study-assistantph.com/
172.67.157.190301 Moved Permanently 0 B IP 172.67.157.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: study-assistantph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 06 Nov 2022 00:43:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 06 Nov 2022 01:43:07 GMT
Location: https://study-assistantph.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9XMAbvut%2B9mEsL8%2FQEQTRxA2%2BLg2xIAaMpcTxwJmkfEw3bpCCuJfmaV3UGi3g%2BXLOaY77gixKLJjbRh1RG9e1ZZlgw6YYk%2B5nlFr2uR0YgGQe9fNzfS9KDOxHZBOUWRD6lqpKtVADs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7659cb0bccfbb518-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7596
Expires: Sun, 06 Nov 2022 02:49:43 GMT
Date: Sun, 06 Nov 2022 00:43:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5584
Cache-Control: max-age=123661
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:07 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 11:04:08 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Sun, 06 Nov 2022 02:47:45 GMT
Date: Sun, 06 Nov 2022 00:43:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ribO7n5JaluMdQNm/71/+t7xDuXJTg77D59L3a5Ua7XyQMM1Ls/oP118UTDn94tyc7/Qql6dybg=
x-amz-request-id: XRPVTV4BJE6ZBGT9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 23:47:24 GMT
age: 3343
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 65721c4bb41891ecf68203ffef705ca4
2a09349f58f64bf4f505d94e69f366c0ab4047bd
d3de5c7672b59fe38af6f25eab51dfd644d61e196ca70178c3954f9e2fac3995
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106919
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:07 GMT
Etag: "636601c2-117"
Expires: Mon, 07 Nov 2022 06:25:06 GMT
Last-Modified: Sat, 05 Nov 2022 06:25:06 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 65721c4bb41891ecf68203ffef705ca4
2a09349f58f64bf4f505d94e69f366c0ab4047bd
d3de5c7672b59fe38af6f25eab51dfd644d61e196ca70178c3954f9e2fac3995
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=106919
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:07 GMT
Etag: "636601c2-117"
Expires: Mon, 07 Nov 2022 06:25:06 GMT
Last-Modified: Sat, 05 Nov 2022 06:25:06 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 1.0 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ee8642cbd6b496238de35d4c872c4daa
8d8c9ef6901440d66d507219113c70045cd90a39
312306a759bfe1bcec42b74bd5c4bddf09c6e161f7e4baf8493163f3c880eaa5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A76D697A6B7131D3D2B9C8D9D1BD7E874BC583BD7AB345F3D80C2E1C5C3EC43C"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11687
Expires: Sun, 06 Nov 2022 03:57:54 GMT
Date: Sun, 06 Nov 2022 00:43:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1dcf2605eea2658d958949d1eb6d8ab4
f42dfdb583633fb57d1eb1b9335fedac6440faae
fd99ad29d2b6d4511a9ab50e509d6c352d248bfb56a1e4fc2d55b15bbb3d253d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD99AD29D2B6D4511A9AB50E509D6C352D248BFB56A1E4FC2D55B15BBB3D253D"
Last-Modified: Fri, 04 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12595
Expires: Sun, 06 Nov 2022 04:13:03 GMT
Date: Sun, 06 Nov 2022 00:43:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 46a10b33cdb313e3c4039b93d5662dd8
8862cdc2f4ae68523e42bf127e88d871078efe1c
25539c0b97ed6714a1bd0bebbd9fd42cd7b0235b5537ad56a30b290ccd4bbbe8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25539C0B97ED6714A1BD0BEBBD9FD42CD7B0235B5537AD56A30B290CCD4BBBE8"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12808
Expires: Sun, 06 Nov 2022 04:16:36 GMT
Date: Sun, 06 Nov 2022 00:43:08 GMT
Connection: keep-alive
loulouly.net/zone?pub=0&zone_id=3914651&is_mobile=false&domain=study-assistantph.com&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 loulouly.net/zone?pub=0&zone_id=3914651&is_mobile=false&domain=study-assistantph.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 35d92b5d2052d00687b0de0ce3437c71
ddade391e18342b326efdce9712c310a23a0a91a
78152fe7e8ba4c6727d4bfa45b0374a29abf508bcdafbbcf1430fa1fe5383057
GET /zone?pub=0&zone_id=3914651&is_mobile=false&domain=study-assistantph.com&var=&ymid=&var_3= HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 0e439daa60d16f8d9fc1a72f763c25f2
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.dmtgvn.com/wrapper/js/dynamic-engine.js?v=s-ff183091-151b-47af-9790-8a477e06f4e1
92.223.84.84200 OK 2.1 kB URL HTTP/2 cdn.dmtgvn.com/wrapper/js/dynamic-engine.js?v=s-ff183091-151b-47af-9790-8a477e06f4e1
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 0e3ca98573998ec20530c30d2a27a49b
ffe8d9125216fc482f0215f2d72287d675683b55
ca8c96e621e8a067940a3d39701df3f32cfbd388cbc30b3d69f827414ff6a079
GET /wrapper/js/dynamic-engine.js?v=s-ff183091-151b-47af-9790-8a477e06f4e1 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-03T10:03:24+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 34352e233023821559959951162834a8
f825f0ffeb726f63b915d6ef73c59a175228a909
58fb8387566053cc885bf39dc7e0d8ecb996612e6558ad25ec8f9439a4c8545d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5151
Cache-Control: max-age=115296
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:08 GMT
Etag: "63660e5d-116"
Expires: Mon, 07 Nov 2022 08:44:44 GMT
Last-Modified: Sat, 05 Nov 2022 07:18:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad8c9e3183f179782d58d9794888f72f
bc657893fd7474eb9612424c722f2c55c156b734
5ad04f12b0682e75b3f0f996ca4c66412ccadf2a0a5ca84efee408ce4d7c2494
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5AD04F12B0682E75B3F0F996CA4C66412CCADF2A0A5CA84EFEE408CE4D7C2494"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6647
Expires: Sun, 06 Nov 2022 02:33:55 GMT
Date: Sun, 06 Nov 2022 00:43:08 GMT
Connection: keep-alive
