Overview

URL study-assistantph.com/
IP172.67.157.190
ASNCLOUDFLARENET
Location United States
Report completed2022-09-25 08:14:04 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-25 2 cdn.betgorebysson.club/apu.php?zoneid=4493436 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-25 2 fleraprt.com Sinkholed
2022-09-25 2 eehuzaih.com Sinkholed
2022-09-25 2 eehuzaih.com Sinkholed
2022-09-25 2 eehuzaih.com Sinkholed
2022-09-25 2 eehuzaih.com Sinkholed


Files

No files detected



Passive DNS (32)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS offerimage.com (1) 304078 2019-06-10 11:11:53 UTC 2022-09-24 22:13:35 UTC 104.22.32.172
mnemonic passive DNS pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-09-25 02:56:47 UTC 216.58.207.194
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-24 04:22:29 UTC 34.120.237.76
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-25 01:26:54 UTC 104.18.32.68
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-25 04:51:16 UTC 34.117.237.239
mnemonic passive DNS mc.yandex.ru (6) 2672 2017-01-29 05:34:36 UTC 2022-09-24 18:45:26 UTC 87.250.251.119
mnemonic passive DNS adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-09-25 06:22:38 UTC 216.58.207.226
mnemonic passive DNS study-assistantph.com (2) 0 2021-01-28 05:59:35 UTC 2022-09-25 00:35:05 UTC 104.21.14.47 Unknown ranking
mnemonic passive DNS fastlane.rubiconproject.com (4) 459 2017-01-30 04:49:40 UTC 2022-09-24 05:14:57 UTC 213.19.162.41
mnemonic passive DNS tpc.googlesyndication.com (2) 126 2015-02-20 14:12:31 UTC 2022-09-25 05:00:42 UTC 142.250.74.33
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-09-24 04:21:50 UTC 23.36.77.32
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-25 05:23:09 UTC 104.18.21.226
mnemonic passive DNS adservice.google.no (1) 96969 2017-09-26 14:23:08 UTC 2022-09-25 04:50:39 UTC 216.58.211.2
mnemonic passive DNS 145a5ad73c368c66fc91d69920dbebc3.safeframe.googlesyndication.com (1) 0 No data No data 142.250.74.65 Domain (googlesyndication.com) ranked at: 1586
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-25 00:29:21 UTC 142.250.74.10
mnemonic passive DNS study-assistantph.com (2) 0 2021-01-28 05:59:35 UTC 2022-09-25 00:35:05 UTC 172.67.157.190 Unknown ranking
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-24 23:36:55 UTC 172.67.194.45 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (13) 175 2017-06-14 07:23:31 UTC 2022-09-24 04:23:20 UTC 142.250.74.3
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-24 08:04:49 UTC 139.45.195.8
mnemonic passive DNS securepubads.g.doubleclick.net (2) 190 2013-05-31 04:19:39 UTC 2022-09-25 00:00:34 UTC 216.58.207.194
mnemonic passive DNS worker.sttsmntz.ru (4) 0 2022-07-28 17:31:37 UTC 2022-09-24 12:57:10 UTC 158.160.4.42 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-25 04:49:39 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS loulouly.net (6) 526023 2020-12-16 03:00:28 UTC 2022-09-25 00:48:22 UTC 139.45.197.250
mnemonic passive DNS cdn.betgorebysson.club (1) 149925 2020-07-24 15:19:13 UTC 2022-09-25 08:01:19 UTC 139.45.195.8
mnemonic passive DNS fleraprt.com (1) 0 2022-01-14 22:55:14 UTC 2022-09-25 02:53:14 UTC 139.45.195.254 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (1) 867 2020-06-04 20:08:41 UTC 2022-09-25 05:48:33 UTC 143.204.55.35
mnemonic passive DNS cdn.dmtgvn.com (8) 93672 2021-08-12 17:41:42 UTC 2022-09-24 17:08:38 UTC 92.223.97.97
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-25 04:17:50 UTC 93.184.220.29
mnemonic passive DNS eehuzaih.com (4) 0 2022-02-21 11:12:25 UTC 2022-09-25 08:02:05 UTC 139.45.197.237 Unknown ranking
mnemonic passive DNS ib.adnxs.com (4) 241 2012-05-23 22:36:14 UTC 2022-09-25 04:49:17 UTC 185.89.210.90
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-25 04:51:02 UTC 142.250.74.164
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-25 05:42:52 UTC 34.160.144.191


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.157.190

Date UQ / IDS / BL URL IP
2022-11-05 16:44:05 +0000
0 - 0 - 6 study-assistantph.com/ 172.67.157.190
2022-10-04 10:38:07 +0000
0 - 0 - 2 blueicetraders.com/oiro/teumr 172.67.157.190
2022-10-04 10:37:07 +0000
0 - 0 - 2 blueicetraders.com/oiro/iueqst 172.67.157.190
2022-10-03 02:24:24 +0000
0 - 0 - 2 blueicetraders.com/oiro/smsnudei 172.67.157.190
2022-10-03 02:20:33 +0000
0 - 0 - 2 blueicetraders.com/oiro/teumr 172.67.157.190

