5aa16a7fea8b0371ed
GET /uv/uv.config.js HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: _ga_6YEQ7Q0XRC=GS1.1.1714840395.1.0.1714840395.0.0.0; _ga=GA1.1.1748150268.1714840396
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0
content-type: application/javascript; charset=UTF-8
date: Sat, 04 May 2024 16:33:16 GMT
etag: W/"123-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::q8cck-1714840396292-9625e10a8b84
content-length: 291
X-Firefox-Spdy: h2
|
|
| rubbingwomb.com/29/fa/b7/29fab7886bf7b6e324633f506204e65d.js | 172.240.127.234 | 200 OK | 31 kB |
URL GET HTTP/1.1rubbingwomb.com/29/fa/b7/29fab7886bf7b6e324633f506204e65d.js IP172.240.127.234:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectrubbingwomb.com Fingerprint28:99:E5:A5:06:29:BD:6B:17:1F:F4:77:EA:C6:FF:E5:62:DD:0D:31 ValidityMon, 29 Apr 2024 08:21:45 GMT - Sun, 28 Jul 2024 08:21:44 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash36405bcb18a50f5890d5b36c47b53dfb 7f2be99398878117688196b2f3ee7327d754d048 7450f076cea90709fd4b56daf31c01ae8590584dc84bc92aac3cfe92bb822941
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /29/fa/b7/29fab7886bf7b6e324633f506204e65d.js HTTP/1.1
Host: rubbingwomb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:33:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8032f9b6e88125ddedc617342eba01b6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashc95e94534b41cdc9d7ca177dfa016dcb 2dfbc0561e85341dcad97015e4f29c37a7c0ded8 2c0ffe2b9a35f115c890f9691cfc32bf4bdaec4a5cbb28de40b3e04cef22627b
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: uid_id2=19efa73d-3475-4b9d-b00c-4845b047c2fb:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://math-help-for-losers.vercel.app
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| layeravowportent.com/pixel/purst?dl=0&th=0&sc=0&rs=2054&rd=2054&fd=536&bv=24.5.6485&tmpl=70 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1layeravowportent.com/pixel/purst?dl=0&th=0&sc=0&rs=2054&rd=2054&fd=536&bv=24.5.6485&tmpl=70 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectlayeravowportent.com FingerprintE9:CB:6F:5C:6E:50:B1:84:A2:34:39:5B:96:74:1D:84:D3:FA:2A:38 ValidityMon, 29 Apr 2024 08:07:58 GMT - Sun, 28 Jul 2024 08:07:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2054&rd=2054&fd=536&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: layeravowportent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 16:33:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 36 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 16:33:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3072d744f1a5b47d38ce33cdab8447e2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 16:33:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7uk%2F%2B2Shpuv0Q9O607nMf7hhvO1iKOb5NgqM9Xl%2FgTEzlQvVNyWDNBtcKAZNKajSqnfEYCYNT%2Fl5ISO18vgMy2SQge6FemaYXFQEfSwidNe8H4butYqDU1D0uR3Akr8ddyxBCKjI7CRTcAAqQFpVuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e9e43f1d190b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashc95e94534b41cdc9d7ca177dfa016dcb 2dfbc0561e85341dcad97015e4f29c37a7c0ded8 2c0ffe2b9a35f115c890f9691cfc32bf4bdaec4a5cbb28de40b3e04cef22627b
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: uid_id2=19efa73d-3475-4b9d-b00c-4845b047c2fb:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://math-help-for-losers.vercel.app
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashc95e94534b41cdc9d7ca177dfa016dcb 2dfbc0561e85341dcad97015e4f29c37a7c0ded8 2c0ffe2b9a35f115c890f9691cfc32bf4bdaec4a5cbb28de40b3e04cef22627b
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: uid_id2=19efa73d-3475-4b9d-b00c-4845b047c2fb:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://math-help-for-losers.vercel.app