loulouly.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5999
Cache-Control: max-age=119018
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:08 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:46:46 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
cdn.betgorebysson.club/apu.php?zoneid=4493436
139.45.195.8200 OK 968 B URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=4493436
IP 139.45.195.8:0
File type ASCII text, with very long lines (801)
Hash 6488d2d9ffca075b8108321f2b7a4d6b
a156377867fd73dd6fd736641cefe24c1cc78ea5
ff998a4f03bbd94d352c41d6a10a3da73de2c1e907e6d12657d7514663bd271a
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=4493436 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: application/javascript
content-length: 968
x-trace-id: 3d587a258218f2bbc7b3fb497eab1924
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=d7fc933769f143d0b28712378bbb5e3e; expires=Mon, 06 Nov 2023 00:43:08 GMT; path=/; secure; SameSite=None
oaidts=1667695388; expires=Mon, 06 Nov 2023 00:43:08 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
loulouly.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Content-Type: application/json
Origin: https://study-assistantph.com
Content-Length: 379
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 0bfb38290e88e765d717d5c51296e3e0
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4a071aba7e415d8fef076431afd5cf35
8fd4984046851a3fbd44b60e5449652a5e35d831
3b524ec5ba4cdb23f5859fa31bc06ecd94546bfd31545db0f262355503d95088
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 00:43:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 12:52:20 GMT
Expires: Thu, 10 Nov 2022 12:52:19 GMT
Etag: "8fd4984046851a3fbd44b60e5449652a5e35d831"
Cache-Control: max-age=388750,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7659cb133a91b505-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4410e0283900e769c122cfbcbdbed143
c5588f7f402a41c39405d7459367eadb893fafaf
c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 00:43:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT
Expires: Thu, 10 Nov 2022 18:25:19 GMT
Etag: "c5588f7f402a41c39405d7459367eadb893fafaf"
Cache-Control: max-age=408730,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7659cb137ffbb50b-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 901
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 06 Nov 2022 00:43:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://study-assistantph.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
cdn.dmtgvn.com/kv-api/v1/get-value?&keyValues[][roxotHost]=study-assistantph.com&pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026
92.223.84.84200 OK 5.4 kB URL HTTP/2 cdn.dmtgvn.com/kv-api/v1/get-value?&keyValues[][roxotHost]=study-assistantph.com&pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 6ad8a3f548013f34333f6a8ddfbdde28
671eb890d3229710a3e945a858a322b7054eee7f
d5295a864aae2125759b2e1e0c900728f6aa027a8cc2f02973222dd6382fe3cc
GET /kv-api/v1/get-value?&keyValues[][roxotHost]=study-assistantph.com&pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: application/json
cache-control: max-age=600, public, s-maxage=600
access-control-allow-origin: *
content-encoding: gzip
cache: STALE
x-cached-since: 2022-11-05T16:43:55+00:00
x-id: sto5-up-gc11
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 1801f26fc8a41248df265e4e53c6117e
bc901b681e0f4673ec8648f6658c982ed1879303
3c2b75375460c94cf81fd811e85bbcd5cade6c6619d76b30aad777d28ae10322
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 00:43:08 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Wed, 09 Nov 2022 21:43:32 GMT
ETag: "bc901b681e0f4673ec8648f6658c982ed1879303"
Last-Modified: Sat, 05 Nov 2022 21:43:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1813
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7659cb14988cfac8-OSL
www.googletagservices.com/tag/js/gpt.js
142.250.74.130200 OK 27 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (41598)
Hash 40d09499087c0072f43f1f42947b2c34
45235a0723de1029ae23100db6ce6c0ee0999306
680d4b910d77c460f9e36426fbc6ac88a2803eac6c4b97ed212fc7101ebab93c
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27352
date: Sun, 06 Nov 2022 00:43:08 GMT
expires: Sun, 06 Nov 2022 00:43:08 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1385 / 63 of 1000 / last-modified: 1667599556"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
loulouly.net/pfe/current/universal.min.js?v=3.1.402
139.45.197.250200 OK 34 kB URL HTTP/2 loulouly.net/pfe/current/universal.min.js?v=3.1.402
IP 139.45.197.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d3419143e5e8c0d25176b98d6b5e9a70
3a0eafa04d2d4bea6dbd740cc583ca80adf8b387
21fbb1de3410808ac4a499daaa6b2440d9e78bade787c45edb403a8292295214
GET /pfe/current/universal.min.js?v=3.1.402 HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:02:53 GMT
etag: W/"63626a7d-180b9"
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
eehuzaih.com/500/5041469?excludes=&oaid=6afe038553a34a77b011fb69c3b457b9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 eehuzaih.com/500/5041469?excludes=&oaid=6afe038553a34a77b011fb69c3b457b9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5041469?excludes=&oaid=6afe038553a34a77b011fb69c3b457b9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://study-assistantph.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 6bb9990fc521832208f25ccf5261b719
be8acfb80dfc034d5cbd7dabb318ea8853762c10
677f03256dacdc519c12971fd422fe1afa0ecca3864f4e8f7aa0bed4eecd9c38
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73397
date: Sun, 06 Nov 2022 00:43:08 GMT
access-control-allow-origin: *