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-08 19:00:09 +0000
0 - 0 - 17 is.gd/Takarek 104.25.234.53
2022-12-08 19:00:03 +0000
0 - 0 - 2 www.cordewnew.one/go/ff7a8db1-544e-43f4-a395- (...) 188.114.96.1
2022-12-08 18:58:15 +0000
0 - 0 - 0 www.17track.net/en 172.66.40.15
2022-12-08 18:57:32 +0000
0 - 0 - 3 cba-helpcentre.info/a1b2c3/a3108610565f3046e8 (...) 104.21.33.36
2022-12-08 18:56:36 +0000
0 - 0 - 2 cba-australia.support/a1b2c3/f0fbea4f791ac2f6 (...) 172.67.172.131

Last 5 reports on domain: study-assistantph.com

Date UQ / IDS / BL URL IP
2022-11-06 00:43:18 +0000
0 - 0 - 4 study-assistantph.com/ 104.21.14.47
2022-11-05 16:44:05 +0000
0 - 0 - 6 study-assistantph.com/ 172.67.157.190
2022-10-02 16:38:36 +0000
0 - 0 - 5 study-assistantph.com/ 172.67.157.190
2022-09-25 08:14:04 +0000
0 - 0 - 6 study-assistantph.com/ 172.67.157.190
2022-09-20 00:05:16 +0000
0 - 0 - 2 study-assistantph.com/ 104.21.14.47

No other reports with similar screenshot



JavaScript

Executed Scripts (29)


Executed Evals (108)

#1 JavaScript::Eval (size: 238, repeated: 1) - SHA256: f25953bb8ca29fc13cca5856ed2a6ca2deea5864ea2cdde0f8ea2acc7e01cc6d

                                        0, Nu = function(Y, G, R, g, M, X, D, H, A, q) {
    for (A = M[3] | (H = 0, 0), q = M[2] | 0; 14 > H; H++) g = g >>> D | g << G, g += R | 0, R = R << 3 | R >>> 29, A = A >>> D | A << G, g ^= q + Y, A += q | 0, A ^= H + Y, q = q << 3 | q >>> 29, R ^= g, q ^= A;
    return [R >>> G & X, R >>> 16 & X, R >>> D & X, R >>> 0 & X, g >>> G & X, g >>> 16 & X, g >>> D & X, g >>> 0 & X]
}
                                    

#2 JavaScript::Eval (size: 53, repeated: 1) - SHA256: e55373fba252ef862e1b120083b2f45c0d7907020bb016b2d8cdb5deeecd77aa

                                        0, V = function(Y, G, R) {
    return R.j ? YD(R, R.V) : ob(Y, G, R, Y)
}
                                    

#3 JavaScript::Eval (size: 81, repeated: 1) - SHA256: 5eeaf1186f0e2b16f9cf0e877f40306924c74970c6b7ecc46e456697ffd5cef7

                                        (() => {
    const a = async
    function name() {};
    window['0wi8gmih7y7q'] = true;
})()
                                    

#4 JavaScript::Eval (size: 38176, repeated: 1) - SHA256: 3084b25a57bec3d2523c0e93795865fa10a7cbd820c400fbb457d31ab6557564