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| rubbingwomb.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2sbxxueVXz7wQ9acgsFHVNo5V1JXknNIdRxXdw6sZuktJcSZmdG8tSzO8vMjlb2ydRQchT9BOtHdkzapCTXQkNZB3owFKKefKgv%2FQYt5FxWFVX7wsz7vvM8A8%2F75%2Bsjd0macPRi7bbel0rR5ZWGX7%2F%2BeRDcqG%2FKxI3qo274IGzfqJvhe72w4b9d%2F1CwXb3c9APfD%2Fygvi6N6OvRcgVCpk96QaPnN9rNRrDSxsj8N7fOg6Ue%2BPCSvAnJp0svvauQrEQSP1sTdjfT6TsfxE7RTBsM%2BemnyW6i8wTxIuwbD%2F3kdM6Gtq%2FWX0AnJzO50MN%2FiJGcEu%2FnF4iS07lIRMPjmc5IQSSI%2BP%2BQD0sIVULSEkwfQvJXBGAcd7aQxI%2FuaJPTvb9RWqFTsvT6T8h8SpZ%2Bu4ok%2Fn5VyVH9nlYukzqxGPULyFEJOSiRujNk%2BzXI%2FAws%2BwqS%2F0KWX28iiY%2B3rNKQvJjVLmUJ2S%2BhxBjUenDVkR5c34NLPcT8os6CIOj4nFG%2F22OsxTsiCrkf0E4%2FoIEfduFYJW%2BMLB2DqTGYOUBqDrArxzDuJ9idApZ7sNmUeJ8cYMgL5IIgtwQ5JcglQZ4R5MPihCvbtMUjrqyLgrlvzn2rmOhscERPdDYQCQE1YxheHKWX5I2qP94XH9WwKy7qvM%2BbImB%2Brx35Pg1Wuv5KlwnfD7u8w%2FvdNqx8fGv93Va73X3gQ9rarPZ9OSU98hSpnJJrjUNE9AxWnYHJK6DuLdC8AN0psJ88FUljZy9NRYMpF4HrAmm2hGzPO1KX5NpsVhtbzyHY%2Bc3fWzMDMwVSU%2BBL%2BZJgoB5O7uqcHN%2FVuSXPt9JMxnKfVnO8l9FMXPn2Y7GXa8M31uz48fusAqrwyX1hs02acJkMLPluVXIuzLo2TJAfN%2BxnItp2dmfVmcSlm9u31jfi1AhrpU5K0Gol%2FzBgckr%2Bf%2B3%2BbEWv%2F7ANaUoYVyB252RukLoESw9g04V%2BqwmMWnCi1EPuiolpRotHJQmUWOQ0KmD%2FlUeLeGJo9ZvK4sg%2BxMDUQLNDJHGBoSkwVAWoGsO6K5MsNec3f53LiFRtEilTO46UUd%2FM2lxdz2DlRb3Tavk07K0EnQ4Vnajd7PbDgFPabIfNMKQtZHbaD9ntvwAAAP%2F%2FAQAA%2F%2F9lRCs2fAQAAA%3D%3D | 172.240.127.234 | 200 OK | 7 B |
URL GET HTTP/1.1rubbingwomb.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2sbxxueVXz7wQ9acgsFHVNo5V1JXknNIdRxXdw6sZuktJcSZmdG8tSzO8vMjlb2ydRQchT9BOtHdkzapCTXQkNZB3owFKKefKgv%2FQYt5FxWFVX7wsz7vvM8A8%2F75%2Bsjd0macPRi7bbel0rR5ZWGX7%2F%2BeRDcqG%2FKxI3qo274IGzfqJvhe72w4b9d%2F1CwXb3c9APfD%2Fygvi6N6OvRcgVCpk96QaPnN9rNRrDSxsj8N7fOg6Ue%2BPCSvAnJp0svvauQrEQSP1sTdjfT6TsfxE7RTBsM%2BemnyW6i8wTxIuwbD%2F3kdM6Gtq%2FWX0AnJzO50MN%2FiJGcEu%2FnF4iS07lIRMPjmc5IQSSI%2BP%2BQD0sIVULSEkwfQvJXBGAcd7aQxI%2FuaJPTvb9RWqFTsvT6T8h8SpZ%2Bu4ok%2Fn5VyVH9nlYukzqxGPULyFEJOSiRujNk%2BzXI%2FAws%2BwqS%2F0KWX28iiY%2B3rNKQvJjVLmUJ2S%2BhxBjUenDVkR5c34NLPcT8os6CIOj4nFG%2F22OsxTsiCrkf0E4%2FoIEfduFYJW%2BMLB2DqTGYOUBqDrArxzDuJ9idApZ7sNmUeJ8cYMgL5IIgtwQ5JcglQZ4R5MPihCvbtMUjrqyLgrlvzn2rmOhscERPdDYQCQE1YxheHKWX5I2qP94XH9WwKy7qvM%2BbImB%2Brx35Pg1Wuv5KlwnfD7u8w%2FvdNqx8fGv93Va73X3gQ9rarPZ9OSU98hSpnJJrjUNE9AxWnYHJK6DuLdC8AN0psJ88FUljZy9NRYMpF4HrAmm2hGzPO1KX5NpsVhtbzyHY%2Bc3fWzMDMwVSU%2BBL%2BZJgoB5O7uqcHN%2FVuSXPt9JMxnKfVnO8l9FMXPn2Y7GXa8M31uz48fusAqrwyX1hs02acJkMLPluVXIuzLo2TJAfN%2BxnItp2dmfVmcSlm9u31jfi1AhrpU5K0Gol%2FzBgckr%2Bf%2B3%2BbEWv%2F7ANaUoYVyB252RukLoESw9g04V%2BqwmMWnCi1EPuiolpRotHJQmUWOQ0KmD%2FlUeLeGJo9ZvK4sg%2BxMDUQLNDJHGBoSkwVAWoGsO6K5MsNec3f53LiFRtEilTO46UUd%2FM2lxdz2DlRb3Tavk07K0EnQ4Vnajd7PbDgFPabIfNMKQtZHbaD9ntvwAAAP%2F%2FAQAA%2F%2F9lRCs2fAQAAA%3D%3D IP172.240.127.234:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectrubbingwomb.com Fingerprint28:99:E5:A5:06:29:BD:6B:17:1F:F4:77:EA:C6:FF:E5:62:DD:0D:31 ValidityMon, 29 Apr 2024 08:21:45 GMT - Sun, 28 Jul 2024 08:21:44 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2sbxxueVXz7wQ9acgsFHVNo5V1JXknNIdRxXdw6sZuktJcSZmdG8tSzO8vMjlb2ydRQchT9BOtHdkzapCTXQkNZB3owFKKefKgv%2FQYt5FxWFVX7wsz7vvM8A8%2F75%2Bsjd0macPRi7bbel0rR5ZWGX7%2F%2BeRDcqG%2FKxI3qo274IGzfqJvhe72w4b9d%2F1CwXb3c9APfD%2Fygvi6N6OvRcgVCpk96QaPnN9rNRrDSxsj8N7fOg6Ue%2BPCSvAnJp0svvauQrEQSP1sTdjfT6TsfxE7RTBsM%2BemnyW6i8wTxIuwbD%2F3kdM6Gtq%2FWX0AnJzO50MN%2FiJGcEu%2FnF4iS07lIRMPjmc5IQSSI%2BP%2BQD0sIVULSEkwfQvJXBGAcd7aQxI%2FuaJPTvb9RWqFTsvT6T8h8SpZ%2Bu4ok%2Fn5VyVH9nlYukzqxGPULyFEJOSiRujNk%2BzXI%2FAws%2BwqS%2F0KWX28iiY%2B3rNKQvJjVLmUJ2S%2BhxBjUenDVkR5c34NLPcT8os6CIOj4nFG%2F22OsxTsiCrkf0E4%2FoIEfduFYJW%2BMLB2DqTGYOUBqDrArxzDuJ9idApZ7sNmUeJ8cYMgL5IIgtwQ5JcglQZ4R5MPihCvbtMUjrqyLgrlvzn2rmOhscERPdDYQCQE1YxheHKWX5I2qP94XH9WwKy7qvM%2BbImB%2Brx35Pg1Wuv5KlwnfD7u8w%2FvdNqx8fGv93Va73X3gQ9rarPZ9OSU98hSpnJJrjUNE9AxWnYHJK6DuLdC8AN0psJ88FUljZy9NRYMpF4HrAmm2hGzPO1KX5NpsVhtbzyHY%2Bc3fWzMDMwVSU%2BBL%2BZJgoB5O7uqcHN%2FVuSXPt9JMxnKfVnO8l9FMXPn2Y7GXa8M31uz48fusAqrwyX1hs02acJkMLPluVXIuzLo2TJAfN%2BxnItp2dmfVmcSlm9u31jfi1AhrpU5K0Gol%2FzBgckr%2Bf%2B3%2BbEWv%2F7ANaUoYVyB252RukLoESw9g04V%2BqwmMWnCi1EPuiolpRotHJQmUWOQ0KmD%2FlUeLeGJo9ZvK4sg%2BxMDUQLNDJHGBoSkwVAWoGsO6K5MsNec3f53LiFRtEilTO46UUd%2FM2lxdz2DlRb3Tavk07K0EnQ4Vnajd7PbDgFPabIfNMKQtZHbaD9ntvwAAAP%2F%2FAQAA%2F%2F9lRCs2fAQAAA%3D%3D HTTP/1.1