etag: "63575841-11eb5"
expires: Sun, 06 Nov 2022 01:43:08 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=study-assistantph.com
142.250.74.98200 OK 70 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=study-assistantph.com
IP 142.250.74.98:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8f73080e1d51cb102555831d732e6508
8bbb08c1b74361e01cdd73b8da603a7840cec627
ff3153caf7c035053d4bbe5282d21513a4f4e1b8c59a5335c9376c2f7cf69de4
GET /pagead/ppub_config?ippd=study-assistantph.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Sun, 06 Nov 2022 00:43:09 GMT
expires: Sun, 06 Nov 2022 00:43:09 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 70
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 00:58:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
142.250.74.98200 OK 131 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (65241)
Size 131 kB (130882 bytes)
Hash 7bccd7148d49d417884b50301d799ee0
64d21448f9051688012cdb5bb574a926b412e031
3425e1460498dc167b2aab7803166a0629a1d72914615755db2d222bc31c7c2e
GET /gpt/pubads_impl_2022110101.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 130882
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 10:30:45 GMT
expires: Wed, 01 Nov 2023 10:30:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 01 Nov 2022 08:35:09 GMT
content-type: text/javascript
age: 396744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b3f8417b7457d0ecc5fbfe29b7a94702
1456a274619bf3e8b11c7331c0a2f610bc8ab242
4a43b09bc9f2ea86707168c8d95283272298eba15b908c345c60e75094c68a0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5080
Cache-Control: max-age=89305
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:09 GMT
Etag: "6365a91e-117"
Expires: Mon, 07 Nov 2022 01:31:34 GMT
Last-Modified: Sat, 05 Nov 2022 00:06:54 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 279
offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
104.22.33.172200 OK 44 kB URL HTTP/2 offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
IP 104.22.33.172:0
File type gzip compressed data, max speed, from Unix\012- data
Hash d161dc4f167a0961e55a461d5cdd7ab2
aae4e3db33fa3e5fa77209723e10de7218cf7a9e
63aa431feb6c70f05afc92a12ddab4f06368443648234d70d6d9237e57306bbb
GET /www/images/e27e78d3b01907b714b7d939d7eed85d.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 00:43:09 GMT
content-type: image/png
content-length: 43157
last-modified: Sun, 27 Sep 2020 15:59:04 GMT
etag: "5f70b6c8-a895"
expires: Sun, 06 Nov 2022 11:31:24 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 47505
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7659cb16882d9939-ARN
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88477929?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A767273687274%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004307%3Aet%3A1667695388%3Ac%3A1%3Arn%3A391825232%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C%2C%2C%2C684%3Ans%3A1667695385664%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/88477929?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A767273687274%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004307%3Aet%3A1667695388%3Ac%3A1%3Arn%3A391825232%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C%2C%2C%2C684%3Ans%3A1667695385664%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash f3aec68fbb64a741a9cbce14e6112454
ff6d0e4ca9ec7a2757636c8a11e62678c4186300
bc693fbaa8731d91c48c5e9d41f0610baf8cd8e719211777284676f8e3b067d6
GET /watch/88477929?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A767273687274%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004307%3Aet%3A1667695388%3Ac%3A1%3Arn%3A391825232%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C%2C%2C%2C684%3Ans%3A1667695385664%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/88477929/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A767273687274%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004307%3Aet%3A1667695388%3Ac%3A1%3Arn%3A391825232%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C%2C%2C%2C684%3Ans%3A1667695385664%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 06 Nov 2022 00:43:09 GMT
access-control-allow-origin: https://study-assistantph.com
set-cookie: yandexuid=3587733011667695389; Expires=Mon, 06-Nov-2023 00:43:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3587733011667695389; Expires=Mon, 06-Nov-2023 00:43:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=342601271667695389; Path=/; SameSite=None; Secure
i=bkinMchBcZKd4XkyDXOjwwTz6oW4tEFu1SvRu2YOnS+WcrPj3PpFAAwVdAVQQu2Ds7ciQSEIPefytUNBclKk7y+7h+I=; Expires=Wed, 03-Nov-2032 00:42:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699231389.yrts.1667695389#1699231389.yrtsi.1667695389; Expires=Mon, 06-Nov-2023 00:43:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 06-Nov-2022 00:43:09 GMT
last-modified: Sun, 06-Nov-2022 00:43:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 06 Nov 2022 00:43:09 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Sun, 06 Nov 2022 01:43:09 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=study-assistantph.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=study-assistantph.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=study-assistantph.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 06 Nov 2022 00:43:09 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=study-assistantph.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=study-assistantph.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=study-assistantph.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 06 Nov 2022 00:43:09 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3ff7365e9bccadd6abccf5eff2c8075b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