                                        //# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjogMywic291cmNlcyI6WyIiXSwic291cmNlc0NvbnRlbnQiOlsiICJdLCJuYW1lcyI6WyJjbG9zdXJlRHluYW1pY0J1dHRvbiJdLCJtYXBwaW5ncyI6IkFBQUE7QUFBQTtBQUFBO0FBQUE7QUFBQTtBQUFBO0FBQUEifQ==
(function() {
    var J = function(Y, G, R, g, M) {
            return (Y | ((Y | 4) >> 4 || (G.j ? M = YD(G, G.V) : (g = ob(8, true, G, 8), g & 128 && (g ^= 128, R = ob(8, true, G, 2), g = (g << 2) + (R | 0)), M = g)), 8)) == Y && (g = Rb[G.F](G.YW), g[G.F] = function() {
                return R
            }, g.concat = function(X) {
                R = X
            }, M = g), M
        },
        d = function(Y, G, R, g, M, X, D, H, A, q, S, a, m) {
            if ((R & 70) == (2 == ((R ^ 70) & 7) && (m = (D = G[Y] << 24 | G[(Y | 0) + 1] << 16, X = G[-2 * ~Y + (~Y ^ 2) + g * (~Y & 2) + (Y | -3)] << M, -~D + (D ^ X) + (~D | X)) | G[-4 * ~(Y & g) + -8 + g * (Y ^ g) + 2 * (~Y | g)]), R))
                if (X = "array" === GQ("object", "number", Y) ? Y : [Y], this.A) g(this.A);
                else try {
                    D = !this.L.length, G = [], U(0, [Xq, G, X], this, 3), U(0, [gx, g, G], this, 6), M && !D || M$(true, M, true, false, this)
                } catch (v) {
                    z("~", 35, 0, v, this), g(this.A)
                }
                return ((R ^ 21) & 5 || (m = a = function() {
                    if (D.h == D) {
                        if (D.O) {
                            var v = [Ag, G, X, void 0, H, A, arguments];
                            if (Y == g) var e = M$(true, false, (U(0, v, D, 11), false), false, D);
                            else if (Y == M) {
                                var B = !D.L.length;
                                U(0, v, D, 18), B && M$(true, false, false, false, D)
                            } else e = $D(424, v, 29, D);
                            return e
                        }
                        H && A && H.removeEventListener(A, a, q$)
                    }
                }), R ^ 47) >> 4 || (A = G & M, H = SX, D = [-3, -76, -36, 8, -24, -56, D, 27, 67, -33], S = Rb[X.F](X.Hp), S[X.F] = function(v) {
                    A = (q = (A += 6 + M * G, v), -1 - ~A) - (A & -8)
                }, S.concat = function(v, e, B, N) {
                    return (v = (q = (e = -(B = Y % 16 + 1, B) * q - 108 * Y * Y * q + D[A + 11 & M] * Y * B + 3 * Y * Y * B + A + 36 * q * q - -2736 * Y * q + (H() | 0) * B - 252 * q, void 0), D[e]), D[(N = A + 53, -1 - ~N + (~N ^ M) - (N | -8)) + (g * (G | g) - -2 + ~(G | g) + (~G ^ g))] = v, D)[A + (G & g)] = -76, v
                }, m = S), m
        },
        Q = function(Y, G, R, g, M, X, D, H, A, q, S, a, m) {
            if (1 == (Y >> 1 & 7))
                if (D = M.C.U[String(g)]) {
                    for (H = !(q = (D = D.concat(), 0), 0); q < D.length; ++q)(A = D[q]) && !A.H && A.capture == X && (a = A.hb || A.src, S = A.listener, A.Y && ab(7, 3, G, A, M.C), H = false !== S.call(a, R) && H);
                    m = H && !R.defaultPrevented
                } else m = true;
            if ((Y - 5 ^ 26) >= Y && (Y - 3 | 34) < Y)
                for (D in X = G, g.U) {
                    for (M = (H = g.U[D], G); M < H.length; M++) ++X, h(32, H[M], R);
                    delete(g.T--, g).U[D]
                }
            return 3 == ((((Y + 9 & 60) < Y && (Y - 3 ^ 25) >= Y && (this.W = k.document || document), Y) ^ 17) >> 4 || ("function" === typeof G ? m = G : (G[mE] || (G[mE] = function(v) {
                return G.handleEvent(v)
            }), m = G[mE])), (Y ^ 50) & 7) && (X = U(G, g, R, 32), (M = 0 <= X) && Array.prototype.splice.call(R, X, G), m = M), m
        },
        jX = function(Y, G, R, g, M, X, D, H, A) {
            if (((14 > (G << 2 & 16) && 28 <= G >> 1 && (this.h = R), 4) == G - 9 >> 4 && (A = function() {}, M = void 0, X = Jg(R, function(q) {
                    A && (g && vD(g), M = q, A(), A = void 0)
                }, !!g)[0], H = {
                    invoke: function(q, S, a, m, v) {
                        function e() {
                            M(function(B) {
                                vD(function() {
                                    q(B)