Host: rubbingwomb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:33:17 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4687b9dcecb856d09afd42600ae814f3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| math-help-for-losers.vercel.app/worker.js | 76.76.21.142 | 500 Internal Server Error | 28 B |
URL GET HTTP/2math-help-for-losers.vercel.app/worker.js IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeASCII text, with no line terminators Hash7305135e8c8844dec3bdaf6071604de8 76fae8ae6068e24b7fb57128fc00b8b867c56985 6a38227859da1b654cfdd0e54846f0692ed50f02be2c464feaaf15f123d53d6a
GET /worker.js HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: _ga_6YEQ7Q0XRC=GS1.1.1714840395.1.0.1714840395.0.0.0; _ga=GA1.1.1748150268.1714840396; sb_main_dfd2e1c094b00a158058ce0068d7df84=1; sb_count_dfd2e1c094b00a158058ce0068d7df84=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=19efa73d-3475-4b9d-b00c-4845b047c2fb%3A1%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=utf-8
date: Sat, 04 May 2024 16:33:17 GMT
etag: W/"1c-dvrormBo4kt/tXEo/AC4uGfFaYU"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::sfklp-1714840397150-486b0fc1b343
content-length: 28
X-Firefox-Spdy: h2
|
|
| rubbingwomb.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=101 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1rubbingwomb.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=101 IP172.240.127.234:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectrubbingwomb.com Fingerprint28:99:E5:A5:06:29:BD:6B:17:1F:F4:77:EA:C6:FF:E5:62:DD:0D:31 ValidityMon, 29 Apr 2024 08:21:45 GMT - Sun, 28 Jul 2024 08:21:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=101 HTTP/1.1
Host: rubbingwomb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:33:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png | 188.114.96.1 | 200 OK | 591 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png IP188.114.96.1:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hash9fd5bcb6103d86e317bd1eb019bcbe71 6b5a52ea669dcb74946f2bed4bdd7ec985026113 0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:17 GMT
content-type: image/png
content-length: 591
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 346533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAmuSihzvtjaQi%2BB8OV3wokqDfRc9UZqlzMfnJ3zWXWCCGT3Uq7yOKItYvslrNZJhSGLhQrMKp63IqLEsunFtl0sDYAfDeo%2BP179JdnDaXaDltnpijSE%2FAd3512pOaeq2KkBSZMemWCp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e9e4449b8a7129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png | 45.133.44.10 | 200 OK | 16 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash14cf262fabfd850855c42847d14fe775 2fafa28f167f018a0fb1f261f47380c8810803c9 972004ebada4077c3a4d03dcb45175ea467faf54da72be727a1c5c75e688b8af
GET /si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:17 GMT
content-type: image/png
content-length: 16093
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:06:35 GMT
etag: "656d261b-3edd"
expires: Mon, 06 May 2024 16:33:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/assets/img/doge.jpg | 76.76.21.142 | 200 OK | 30 kB |
URL GET HTTP/2math-help-for-losers.vercel.app/assets/img/doge.jpg IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hash0eb51aabb859d0be979f7fa8fc0ce987 83a3141771da65ad6d6108693e3f6bb7ed953b39 75cd1593ebc1761765fd196b90ce99e0069984a59b0e1933be765cbe01838ccf
GET /assets/img/doge.jpg HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: _ga_6YEQ7Q0XRC=GS1.1.1714840395.1.0.1714840395.0.0.0; _ga=GA1.1.1748150268.1714840396