142.250.74.65200 OK 3.0 kB URL HTTP/2 3ff7365e9bccadd6abccf5eff2c8075b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash 0193525c83a04aba8fa3caf53d9aac05
ec27db82404e05017dd9b66206d03c2f623ca8d6
1f57111c09ecc489613040fb1f8ec3e9458f6d58bdacfd3669a10ba338a4c9d0
GET /safeframe/1-0-39/html/container.html HTTP/1.1
Host: 3ff7365e9bccadd6abccf5eff2c8075b.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2988
date: Sun, 06 Nov 2022 00:43:09 GMT
expires: Mon, 06 Nov 2023 00:43:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
loulouly.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Content-Type: application/json
Origin: https://study-assistantph.com
Content-Length: 740
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 4d3200841e78926f5bf78706b330c416
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ddc6a0cfefdd9a13363f6399a532c121
6cefb6aa5c2e43f48e71e6d3622f2346a6a6e37b
bc243a1df25ca688919bea318afef2e8691969b9b97888cb32b8a4cc2429e27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6419
Cache-Control: max-age=90647
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:09 GMT
Etag: "6365a921-1d7"
Expires: Mon, 07 Nov 2022 01:53:56 GMT
Last-Modified: Sat, 05 Nov 2022 00:06:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ddc6a0cfefdd9a13363f6399a532c121
6cefb6aa5c2e43f48e71e6d3622f2346a6a6e37b
bc243a1df25ca688919bea318afef2e8691969b9b97888cb32b8a4cc2429e27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6419
Cache-Control: max-age=90647
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:09 GMT
Etag: "6365a921-1d7"
Expires: Mon, 07 Nov 2022 01:53:56 GMT
Last-Modified: Sat, 05 Nov 2022 00:06:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=36df01d8-d2c5-4226-9528-40d38155fa6f&l_pb_bid_id=48cded5c6a0f348&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6907255404253296
213.19.162.51200 OK 304 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=36df01d8-d2c5-4226-9528-40d38155fa6f&l_pb_bid_id=48cded5c6a0f348&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6907255404253296
IP 213.19.162.51:0
File type JSON data\012- , ASCII text, with very long lines (304), with no line terminators
Hash a80edf2604ee22a72f7bd0fd0e83267e
b3ceafd1ae3ac9bbb53a463efac6818dd2a8cbab
a1a44df9ce691e241ee5558c961a80b9d8bfeb2316dbca136ebeab622a0bac70
GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=36df01d8-d2c5-4226-9528-40d38155fa6f&l_pb_bid_id=48cded5c6a0f348&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6907255404253296 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Sun, 06 Nov 2022 00:43:09 GMT
Content-Type: application/json
Content-Length: 304
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LA4MRY7K-C-AQ9C; Domain=.rubiconproject.com; Path=/; Expires=Mon, 06-Nov-2023 00:43:09 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/EgBxUbpldBMZu9DtVM30fCgQUwRKC0W4tDvB92DITIJ4T9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 06-Nov-2023 00:43:09 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=9351ce20-836b-4d01-a429-9d8fbd818094&l_pb_bid_id=8ac3f4ac40e98a8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8446818238474777
213.19.162.51200 OK 312 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=9351ce20-836b-4d01-a429-9d8fbd818094&l_pb_bid_id=8ac3f4ac40e98a8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8446818238474777
IP 213.19.162.51:0
File type JSON data\012- , ASCII text, with very long lines (312), with no line terminators
Hash daff2de6bca8990815eb7bb497f6f869
9c83a60f7d4763d1de04e08ea8577bf7306816a8
a64aff459265497a7e43dde120c750775e12a7abe99b8362e0abd92f20f02ebb
GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=9351ce20-836b-4d01-a429-9d8fbd818094&l_pb_bid_id=8ac3f4ac40e98a8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8446818238474777 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Sun, 06 Nov 2022 00:43:09 GMT
Content-Type: application/json
Content-Length: 312
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LA4MRY7P-1H-5KX8; Domain=.rubiconproject.com; Path=/; Expires=Mon, 06-Nov-2023 00:43:09 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqKd1NZEdqXtO9DtVM30fCgQUwRKC0W4tDvB92DITIJ4T9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 06-Nov-2023 00:43:09 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c0333ce053f07eff3051dd6a60836e8d
6d6e8eb6e31444db83624f5b5f430048bce73c51
35ebffeff3dfc0708741a0daed8a39508995cea7dc0e03699e8ae2a9661fc4c0
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 476
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 00:43:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: f7fdb23c-40ec-4722-8e81-8617ad12160a
Set-Cookie: icu=ChgIx9p7EAoYASABKAEwnYacmwY4AUABSAEQnYacmwYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 00:43:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=1618739868865945132; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 00:43:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ee8bae0a3f2cde2e2d382f77f81bdc7e
613dd225b2166a0d707a05d7269a72349924b593
1a793c0e194dbd57ec41b416e5d68326a8e3096a54a3e1ad2c1d2d9afed8b554
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 611
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 00:43:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: 243cbaff-df4f-491f-987b-5fb9d3c34a5b
Set-Cookie: icu=ChgIx9p7EAoYASABKAEwnYacmwY4AUABSAEQnYacmwYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 00:43:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=1531052459272329138; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 00:43:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110101&st=env