                                })
                            }, a)
                        }
                        if (!S) return m = X(a), q && q(m), m;
                        M ? e() : (v = A, A = function() {
                            v(), vD(e)
                        })
                    }
                }), 2) == (G >> 1 & Y))
                if (X = g.length, X > R) {
                    for (M = (D = Array(X), R); M < X; M++) D[M] = g[M];
                    H = D
                } else H = [];
            return H
        },
        UD = function(Y, G, R, g, M, X, D, H, A) {
            return (((G + 5 & 74) >= G && (G + 4 ^ 8) < G && (R.H ? X = true : (D = new u(g, this), M = R.listener, H = R.hb || R.src, R.Y && b(null, 28, "on", 1, R), X = M.call(H, D)), A = X), G | 24) == G && (R.az = function() {
                return R.Pp ? R.Pp : R.Pp = new R
            }, R.Pp = void 0), 5 > (G ^ Y) && 0 <= (G ^ 5) >> 4) && (X = g, X = (D = X << 13, (X | D) - 2 * (X & D) - ~X + (~X | D)), X ^= X >> 17, X = (H = X << 5, ~(X & H) - 2 * ~X + ~(X | H) + 2 * (~X & H)), (X &= M) || (X = 1), A = R ^ X), A
        },
        zQ = function(Y, G, R, g, M, X, D, H, A, q, S) {
            if (18 > (g ^ 2) && 3 <= ((g ^ 60) & 7))
                if (G.classList) Array.prototype.forEach.call(R, function(a, m) {
                    G.classList ? G.classList.add(a) : eX(63, 26, 0, Y, a, G) || (m = b(null, 64, Y, "", G), h(25, G, Y, m + (0 < m.length ? " " + a : a)))
                });
                else {
                    for (X in M = (((D = {}, Array).prototype.forEach.call(T(5, Y, G), function(a) {
                            D[a] = true
                        }), Array.prototype).forEach.call(R, function(a) {
                            D[a] = true
                        }), ""), D) M += 0 < M.length ? " " + X : X;
                    h(26, G, Y, M)
                }
            if (2 == g + 5 >> 3) {
                for (H = X = 0; H < G.length; H++) X += G.charCodeAt(H), X += X << 10, X ^= X >> 6;
                S = (A = new Number((q = (X += X << 3, X ^= X >> 11, X + (X << 15)) >>> 0, q & (D = 1 << R, -~(D & 1) + -4 - ~(D | 1)))), A[0] = (q >>> R) % M, A)
            }
            return g + 9 & 13 || (S = Rb[R](Rb.prototype, {
                console: G,
                stack: G,
                pop: G,
                floor: G,
                propertyIsEnumerable: G,
                document: G,
                length: G,
                call: G,
                prototype: G,
                parent: G,
                splice: G,
                replace: G
            })), S
        },
        b = function(Y, G, R, g, M, X, D, H, A, q) {
            if (1 == ((G - 5 | 20) >= G && (G - 1 ^ 28) < G && (q = (X = L[R.substring(0, 3) + "_"]) ? X(R.substring(3), g, M) : dx(16, g, 3, R)), G - 2 & 11))
                for (H = X.length, A = "string" === typeof X ? X.split(g) : X, D = R; D < H; D++) D in A && M.call(void 0, A[D], D, X);
            return ((G & 60) == G && "number" !== typeof M && M && !M.H && ((X = M.src) && X[iM] ? ab(7, 18, g, M, X.C) : (D = M.proxy, H = M.type, X.removeEventListener ? X.removeEventListener(H, D, M.capture) : X.detachEvent ? X.detachEvent(dx(16, H, 18, R), D) : X.addListener && X.removeListener && X.removeListener(D), N$--, (A = T(72, X)) ? (ab(7, 19, g, M, A), 0 == A.T && (A.src = Y, X[xD] = Y)) : h(56, M, true))), G << 1 & 15) || (q = typeof M.className == R ? M.className : M.getAttribute && M.getAttribute("class") || g), q
        },
        h = function(Y, G, R, g, M, X, D, H) {
            return (Y - 2 ^ (Y << (4 == (3 == ((Y | 88) == Y && (X = typeof M, D = X != G ? X : M ? Array.isArray(M) ? "array" : X : "null", H = D == R || D == G && typeof M.length == g), (Y | 3) >> 3) && (typeof G.className == R ? G.className = g : G.setAttribute && G.setAttribute("class", g)), Y - 9 & 14) && (H = !!(g = G.X, -~(g & R) + (g & ~R) + (~g | R))), 1) & 15 || (G.H = R, G.listener = null, G.proxy = null, G.src = null, G.hb = null), 3)) < Y && (Y + 7 & 26) >= Y && (this.type = R, this.currentTarget = this.target = G, this.defaultPrevented = this.l = false), H
        },
        kD = function(Y, G, R, g, M, X, D, H) {