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0
content-type: image/jpeg
date: Sat, 04 May 2024 16:33:16 GMT
etag: W/"76e7-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::m7nfg-1714840396545-df9e327d129a
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/assets/js/anym.js | 76.76.21.142 | 200 OK | 656 B |
URL GET HTTP/2math-help-for-losers.vercel.app/assets/js/anym.js IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash26bafec8ce4cb86f9e6e7cda2d8f82e5 85e8b405fdffe735bb850772f747635f4e443f59 6c0c0f97a80955401d088264e4e7e0e1d2903d5e06695e6456eee183044e49bc
GET /assets/js/anym.js HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"771-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::dw29g-1714840395163-6b8f2560d87e
X-Firefox-Spdy: h2
|
|
| rubbingwomb.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=325 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1rubbingwomb.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=325 IP172.240.127.234:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectrubbingwomb.com Fingerprint28:99:E5:A5:06:29:BD:6B:17:1F:F4:77:EA:C6:FF:E5:62:DD:0D:31 ValidityMon, 29 Apr 2024 08:21:45 GMT - Sun, 28 Jul 2024 08:21:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=325 HTTP/1.1
Host: rubbingwomb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:33:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| unseenreport.com/pxf.gif?uuid=19efa73d-3475-4b9d-b00c-4845b047c2fb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=29fab7886bf7b6e324633f506204e65d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=19efa73d-3475-4b9d-b00c-4845b047c2fb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=29fab7886bf7b6e324633f506204e65d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=19efa73d-3475-4b9d-b00c-4845b047c2fb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=29fab7886bf7b6e324633f506204e65d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 16:33:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5035cf259247655707d8205029695c84
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=19efa73d-3475-4b9d-b00c-4845b047c2fb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dfd2e1c094b00a158058ce0068d7df84&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=19efa73d-3475-4b9d-b00c-4845b047c2fb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dfd2e1c094b00a158058ce0068d7df84&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=19efa73d-3475-4b9d-b00c-4845b047c2fb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dfd2e1c094b00a158058ce0068d7df84&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 16:33:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1efebd87b65547a78d0c84fb2cce3b8f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 225498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js | 188.114.96.1 | 200 OK | 16 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js IP188.114.96.1:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash0013fbb3bd9e7300fa1bc9f62501dcf0 447e4a8994979e2e158b9beff79b94e7d1b29508 4cf18df81115ddab6967dc82096077ee024223dac3c6ffc9b810bffb7780a20e
GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:18 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dExlWpYvEsY2ERF7sRiHCgpiC1MLJWD14JxQuCwv%2FWF1bkVdxZD3YPc0PIdk8IzsraL4nMPn6mwbYGXZ9DP5cD%2F49hMXvcJhr5ZPGDVlDezElOJEmHIBo4dAioRyYc5ojqfI9eVj8XyD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e9e445edab7129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rubbingwomb.com/pixel/sbs?c=1 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1rubbingwomb.com/pixel/sbs?c=1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectrubbingwomb.com Fingerprint28:99:E5:A5:06:29:BD:6B:17:1F:F4:77:EA:C6:FF:E5:62:DD:0D:31 ValidityMon, 29 Apr 2024 08:21:45 GMT - Sun, 28 Jul 2024 08:21:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: rubbingwomb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 16:33:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| rubbingwomb.