216.58.207.194200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110101&st=env
IP 216.58.207.194:0
File type JSON data\012- , ASCII text, with very long lines (14869), with no line terminators
Hash 04ab8b7e5343c492442770dea243e094
af2e0da79ee55c74c584e0884bf645f6e6132492
16b4b1fa28702fedcff8bf6c96c55d16e091a14bbe0fb4cca0ddf6151377a0ac
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022110101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 06 Nov 2022 00:43:09 GMT
server: cafe
content-length: 11223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 38fc4862052e168e0c1ae67eeb1ac280
725354e1375318e4528703224b81bfa51b0d4167
6bb8388db39898395cffa818df622bfb198f4b0fc2020b34b69816fab850275a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 06 Nov 2022 00:43:09 GMT
expires: Sun, 06 Nov 2022 00:43:09 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 07:26:35 GMT
expires: Sat, 04 Nov 2023 07:26:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 148594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash d5af5f3600e12a74ff63ffb2dd2f4ba6
05f1e796a4f87a04f467185819291bb61dcb00ab
b28eaffd0a29b1ee21162a11f495deb65869cc8465b98cb673a739605a93cff8
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 06 Nov 2022 00:43:10 GMT
date: Sun, 06 Nov 2022 00:43:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-xmtZFJIiAEP1wPLUR3OG4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e3713530a7634eba2c08d88565eb6ca0
a22a01d077e04e91721ded22324113bc4832b662
66025140d50130acea481c32c4303c7e9f3e4e4f298b0bedf4c7bd7a2b0384ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66025140D50130ACEA481C32C4303C7E9F3E4E4F298B0BEDF4C7BD7A2B0384ED"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18570
Expires: Sun, 06 Nov 2022 05:52:40 GMT
Date: Sun, 06 Nov 2022 00:43:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e3713530a7634eba2c08d88565eb6ca0
a22a01d077e04e91721ded22324113bc4832b662
66025140d50130acea481c32c4303c7e9f3e4e4f298b0bedf4c7bd7a2b0384ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66025140D50130ACEA481C32C4303C7E9F3E4E4F298B0BEDF4C7BD7A2B0384ED"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18477
Expires: Sun, 06 Nov 2022 05:51:07 GMT
Date: Sun, 06 Nov 2022 00:43:10 GMT
Connection: keep-alive
worker.sttsmntz.ru/stats/format
158.160.4.42200 OK 228 B URL HTTP/2 worker.sttsmntz.ru/stats/format
IP 158.160.4.42:0
File type JSON data\012- , ASCII text
Hash ca938b66473aa4c6c746025d484f4f7d
3641b2c0263eb447bc549ae9e2533b812f269bf2
03d08f4a16f84eb62c0bc10d98579f98b1e10a5351f57feeb9233e4560113319
POST /stats/format HTTP/1.1
Host: worker.sttsmntz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ycalb
date: Sun, 06 Nov 2022 00:43:10 GMT
content-type: application/json
content-encoding: gzip
content-length: 228
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
worker.sttsmntz.ru/stats/format
158.160.4.42200 OK 230 B URL HTTP/2 worker.sttsmntz.ru/stats/format
IP 158.160.4.42:0
File type JSON data\012- , ASCII text
Hash 937d3eb36de20795506eaf919836b6d0
036f29409986ac2f0a21faa4f06a4a2b3df5c5c0
c0ddd73333a84825182556c98b47e13421500ccbdc5303fedff56578a537d1ea
POST /stats/format HTTP/1.1
Host: worker.sttsmntz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ycalb
date: Sun, 06 Nov 2022 00:43:10 GMT
content-type: application/json
content-encoding: gzip
content-length: 230
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sun, 06 Nov 2022 00:43:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sun, 06 Nov 2022 00:43:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sun, 06 Nov 2022 00:43:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sun, 06 Nov 2022 00:43:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sun, 06 Nov 2022 00:43:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e6bb0-6105-483c-a458-062b5def579f.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e6bb0-6105-483c-a458-062b5def579f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b57e0952c966aecb83a58899334d3c0a
61281bc92e44de9d7dd7b2cf78c80129de0d4744
66f61b87c463181b71e84082d019d04584be74aeccc352e5e06fe329344f17e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e6bb0-6105-483c-a458-062b5def579f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6540
x-amzn-requestid: 9ea9a5d5-e4cb-4dab-95da-7292876f2b88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bHcIVG8roAMF_Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63660d68-3091f1781e6f8291376d16fa;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 07:14:48 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 15fRmfjSdhjgA8pGVYLXppvo5ytay2FAO_q0oXdPdVjbbPAmWk-cQA==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 08:12:57 GMT
age: 59413
etag: "61281bc92e44de9d7dd7b2cf78c80129de0d4744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93aada35cf6b5ccf56d7c8c49e566a1e
349f301eab8e4cd3732e9b0fbd1675bbbe3e969b
2285236779612c298f54306c6237df079a3329daa415c3f3a9015bf2a75f99aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9331
x-amzn-requestid: d67eca4f-66a8-4366-b2d8-fb424e77b438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJb3lHQmIAMFemg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d9c9-77519cf22b23b7e00a23cacc;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:46:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZiP3LoPE9a2aP16DN-jBzPfGPS_uW4M_qtJ3ilw26cxK6w6mWJOxPQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
etag: "349f301eab8e4cd3732e9b0fbd1675bbbe3e969b"
content-type: image/jpeg
age: 9032
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 06:27:59 GMT
age: 65711