            if (g - 9 << 1 >= (1 == (g >> 2 & 7) && (M = V(Y, R, G), -~(M & 128) - -1 + 2 * (M ^ 128) + 2 * (~M ^ 128) && (M = (M | 0) + 127 - (M | 127) | V(Y, R, G) << 7), H = M), g) && (g - 1 | 16) < g) {
                for (X = (D = J(3, G), 0); 0 < M; M--) X = X << Y | V(Y, R, G);
                p(G, D, X)
            }
            return H
        },
        T = function(Y, G, R, g, M, X, D, H, A, q, S, a, m) {
            if (2 == (1 == (Y ^ 70) >> 3 && (R = G[xD], m = R instanceof f ? R : null), Y << 1 & 15)) {
                if ((X.h = (A = (D = (S = (R || X.r7++, 0) < X.ZV && X.U6 && X.cp && 1 >= X.p4 && !X.j && !X.R && (!R || 1 < X.yH - M) && 0 == document.hidden, (q = X.r7 == G) || S) ? X.G() : X.D, H = D - X.D, H) >> 14, X.g && (X.g ^= A * (H << 2)), X.zl += A, A || X.h), q) || S) X.r7 = 0, X.D = D;
                !S || D - X.S < X.ZV - (g ? 255 : R ? 5 : 2) ? m = false : (X.yH = M, a = Z(X, R ? 223 : 166), p(X, 166, X.s), X.L.push([Q1, a, R ? M + 1 : M]), X.R = vD, m = true)
            }
            return ((Y | 56) == Y && (sD.call(this), this.C = new f(this), this.w7 = this, this.tb = null), Y + 4 >> 4) || (m = R.classList ? R.classList : b(null, 72, G, "", R).match(/\S+/g) || []), m
        },
        nz = function(Y, G, R, g, M, X, D, H, A, q, S, a, m) {
            if (!(Y << 1 & 7))
                if (Array.isArray(H))
                    for (a = R; a < H.length; a++) nz(12, null, 0, g, M, X, D, H[a]);
                else S = O(20, G, M) ? !!M.capture : !!M, X = Q(21, X), D && D[iM] ? D.C.remove(String(H), X, S, g) : D && (q = T(74, D)) && (A = q.jv(g, H, S, X)) && b(null, 12, "on", 1, A);
            return Y + 4 >> 4 || (this.src = G, this.T = 0, this.U = {}), m
        },
        O = function(Y, G, R, g, M, X, D, H, A) {
            if (4 == (Y - 3 & 15)) a: {
                for (H = G; H < M.length; ++H)
                    if (D = M[H], !D.H && D.listener == X && D.capture == !!g && D.hb == R) {
                        A = H;
                        break a
                    }
                A = -1
            }
            if ((Y | (Y << 2 & 13 || (g = typeof R, A = "object" == g && R != G || "function" == g), 56)) == Y && (A = Math.floor(this.G())), !(Y + 3 >> 4)) {
                if (!R) throw Error("Invalid class name " + R);
                if ("function" !== typeof G) throw Error("Invalid decorator function " + G);
            }
            return A
        },
        ab = function(Y, G, R, g, M, X, D, H, A, q, S) {
            if (1 == (G - Y & Y))
                if (Array.isArray(D))
                    for (q = R; q < D.length; q++) ab(7, 16, 0, g, null, X, D[q], H, A);
                else A = Q(16, A), g && g[iM] ? g.C.add(String(D), A, true, O(40, M, X) ? !!X.capture : !!X, H) : y(9, false, g, null, D, X, A, H, true);
            return 1 == (G >> 1 & Y) && (X = g.type, X in M.U && Q(57, R, M.U[X], g) && (h(40, g, true), 0 == M.U[X].length && (delete M.U[X], M.T--))), S
        },
        dx = function(Y, G, R, g, M) {
            return (2 == ((R | ((R ^ Y) & 6 || G.L4 && G.L4.forEach(g, void 0), 4)) & 3) && (M = G in uM ? uM[G] : uM[G] = g + G), 2) <= (R + 9 & 7) && 2 > (R >> 2 & 4) && (G(function(X) {
                X(g)
            }), M = [function() {
                return g
            }]), M
        },
        Cz = function(Y, G, R, g, M, X, D) {
            return (19 <= R - 2 && 2 > (R << Y & 8) && (D = !!(X = M.pK, (X | 0) - G * ~(X & g) + G * ~X + (X & ~g))), R - 9 << Y) < R && (R + 6 & 30) >= R && c.call(this, G, g || W.az(), M), D
        },
        TQ = function(Y, G, R, g, M, X, D, H, A) {
            if (-86 <= G << 1 && 2 > (G >> 1 & 12)) {
                if (g = window.btoa) {
                    for (M = (D = "", 0); M < R.length; M += 8192) D += String.fromCharCode.apply(null, R.slice(M, M + 8192));
                    X = g(D).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
                } else X = void 0;
                H = X
            }
            return ((G | (2 == G - 3 >> 3 && (H = R && R.parentNode ? R.parentNode.removeChild(R) : null), Y)) == G && (H = R), 12 <= G + 3) && 17 > (G ^ 46) && (A = function(q) {
                return R.call(A.src, A.listener, q)
            }, R = bM, H = A), H