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bd5LdD36gdBeEWVbQyb3zPXZRTGMkmjaxrehGyvm6k2PO3HM55565k6yCAely8C%2B4eSZpqLbSbgWLTAouAkLHVRZm43%2Bg0LXMODj6wjnv%2B57nOfC8H18f%2BytShaeX67fNgdKarjYqYfn651F0o7ylEj8oD9rNB836jbLtv9dpVsK3yx9KvmdWq2EUhlEYlTeUlbEZrE5BqPRJJ6p0wkq9WokadQzsf3PnAzgaQPSvyJtQYrL8MrgGxcdIes%2FWpdvLTPrOBz2vaWYs%2BuLs02QvMXmC3iKMbYA4OZuzYdyrjRcwyelMLkz%2FHyJTExL8%2FAIsOZuLBOufzHQyDZmAif8h748h9RiKjsHNEZR4RQAucGcbSe%2FRHWNzuv83SqfohCy%2F%2FhMqn5Dl364h6X2%2FptWgfM9onymTOAziAmowhuqOkfpzZAclqPwcPPsKSvxCVl9vIemdbDttoEQxq12pMVQ8hpZDUBfAT48K4OMAPg3QE5dlHkVRKxSchu0O5zXRkqwpwoi24ohGYbMNz6fyhsjSIbgegttDpPYQe2oI63%2BC2y3gRACXTUjwySH6okAuCXJHkFOCXBHkGUHeL06FdlVXPBLaeRbNfXXua8XIZN1jemqyrkwIqB3CiuI4vSJvTPsTfPFRCXvysixiUZURDzt1FoY0arTDRpvLMGy2RUvE7Tqcenxr491avd5%2BEEK50qz2AzUhHfIUqZqQlcoRGD2H0%2BfgagnUvwWaF6C7BQ6SpzKp7O6nqaxw7RmEKZBmy8j2g2N9RVZms9rcfg7JL27%2BXpsZuC2Q2gJfqpcEXf1wdNfk5OSuyR15vp1mqqcO6HSO9zKayaVvP5b7ubFic90NH7%2FPp8A0fHJfumyLJkIlXUe%2BW1NCSLthLJfkx033mWQ73u2ueZv4dGvn1sZmL7XSOWWSMeh0Jf%2Bw4GpC%2Fr9yf7ai13%2FYgbJjWF%2Bg5y%2FI3KDMGDw9hEsX%2Bp0hsHrBYWmA3BcjW2WLR60ItFzklBVw%2F8rZIh5ZOv1NVXHsHqJrS6DZEZJegb4t0NcFqB7C%2BaVRltqLm7%2FOZTBdGjFtSydMW%2F3NrM3T6xmcuizXQtFiMpYtJuuNeiy5YI0GC3nMWU202xyZm8RNfvsvAAAA%2F%2F8BAAD%2F%2F%2BWQ%2Ft58BAAA | 172.240.127.234 | 200 OK | 7 B |
URL GET HTTP/1.1rubbingwomb.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bd5LdD36gdBeEWVbQyb3zPXZRTGMkmjaxrehGyvm6k2PO3HM55565k6yCAely8C%2B4eSZpqLbSbgWLTAouAkLHVRZm43%2Bg0LXMODj6wjnv%2B57nOfC8H18f%2BytShaeX67fNgdKarjYqYfn651F0o7ylEj8oD9rNB836jbLtv9dpVsK3yx9KvmdWq2EUhlEYlTeUlbEZrE5BqPRJJ6p0wkq9WokadQzsf3PnAzgaQPSvyJtQYrL8MrgGxcdIes%2FWpdvLTPrOBz2vaWYs%2BuLs02QvMXmC3iKMbYA4OZuzYdyrjRcwyelMLkz%2FHyJTExL8%2FAIsOZuLBOufzHQyDZmAif8h748h9RiKjsHNEZR4RQAucGcbSe%2FRHWNzuv83SqfohCy%2F%2FhMqn5Dl364h6X2%2FptWgfM9onymTOAziAmowhuqOkfpzZAclqPwcPPsKSvxCVl9vIemdbDttoEQxq12pMVQ8hpZDUBfAT48K4OMAPg3QE5dlHkVRKxSchu0O5zXRkqwpwoi24ohGYbMNz6fyhsjSIbgegttDpPYQe2oI63%2BC2y3gRACXTUjwySH6okAuCXJHkFOCXBHkGUHeL06FdlVXPBLaeRbNfXXua8XIZN1jemqyrkwIqB3CiuI4vSJvTPsTfPFRCXvysixiUZURDzt1FoY0arTDRpvLMGy2RUvE7Tqcenxr491avd5%2BEEK50qz2AzUhHfIUqZqQlcoRGD2H0%2BfgagnUvwWaF6C7BQ6SpzKp7O6nqaxw7RmEKZBmy8j2g2N9RVZms9rcfg7JL27%2BXpsZuC2Q2gJfqpcEXf1wdNfk5OSuyR15vp1mqqcO6HSO9zKayaVvP5b7ubFic90NH7%2FPp8A0fHJfumyLJkIlXUe%2BW1NCSLthLJfkx033mWQ73u2ueZv4dGvn1sZmL7XSOWWSMeh0Jf%2Bw4GpC%2Fr9yf7ai13%2FYgbJjWF%2Bg5y%2FI3KDMGDw9hEsX%2Bp0hsHrBYWmA3BcjW2WLR60ItFzklBVw%2F8rZIh5ZOv1NVXHsHqJrS6DZEZJegb4t0NcFqB7C%2BaVRltqLm7%2FOZTBdGjFtSydMW%2F3NrM3T6xmcuizXQtFiMpYtJuuNeiy5YI0GC3nMWU202xyZm8RNfvsvAAAA%2F%2F8BAAD%2F%2F%2BWQ%2Ft58BAAA IP172.240.127.234:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectrubbingwomb.com Fingerprint28:99:E5:A5:06:29:BD:6B:17:1F:F4:77:EA:C6:FF:E5:62:DD:0D:31 ValidityMon, 29 Apr 2024 08:21:45 GMT - Sun, 28 Jul 2024 08:21:44 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bd5LdD36gdBeEWVbQyb3zPXZRTGMkmjaxrehGyvm6k2PO3HM55565k6yCAely8C%2B4eSZpqLbSbgWLTAouAkLHVRZm43%2Bg0LXMODj6wjnv%2B57nOfC8H18f%2BytShaeX67fNgdKarjYqYfn651F0o7ylEj8oD9rNB836jbLtv9dpVsK3yx9KvmdWq2EUhlEYlTeUlbEZrE5BqPRJJ6p0wkq9WokadQzsf3PnAzgaQPSvyJtQYrL8MrgGxcdIes%2FWpdvLTPrOBz2vaWYs%2BuLs02QvMXmC3iKMbYA4OZuzYdyrjRcwyelMLkz%2FHyJTExL8%2FAIsOZuLBOufzHQyDZmAif8h748h9RiKjsHNEZR4RQAucGcbSe%2FRHWNzuv83SqfohCy%2F%2FhMqn5Dl364h6X2%2FptWgfM9onymTOAziAmowhuqOkfpzZAclqPwcPPsKSvxCVl9vIemdbDttoEQxq12pMVQ8hpZDUBfAT48K4OMAPg3QE5dlHkVRKxSchu0O5zXRkqwpwoi24ohGYbMNz6fyhsjSIbgegttDpPYQe2oI63%2BC2y3gRACXTUjwySH6okAuCXJHkFOCXBHkGUHeL06FdlVXPBLaeRbNfXXua8XIZN1jemqyrkwIqB3CiuI4vSJvTPsTfPFRCXvysixiUZURDzt1FoY0arTDRpvLMGy2RUvE7Tqcenxr491avd5%2BEEK50qz2AzUhHfIUqZqQlcoRGD2H0%2BfgagnUvwWaF6C7BQ6SpzKp7O6nqaxw7RmEKZBmy8j2g2N9RVZms9rcfg7JL27%2BXpsZuC2Q2gJfqpcEXf1wdNfk5OSuyR15vp1mqqcO6HSO9zKayaVvP5b7ubFic90NH7%2FPp8A0fHJfumyLJkIlXUe%2BW1NCSLthLJfkx033mWQ73u2ueZv4dGvn1sZmL7XSOWWSMeh0Jf%2Bw4GpC%2Fr9yf7ai13%2FYgbJjWF%2Bg5y%2FI3KDMGDw9hEsX%2Bp0hsHrBYWmA3BcjW2WLR60ItFzklBVw%2F8rZIh5ZOv1NVXHsHqJrS6DZEZJegb4t0NcFqB7C%2BaVRltqLm7%2FOZTBdGjFtSydMW%2F3NrM3T6xmcuizXQtFiMpYtJuuNeiy5YI0GC3nMWU202xyZm8RNfvsvAAAA%2F%2F8BAAD%2F%2F%2BWQ%2Ft58BAAA HTTP/1.1