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 9032
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a3c0d6b-cd81-4772-94a1-937791030bda.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a3c0d6b-cd81-4772-94a1-937791030bda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3810bc3af4a82602ea3ac8b37e190223
7bcd12990420b1fe4c5cddab42379a8bd98e434c
5ea3be6ac4acf0b43cb91ce178207253222a187ac72258a84dd949c6765a47f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a3c0d6b-cd81-4772-94a1-937791030bda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7826
x-amzn-requestid: 6fac7ec3-cc5c-4a01-8b40-9756b80c2009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatnFMRIAMF0bQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7f0-41a5bed966d711727c9da746;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:56 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rFeWAFzar11l5KdAJkuAqtwVMowF5biMMU6cHDCiKy0suy_wwxTRfw==
via: 1.1 7b00c3fd9220034414107b03e53b1b8e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 9032
etag: "7bcd12990420b1fe4c5cddab42379a8bd98e434c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55a74005-0af0-4302-9353-9297abcf7976.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55a74005-0af0-4302-9353-9297abcf7976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f175e783e99f623f898eb07578ed28a
c090b3db88d3c2381e7d14d2aab5078fd50be14a
6eaf64d99a8626df553aeeb24a5ee1a69e3d6c32293385dedd6c83dd231c84e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55a74005-0af0-4302-9353-9297abcf7976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8157
x-amzn-requestid: b3004878-0395-4123-843c-f33d040d5989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabZFa6IAMFp1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77b-05b4398b243a9eec020a3b16;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EkY4IRZUrYHRSHX7a2kvsyoGNldygqY6ztTaQwNmSyR8ZouV5nkMAw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:57 GMT
etag: "c090b3db88d3c2381e7d14d2aab5078fd50be14a"
content-type: image/jpeg
age: 10453
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71915284/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1481525448866%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004308%3Aet%3A1667695388%3Ac%3A1%3Arn%3A222272705%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C2216%2C2216%2C1%2C684%3Aeu%3A1%3Ans%3A1667695385664%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
77.88.21.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/71915284/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1481525448866%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004308%3Aet%3A1667695388%3Ac%3A1%3Arn%3A222272705%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C2216%2C2216%2C1%2C684%3Aeu%3A1%3Ans%3A1667695385664%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash a65d195c38d7cb712dbdc4bdb96d6a1f
ee99a4038fd7320753855876e5fa6c5638b42160
e4ee828c727459abde0629a71c0806b73c1136a3258fae32111102f5eea28081
GET /watch/71915284/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1481525448866%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004308%3Aet%3A1667695388%3Ac%3A1%3Arn%3A222272705%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C2216%2C2216%2C1%2C684%3Aeu%3A1%3Ans%3A1667695385664%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Referer: https://study-assistantph.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sun, 06 Nov 2022 00:43:10 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 06-Nov-2022 00:43:10 GMT
last-modified: Sun, 06-Nov-2022 00:43:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71915284?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1481525448866%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004308%3Aet%3A1667695388%3Ac%3A1%3Arn%3A222272705%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C2216%2C2216%2C1%2C684%3Aeu%3A1%3Ans%3A1667695385664%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/71915284?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1481525448866%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004308%3Aet%3A1667695388%3Ac%3A1%3Arn%3A222272705%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C2216%2C2216%2C1%2C684%3Aeu%3A1%3Ans%3A1667695385664%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /watch/71915284?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1481525448866%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004308%3Aet%3A1667695388%3Ac%3A1%3Arn%3A222272705%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C2216%2C2216%2C1%2C684%3Aeu%3A1%3Ans%3A1667695385664%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/71915284/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A646%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1481525448866%3Ahid%3A710385525%3Az%3A0%3Ai%3A20221106004308%3Aet%3A1667695388%3Ac%3A1%3Arn%3A222272705%3Arqn%3A1%3Au%3A1667695388574591518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C86%2C10%2C5%2C293%2C0%2C%2C272%2C7%2C2216%2C2216%2C1%2C684%3Aeu%3A1%3Ans%3A1667695385664%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667695388%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 06 Nov 2022 00:43:10 GMT
access-control-allow-origin: https://study-assistantph.com
set-cookie: yandexuid=1163440651667695390; Expires=Mon, 06-Nov-2023 00:43:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1163440651667695390; Expires=Mon, 06-Nov-2023 00:43:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=173023541667695390; Path=/; SameSite=None; Secure