        },
        eX = function(Y, G, R, g, M, X, D, H, A) {
            return (((G & 60) == (G << 1 & (3 == G - 2 >> 3 && (X.classList ? D = X.classList.contains(M) : (H = T(7, g, X), D = U(1, M, H, 33) >= R), A = D), 13) || (this.listener = R, this.proxy = null, this.src = M, this.type = g, this.capture = !!X, this.hb = D, this.key = ++Lz, this.Y = this.H = false), G) && (D.classList ? D.classList.remove(X) : eX(63, 27, M, g, X, D) && h(28, D, g, Array.prototype.filter.call(T(6, g, D), function(q) {
                return q != X
            }).join(R))), G) + 7 & Y) < G && (G - 6 | 19) >= G && (this.C4 = this.C4), A
        },
        r = function(Y, G, R, g, M, X, D, H, A, q, S) {
            if (5 <= (R + 7 & 15) && 8 > ((R ^ 47) & 8))
                if (D && D.once) ab(7, 8, Y, X, g, D, M, H, G);
                else if (Array.isArray(M))
                for (A = Y; A < M.length; A++) r(0, G, 30, null, M[A], X, D, H);
            else G = Q(20, G), X && X[iM] ? X.C.add(String(M), G, false, O(28, g, D) ? !!D.capture : !!D, H) : y(8, false, X, null, M, D, G, H, false);
            if (!((R ^ 67) & 14)) a: {
                switch (D) {
                    case 1:
                        S = X ? "disable" : "enable";
                        break a;
                    case 2:
                        S = X ? "highlight" : "unhighlight";
                        break a;
                    case g:
                        S = X ? "activate" : "deactivate";
                        break a;
                    case G:
                        S = X ? "select" : "unselect";
                        break a;
                    case M:
                        S = X ? "check" : "uncheck";
                        break a;
                    case Y:
                        S = X ? "focus" : "blur";
                        break a;
                    case 64:
                        S = X ? "open" : "close";
                        break a
                }
                throw Error("Invalid component state");
            }
            if (!((R | 64) == R && (q = function() {}, q.prototype = G.prototype, Y.u = G.prototype, Y.prototype = new q, Y.prototype.constructor = Y, Y.GV = function(a, m, v) {
                    for (var e = Array(arguments.length - g), B = g; B < arguments.length; B++) e[B - g] = arguments[B];
                    return G.prototype[m].apply(a, e)
                }), (R | 1) >> 4)) {
                if (!(V1.call(this, G), D = Y)) {
                    for (H = this.constructor; H;) {
                        if (X = pz(1, H, 10), A = ED[X]) break;
                        H = (M = Object.getPrototypeOf(H.prototype)) && M.constructor
                    }
                    D = A ? "function" === typeof A.az ? A.az() : new A : null
                }
                this.v = D
            }
            return S
        },
        Ib = function(Y, G, R, g, M, X, D, H, A) {
            if (2 == (R ^ 30) >> (2 == ((R ^ 49) & 15) && (fz.call(this), G || Z$ || (Z$ = new Fq), this.L4 = null, this.ln = false, this.Iz = this.K4 = this.Ab = null, this.VH = void 0, this.O6 = null), 3)) a: {
                for (D in M)
                    if (X.call(void 0, M[D], D, M)) {
                        A = g;
                        break a
                    }
                A = G
            }
            if ((R - 7 | 51) >= R && (R + 5 & 62) < R) {
                for (X = (H = D = 0, []); H < G.length; H++)
                    for (M = M << g | G[H], D += g; 7 < D;) D -= 8, X.push(M >> D & 255);
                A = X
            }
            return R + 9 & 14 || (A = Cz(1, 2, 26, X, g) && h(62, g, X) != M && (!(D = g.hm, (D | X) - -1 - (~D & X) + (~D | X)) || g.dispatchEvent(r(Y, G, 18, 4, 16, M, X))) && !g.C4), A
        },
        U = function(Y, G, R, g, M, X) {
            if (!(g >> (25 > g - 3 && 6 <= ((g | 5) & 7) && R.L.splice(Y, Y, G), 1) & 7)) a: if ("string" === typeof R) X = "string" !== typeof G || G.length != Y ? -1 : R.indexOf(G, 0);
                else {
                    for (M = 0; M < R.length; M++)
                        if (M in R && R[M] === G) {
                            X = M;
                            break a
                        }