Host: rubbingwomb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:33:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1c60f5d15015606a85d38c7b1eac74b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 25481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/uv/uv.handler.js | 76.76.21.142 | 200 OK | 40 kB |
URL GET HTTP/2math-help-for-losers.vercel.app/uv/uv.handler.js IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashf851487bd084c494d1c978b75b57e3f5 cbcf9e251be077638a0d4b3b8be69bcd1d5d5e8f c5e8a39d09280aeaac25c2548543e53ea74ad041f8932f1f3d702d8223d9c46c
GET /uv/uv.handler.js HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"9dbf-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::6m2cn-1714840395460-76a31396f1ee
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/assets/js/particles.js | 76.76.21.142 | 200 OK | 23 kB |
URL GET HTTP/2math-help-for-losers.vercel.app/assets/js/particles.js IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/js/particles.js HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"584d-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::sfklp-1714840395166-6eb27d180fd2
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/uv/uv.bundle.js | 76.76.21.142 | 200 OK | 1.8 MB |
URL GET HTTP/2math-help-for-losers.vercel.app/uv/uv.bundle.js IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
Size1.8 MB (1809191 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uv/uv.bundle.js HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: _ga_6YEQ7Q0XRC=GS1.1.1714840395.1.0.1714840395.0.0.0; _ga=GA1.1.1748150268.1714840396
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"1b9b27-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::7jwzs-1714840395685-f497c5743575
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/assets/css/app.css | 76.76.21.142 | 200 OK | 6.0 kB |
URL GET HTTP/2math-help-for-losers.vercel.app/assets/css/app.css IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeASCII text, with very long lines (6632), with no line terminators Hash61c4fb4622218c1d63c34c9e18da25d3 b8dcf55940f33fb38f5bd91560c521b30d62d498 5b0be2b2f0cb579183079ec9948c62544e6f0e8aefe4020f7d6a5d498b63f69a
GET /assets/css/app.css HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: text/css; charset=UTF-8
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"177c-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::m7nfg-1714840395153-9dc610df05ed
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/assets/js/main.js | 76.76.21.142 | 200 OK | 3.7 kB |
URL GET HTTP/2math-help-for-losers.vercel.app/assets/js/main.js IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3987), with no line terminators Hash28eb39f071c947e67068a1dd99aaf68b 5e57397c6bad5a88a3ada5f67df025414b9d2c09 0180fc73950c17ddfc7cc41825e9859983a185417956e67c1c4411ea835d8617
GET /assets/js/main.js HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"e66-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::tmqvv-1714840395164-83a39a1b2dfa
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js | 188.114.96.1 | 200 OK | 84 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js IP188.114.96.1:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hash4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:17 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 342401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnyh3BZDXoQURqwd%2BoY25OzBV0E6Wo%2Bux%2F04tkue1LZfyaVy8Xk0VuHnYtpKME1lsCpClhsuOqo6IAoY54c%2BOWKIDmJBHYM2PrXvCsNu4jtz8OB1e2mzsiyvP41c0xMZVH8iyO7LwAiJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e9e4449ba07129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/assets/js/themes.js | 76.76.21.142 | 200 OK | 7.6 kB |