i=cf7rMHxmvhInxqPQcKdK+twWkfR8liU2TVUyS9otM0bqnaYalp8bAIvBawkjq79tAGKHM3X5Qv8CSpecAzh62vfVMt8=; Expires=Wed, 03-Nov-2032 00:43:09 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699231390.yrts.1667695390#1699231390.yrtsi.1667695390; Expires=Mon, 06-Nov-2023 00:43:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 06-Nov-2022 00:43:10 GMT
last-modified: Sun, 06-Nov-2022 00:43:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
142.250.74.10200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP 142.250.74.10:0
Hash 49dcb3f23a58f998f11d8c2ca1b90a68
0aee92fad52d2f03484a134901a90260af43e913
92223ea8fd1122967d4b3adaec6c401be4ab899e973ed13fb3fb90520cdefcfa
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 00:43:13 GMT
date: Sun, 06 Nov 2022 00:43:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-ff183091-151b-47af-9790-8a477e06f4e1
92.223.84.84200 OK 120 kB URL HTTP/2 cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-ff183091-151b-47af-9790-8a477e06f4e1
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Size 120 kB (120389 bytes)
Hash 2a425f2d0e37b25a22e3abe8490ceda8
1669c338a4c08db88e4a8caf6d1d8d5b3490acb1
a43fb96615ca6d2bd19fe5637fc7810d7d107904ab14147745158cb9d36acb52
GET /wrapper/js/common-engine.js?v=s-ff183091-151b-47af-9790-8a477e06f4e1 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-03T10:02:08+00:00
x-id: sto5-up-gc13
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 00:43:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=study-assistantph.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=study-assistantph.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=study-assistantph.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 06 Nov 2022 00:43:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=2c0032d0-6550-4132-8a69-93d36a82a9fb&l_pb_bid_id=107e6f7da8c03998&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35266040268507937
213.19.162.51200 OK 304 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=2c0032d0-6550-4132-8a69-93d36a82a9fb&l_pb_bid_id=107e6f7da8c03998&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35266040268507937
IP 213.19.162.51:0
File type JSON data\012- , ASCII text, with very long lines (304), with no line terminators
Hash 66fd8f3e9593271a295a898c658d9310
3c0918ac36c0fc92a1565c7f1c36a8e3c416543b
46e8c9d2a0f2b33e41a5c621a7d9aac9bf7f8e3bd0032782dc71c7cddad6c22f
GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=2c0032d0-6550-4132-8a69-93d36a82a9fb&l_pb_bid_id=107e6f7da8c03998&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35266040268507937 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Sun, 06 Nov 2022 00:43:15 GMT
Content-Type: application/json
Content-Length: 304
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LA4MS2G8-2-JQVR; Domain=.rubiconproject.com; Path=/; Expires=Mon, 06-Nov-2023 00:43:15 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoxm9DWrM8+Xe9DtVM30fCgQUwRKC0W4tDk0FDLbiG8Fj9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 06-Nov-2023 00:43:15 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=7ffe3792-f98c-4093-9d78-370ba22e410c&l_pb_bid_id=14a0a4a41e416bb8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9035505412017075
213.19.162.51200 OK 312 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=7ffe3792-f98c-4093-9d78-370ba22e410c&l_pb_bid_id=14a0a4a41e416bb8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9035505412017075
IP 213.19.162.51:0
File type JSON data\012- , ASCII text, with very long lines (312), with no line terminators
Hash 4121f53f454f7160185c093ae23bd546
df1b76f2a934fe4d0d29f5e00939510cabf4e3c2
2390303915bb7a2663ca719cd21194132702159ee1f01e94e94ed0d3d2dbc21c
GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=7ffe3792-f98c-4093-9d78-370ba22e410c&l_pb_bid_id=14a0a4a41e416bb8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9035505412017075 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Sun, 06 Nov 2022 00:43:15 GMT
Content-Type: application/json
Content-Length: 312
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LA4MS2GI-2-2Z99; Domain=.rubiconproject.com; Path=/; Expires=Mon, 06-Nov-2023 00:43:15 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoixmH/lBg2E+9DtVM30fCgQUwRKC0W4tDk0FDLbiG8Fj9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 06-Nov-2023 00:43:15 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b21de32bfae00ca88170c8a2c80df0a7
7bbfb5e0cb3e5e0b1d1d5ad9b58cf7662ed87781
26cf89e323bc6541de60fc7aa2640fdc6b4b8070a7cddc4df0b5ba0a4901dbec
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 476
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 00:43:15 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: cec04648-4972-4c56-ab1b-0b6e39e794dd
Set-Cookie: icu=ChgIx9p7EAoYASABKAEwo4acmwY4AUABSAEQo4acmwYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 00:43:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6824415915769964718; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 00:43:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a04c2ff12a6286ea300c718ee28318c9
e22387eead0a05916e1ee8c3d677692b54bfb6c1
b8c269f3a084debdbd51ce7be8c0b30230d886dca2c179a254e088c4845532db
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 612
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 00:43:15 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: 5a247dcd-f246-4753-8242-a7eccfb5046d
Set-Cookie: icu=ChgIx9p7EAoYASABKAEwo4acmwY4AUABSAEQo4acmwYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 00:43:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4079956648140748668; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 00:43:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