                    X = -1
                }
            return X
        },
        z = function(Y, G, R, g, M, X, D, H) {
            return (2 == G - 9 >> (G << 2 & ((G & 109) == G && (R.classList ? Array.prototype.forEach.call(g, function(A) {
                eX(63, 12, " ", "string", 0, A, R)
            }) : h(27, R, "string", Array.prototype.filter.call(T(3, "string", R), function(A) {
                return !(0 <= U(1, A, g, 16))
            }).join(" "))), 15) || (OD.call(this, R ? R.type : ""), this.relatedTarget = this.currentTarget = this.target = null, this.button = this.screenY = this.screenX = this.clientY = this.clientX = this.offsetY = this.offsetX = 0, this.key = "", this.charCode = this.keyCode = 0, this.metaKey = this.shiftKey = this.altKey = this.ctrlKey = false, this.state = null, this.pointerId = 0, this.pointerType = "", this.i = null, R && (M = this.type = R.type, D = R.changedTouches && R.changedTouches.length ? R.changedTouches[0] : null, this.target = R.target || R.srcElement, this.currentTarget = g, X = R.relatedTarget, X || ("mouseover" == M ? X = R.fromElement : "mouseout" == M && (X = R.toElement)), this.relatedTarget = X, D ? (this.clientX = void 0 !== D.clientX ? D.clientX : D.pageX, this.clientY = void 0 !== D.clientY ? D.clientY : D.pageY, this.screenX = D.screenX || 0, this.screenY = D.screenY || 0) : (this.offsetX = R.offsetX, this.offsetY = R.offsetY, this.clientX = void 0 !== R.clientX ? R.clientX : R.pageX, this.clientY = void 0 !== R.clientY ? R.clientY : R.pageY, this.screenX = R.screenX || 0, this.screenY = R.screenY || 0), this.button = R.button, this.keyCode = R.keyCode || 0, this.key = R.key || "", this.charCode = R.charCode || ("keypress" == M ? R.keyCode : 0), this.ctrlKey = R.ctrlKey, this.altKey = R.altKey, this.shiftKey = R.shiftKey, this.metaKey = R.metaKey, this.pointerId = R.pointerId || 0, this.pointerType = "string" === typeof R.pointerType ? R.pointerType : lM[R.pointerType] || "", this.state = R.state, this.i = R, R.defaultPrevented && u.u.preventDefault.call(this))), 3) && (H = Math.floor(this.n4 + (this.G() - this.S))), (G & 99) == G) && (M.A = ((M.A ? M.A + Y : "E:") + g.message + ":" + g.stack).slice(R, 2048)), H
        },
        pz = function(Y, G, R, g, M, X, D, H, A, q, S) {
            return 2 == (R << Y & (2 == (R + 7 & ((R | 8) == R && (S = Object.prototype.hasOwnProperty.call(G, y1) && G[y1] || (G[y1] = ++WD)), 6)) && (g.QH(function(a) {
                X = a
            }, G, M), S = X), 7)) && (Array.isArray(X) && (X = X.join(" ")), q = "aria-" + D, "" === X || void 0 == X ? (rx || (H = {}, rx = (H.atomic = false, H.autocomplete = G, H.dropeffect = G, H.haspopup = false, H.live = "off", H.multiline = false, H.multiselectable = false, H.orientation = "vertical", H.readonly = false, H.relevant = "additions text", H.required = false, H.sort = G, H[g] = false, H.disabled = false, H.hidden = false, H.invalid = "false", H)), A = rx, D in A ? M.setAttribute(q, A[D]) : M.removeAttribute(q)) : M.setAttribute(q, X)), S
        },
        y = function(Y, G, R, g, M, X, D, H, A, q, S, a, m, v) {
            if ((Y | (Y - 2 & 3 || (p(g, G, R), R[tg] = 2796), 8)) == Y) {
                if (!M) throw Error("Invalid event type");
                if (m = (a = O(24, ((q = T(75, R)) || (R[xD] = q = new f(R)), g), X) ? !!X.capture : !!X, q.add(M, D, A, a, H)), !m.proxy) {
                    if (((S = TQ(72, 40), m.proxy = S, S).src = R, S.listener = m, R).addEventListener) Kz || (X = a), void 0 === X && (X = G), R.addEventListener(M.toString(), S, X);
                    else if (R.attachEvent) R.attachEvent(dx(16, M.toString(), 22, "on"), S);
                    else if (R.addListener && R.removeListener) R.addListener(S);
                    else throw Error("addEventListener and attachEvent are unavailable.");
                    N$++
                }
            }
            return v
        },
        wx = function(Y, G, R, g, M) {
            if (3 == Y.length) {
                for (M = 0; 3 > M; M++) G[M] += Y[M];
                for (R = (g = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > R; R++) G[3](G, R % 3, g[R])
            }
        },
        Yu = function(Y, G) {