URL GET HTTP/2math-help-for-losers.vercel.app/assets/js/themes.js IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (7783), with no line terminators Hash0e9fa7a9c668b4aba84b0b9a19494639 ba80897a6a390b318702af380a30b4b16930bdcd 11f06271f1d96a1b8d71a98116528df77d35ee8bff5bb93048d5d00ddf200851
GET /assets/js/themes.js HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"1d8b-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::772l4-1714840395165-390d4484c4b6
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html | 45.133.44.4 | 200 OK | 1.3 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html IP45.133.44.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (1405), with no line terminators Hash5373f3c4843345dde67db670323b2d54 666b2db9872196e52a2bc902111de5e37aa1ae28 e398fbdac28494dec6505fb0143d4cd41cee83989517e12c13ea113fef006fda
GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:17 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 04 May 2024 17:33:17 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| rubbingwomb.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=384 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1rubbingwomb.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=384 IP172.240.127.234:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectrubbingwomb.com Fingerprint28:99:E5:A5:06:29:BD:6B:17:1F:F4:77:EA:C6:FF:E5:62:DD:0D:31 ValidityMon, 29 Apr 2024 08:21:45 GMT - Sun, 28 Jul 2024 08:21:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=384 HTTP/1.1
Host: rubbingwomb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:33:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| math-help-for-losers.vercel.app/assets/js/functions.js | 76.76.21.142 | 200 OK | 7.5 kB |
URL GET HTTP/2math-help-for-losers.vercel.app/assets/js/functions.js IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeASCII text, with very long lines (8179), with no line terminators Hashcf3f70fb65205d2a3590b20b6187d3d2 1738ee1312394b94880ff0bac423405afc93deae a885bf3bfe57b6b8c827e6f157ed7686da0c42feba4e50f3e09c9ff142f28f02
GET /assets/js/functions.js HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"1d2f-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::6m2cn-1714840395157-825639df2ec4
X-Firefox-Spdy: h2
|
|
| rubbingwomb.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=375 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1rubbingwomb.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=375 IP172.240.127.234:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectrubbingwomb.com Fingerprint28:99:E5:A5:06:29:BD:6B:17:1F:F4:77:EA:C6:FF:E5:62:DD:0D:31 ValidityMon, 29 Apr 2024 08:21:45 GMT - Sun, 28 Jul 2024 08:21:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=375 HTTP/1.1
Host: rubbingwomb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Cookie: u_pl=22891010; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:33:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css | 188.114.96.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css IP188.114.96.1:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:17 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFQHjTHNUArTxNI7SQBwkVyvPS2Ol0%2FYiRDNDwxgK0kmF0TiRRttv0fsQq%2F5907kx0xlpoQsSCoxanF3jVIAjKYkIw5JUF6Iu7oFATuRik1hjGg5GX%2B4kDVYyQVWem6IlISPryzun7c1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e9e4442ae77129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/ | 76.76.21.142 | 200 OK | 4.3 kB |
URL User Request GET HTTP/2math-help-for-losers.vercel.app/ IP76.76.21.142:443
CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeHTML document, ASCII text, with very long lines (4651), with no line terminators Hasha2e282a44ee6d372dad161510324c444 511f143874c4036322c5af93da9b6a54db899633 e72af9dcd371c17e1250fff4f053f875f985cbefbd1bd720cbeeb4eb07bbe9a0
GET / HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 16:33:14 GMT
etag: W/"10e3-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::r4vb2-1714840394615-59d0a4b68934
X-Firefox-Spdy: h2
|
|
| rubbingwomb.com/sbar.json?key=dfd2e1c094b00a158058ce0068d7df84&psid=CF-3448_0 | 172.240.127.234 | 200 OK | 12 kB |
URL GET HTTP/1.1rubbingwomb.com/sbar.json?key=dfd2e1c094b00a158058ce0068d7df84&psid=CF-3448_0 IP172.240.127.234:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subjectrubbingwomb.com Fingerprint28:99:E5:A5:06:29:BD:6B:17:1F:F4:77:EA:C6:FF:E5:62:DD:0D:31 ValidityMon, 29 Apr 2024 08:21:45 GMT - Sun, 28 Jul 2024 08:21:44 GMT
Hash40a61a20505bb7ba96f06592840bb33f 086b8ef543570e7eaca178e6b7425d76f55456e4 814bf4ab99ccf46b974c424d03590dda49b8781809a5f721f8b0e476a181bb18
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=dfd2e1c094b00a158058ce0068d7df84&psid=CF-3448_0 HTTP/1.1
Host: rubbingwomb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 16:33:17 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://math-help-for-losers.vercel.app
Access-Control-Allow-Origin: https://math-help-for-losers.vercel.app
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22891010; expires=Sun, 05 May 2024 16:33:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 16:33:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 16:33:17 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 16:33:17 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 16:33:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e2bd9afcb053142467f64135aee152c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css | 188.114.96.1 | 200 OK | 3.4 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css IP188.114.96.1:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3537), with no line terminators Hashb8a277e051f047a41d3229377460f0c9 596b934114e1b6e3cee15ef19925c7f2ff5607e7 9cf981fe6d59b72cb9d12e4bc958983bac07f16b8f1b40bb1c6ced0bf2d6b2d0
GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://math-help-for-losers.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 16:33:17 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-d1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b2taiQeIXMNV6iy0j%2F3neHZLHaDhm4C%2B%2Fo9WQ81kMSTEo0Y6z57gW87fmTFP1fJxRwUg0PEAOZPuM%2BCyOtsPCsomUSSMwZHwehwzgOU6ZHkag0yb6pzV98noIWfNkXTtMWyI%2BcDEuflb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e9e4442ae57129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 16:33:17 GMT
date: Sat, 04 May 2024 16:33:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| math-help-for-losers.vercel.app/assets/css/menu.css | 76.76.21.142 | 200 OK | 1.2 kB |
URL GET HTTP/2math-help-for-losers.vercel.app/assets/css/menu.css IP76.76.21.142:443
Requested byhttps://math-help-for-losers.vercel.app/ CertificateIssuerLet's Encrypt Subject*.vercel.app FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4 ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT
File typeASCII text, with very long lines (1298), with no line terminators Hashee57e56f32611c0095c6749708aebd14 f326b138f92fd7b9899a07a992a3f91f42fbbc18 315b914e4945c9b1a41b04c9c4b971377a41bc65fc79fc04de28e13e59bbe38b
GET /assets/css/menu.css HTTP/1.1
Host: math-help-for-losers.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://math-help-for-losers.vercel.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0
content-encoding: br
content-type: text/css; charset=UTF-8
date: Sat, 04 May 2024 16:33:15 GMT
etag: W/"4a4-1668f272800"
last-modified: Sat, 20 Oct 2018 01:46:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Express
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::8wqlp-1714840395157-d4ff3fbbf494
X-Firefox-Spdy: h2
|
|