adservice.google.no/adsid/integrator.js?domain=study-assistantph.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=study-assistantph.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=study-assistantph.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 06 Nov 2022 00:43:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
worker.sttsmntz.ru/stats/format
158.160.4.42200 OK 230 B URL HTTP/2 worker.sttsmntz.ru/stats/format
IP 158.160.4.42:0
File type JSON data\012- , ASCII text
Hash 7dee0a8edfd3c494b65fbd8fb0522509
f5b006a152b8ccaee30e9c560d33420e4c955a56
7acd8d0b29a90e5617d79250dfa4a5f4ae5428ac3f4a9b501de0116838a07fd3
POST /stats/format HTTP/1.1
Host: worker.sttsmntz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ycalb
date: Sun, 06 Nov 2022 00:43:15 GMT
content-type: application/json
content-encoding: gzip
content-length: 230
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
worker.sttsmntz.ru/stats/format
158.160.4.42200 OK 229 B URL HTTP/2 worker.sttsmntz.ru/stats/format
IP 158.160.4.42:0
File type JSON data\012- , ASCII text
Hash c5d1acac3806bd241e6963e33b153b9a
70ed91bafa8dda9155a01a15abdf5e5fc7904ab3
676d9ddc2efc795b074ac40e7a581757e387bfa13c09c310bff7b767be71601c
POST /stats/format HTTP/1.1
Host: worker.sttsmntz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ycalb
date: Sun, 06 Nov 2022 00:43:15 GMT
content-type: application/json
content-encoding: gzip
content-length: 229
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
cdn.dmtgvn.com/wrapper-builder/eb107cdf-35a2-42a1-9d1c-f92094e2e026/dynamic.js?host=study-assistantph.com&v=d-1661183947__s-ff183091-151b-47af-9790-8a477e06f4e1
92.223.84.84200 OK 0 B URL HTTP/2 cdn.dmtgvn.com/wrapper-builder/eb107cdf-35a2-42a1-9d1c-f92094e2e026/dynamic.js?host=study-assistantph.com&v=d-1661183947__s-ff183091-151b-47af-9790-8a477e06f4e1
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /wrapper-builder/eb107cdf-35a2-42a1-9d1c-f92094e2e026/dynamic.js?host=study-assistantph.com&v=d-1661183947__s-ff183091-151b-47af-9790-8a477e06f4e1 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-03T13:26:05+00:00
x-id: sto5-up-gc14
X-Firefox-Spdy: h2
cdn.dmtgvn.com/wrapper/js/prebid.js?v=s-ff183091-151b-47af-9790-8a477e06f4e1
92.223.84.84200 OK 0 B URL HTTP/2 cdn.dmtgvn.com/wrapper/js/prebid.js?v=s-ff183091-151b-47af-9790-8a477e06f4e1
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /wrapper/js/prebid.js?v=s-ff183091-151b-47af-9790-8a477e06f4e1 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-03T10:28:01+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2
cdn.dmtgvn.com/wrapper/js/manager.js?pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026
92.223.84.84200 OK 0 B URL HTTP/2 cdn.dmtgvn.com/wrapper/js/manager.js?pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /wrapper/js/manager.js?pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:07 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=600, public, s-maxage=600
access-control-allow-origin: *
content-encoding: gzip
cache: STALE
x-cached-since: 2022-11-05T22:31:30+00:00
x-id: sto5-up-gc14
X-Firefox-Spdy: h2
eehuzaih.com/400/5041469
139.45.197.237200 OK 0 B IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5041469 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: application/javascript
x-trace-id: f243f632e9fe08783a61e250d0a835ab
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9ac8c2817c754f1d9f032452964b2e02; expires=Mon, 06 Nov 2023 00:43:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
loulouly.net/pfe/current/tag.min.js?z=3914651
139.45.197.250200 OK 0 B URL HTTP/2 loulouly.net/pfe/current/tag.min.js?z=3914651
IP 139.45.197.250:0
GET /pfe/current/tag.min.js?z=3914651 HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:02:53 GMT
etag: W/"63626a7d-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.dmtgvn.com/wrapper-builder/placement/d3569df2-db2e-46af-b0c2-a97b7f18e4d4?v=d-1661183947
92.223.84.84200 OK 0 B URL HTTP/2 cdn.dmtgvn.com/wrapper-builder/placement/d3569df2-db2e-46af-b0c2-a97b7f18e4d4?v=d-1661183947
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /wrapper-builder/placement/d3569df2-db2e-46af-b0c2-a97b7f18e4d4?v=d-1661183947 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: application/json
cache-control: max-age=31536000, public, s-maxage=31536000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-03T13:26:06+00:00
x-id: sto5-up-gc14
X-Firefox-Spdy: h2
cdn.dmtgvn.com/wrapper-builder/placement/4ff18346-1bc6-4f5c-915c-d367f8a53b59?v=d-1661183947
92.223.84.84200 OK 0 B URL HTTP/2 cdn.dmtgvn.com/wrapper-builder/placement/4ff18346-1bc6-4f5c-915c-d367f8a53b59?v=d-1661183947
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /wrapper-builder/placement/4ff18346-1bc6-4f5c-915c-d367f8a53b59?v=d-1661183947 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 00:43:08 GMT
content-type: application/json
cache-control: max-age=31536000, public, s-maxage=31536000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-03T13:26:06+00:00
x-id: sto5-up-gc13
X-Firefox-Spdy: h2
study-assistantph.com/
172.67.157.190200 OK 0 B IP 172.67.157.190:0
GET / HTTP/1.1
Host: study-assistantph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 06 Nov 2022 00:43:07 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Sun, 06 Nov 2022 16:43:55 GMT
cf-cache-status: HIT
age: 28752
last-modified: Sat, 05 Nov 2022 16:43:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWnNt87HR6DOUsCr2QqmpuJmjqI3cJQiUZFQZL37sr1SBIS9rsGeKMWPj6G5jn%2Foo79KIHXlTWiNT291lHbDw7%2BPVzj%2Fotyb%2BTbqEmC9Ed47Y8WNIO65g%2BvQhRluXgnMpUxoe9ndpeU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7659cb0dae2bb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2