            for (var R, g, M = 1; M < arguments.length; M++) {
                for (g in R = arguments[M], R) Y[g] = R[g];
                for (var X = 0; X < PD.length; X++) g = PD[X], Object.prototype.hasOwnProperty.call(R, g) && (Y[g] = R[g])
            }
        },
        OD = function(Y, G) {
            return h.call(this, 3, G, Y)
        },
        or = function() {
            return b.call(this, null, 6)
        },
        DO = function(Y, G, R, g) {
            return jX.call(this, 7, 76, Y, G, R, g)
        },
        Rr = function(Y, G, R) {
            p(R, Y, ((R.qE.push(R.O.slice()), R.O)[Y] = void 0, G))
        },
        mS = function(Y, G, R, g, M, X) {
            for (g = (Y.YW = (Y.Hp = zQ("string", ((Y.Oo = Y[gx], Y.kl = Xu, Y).j2 = GJ, {get: function() {
                        return this.concat()
                    }
                }), Y.F, 23), Rb[Y.F](Y.Hp, {
                    value: {
                        value: {}
                    }
                })), 0), X = []; 128 > g; g++) X[g] = String.fromCharCode(g);
            M$(true, true, (U((U(0, (y(22, (y(6, 230, function(D, H, A, q, S) {
                for (q = (H = kD(8, D, (S = J(7, D), true), 6), A = [], 0); q < H; q++) A.push(V(8, true, D));
                p(D, S, A)
            }, (p(Y, (y(18, (y(6, (y(6, 52, function(D, H, A, q, S, a, m, v, e) {
                T(17, 4, true, false, H, D) || (m = At(true, 0, D.h, 2), e = m.X2, v = m.DV, S = m.Rz, a = m.o, A = a.length, q = 0 == A ? new e[S] : 1 == A ? new e[S](a[0]) : 2 == A ? new e[S](a[0], a[1]) : 3 == A ? new e[S](a[0], a[1], a[2]) : 4 == A ? new e[S](a[0], a[1], a[2], a[3]) : 2(), p(D, v, q))
            }, (y(34, 131, (y(6, 272, (y(22, (p(Y, 397, (y(38, (p(Y, 194, (y(6, (y(34, 99, ((y(18, 186, (new(p(Y, (p(((y(22, 443, (y((y(18, 214, function(D) {
                Mu(D, 4)
            }, (Y.uI = (y(22, (p(Y, (p(Y, 361, (Y.KK = (p((y(34, (y(18, 51, (p(Y, 482, (p(Y, 448, (p(Y, (y(18, (y(6, (y(34, 140, function(D) {
                HO(D, 1)
            }, (y(38, (y(38, 402, function(D, H, A, q, S) {
                (H = Z((S = 0 != (q = J(3, (A = J(6, D), D)), Z)(D, A), D), q), S) && p(D, 166, H)
            }, (y(38, (y(22, 139, function(D, H, A, q, S, a) {
                p(D, (A = Z(D, (a = Z(D, (S = (H = (q = J(5, D), J(3, D)), J(3, D)), q)), H)), S), +(a == A))
            }, (p(Y, (p(Y, 166, (Y.fK = (Y.h = (((Y.yH = 8001, Y).V = ((Y.N = [], Y).Gl = [], (Y.A = void 0, Y).g = void 0, Y.L = [], (Y.vp = (M = window.performance || {}, void 0), Y.p4 = 0, Y).n4 = (Y.qE = [], Y.g7 = (Y.O = [], 25), Y.NE = false, 0), void 0), Y).S = (Y.ev = function(D) {
                return jX.call(this, 7, 64, D)
            }, Y.F2 = [], Y.Z = void 0, 0), Y.zl = 1, Y.cp = (Y.s = 0, false), Y.U6 = (Y.j = (Y.ZV = (Y.r7 = void 0, 0), void 0), !(Y.PG = 0, 1)), Y.D = (Y.R = null, 0), Y), M.timeOrigin || (M.timing || {}).navigationStart) || 0, 0)), 223), 0), Y)), 115), function(D, H, A, q) {
                p((q = (H = (A = J(5, D), J)(5, D), J)(6, D), D), q, Z(D, A) || Z(D, H))
            }, Y), Y)), 328), function(D, H, A, q) {
                p(D, (H = J(3, (q = V(8, true, (A = J(6, D), D)), D)), H), Z(D, A) >>> q)
            }, Y), y(18, 253, function(D) {
                Mu(D, 3)
            }, Y), Y)), 170), function(D, H) {
                Rr(166, (H = Z(D, J(7, D)), H), D.h)
            }, Y), 5), function() {}, Y), 208), 0), [0, 0, 0])), [])), function(D, H, A, q) {
                if (A = D.qE.pop()) {
                    for (q = V(8, true, D); 0 < q; q--) H = J(7, D), A[H] = D.O[H];
                    (A[370] = (A[482] = D.O[482], D.O[370]), D).O = A
                } else p(D, 166, D.s)
            }), Y), 187), function(D) {
                HO(D, 4)
            }, Y), Y), 465, 0), 0), k)), 228), 394), 298), function(D) {
                kD(8, D, true, 18, 4)
            }, Y), 0), Y)), 34), 134, function(D, H, A, q, S, a, m, v) {
                S = Z(D, (A = Z((H = (a = J(6, (v = J(6, (m = J(5, (q = J(7, D), D)), D)), D)), Z(D, a)), D), m), v)), p(D, q, d(H, A, 7, 2, 1, S, D))
            }, Y), function(D, H, A, q, S) {
                p(D, (S = GQ("object", (H = Z(D, (A = J(3, (q = J(5, D), D)), q)), "number"), H), A), S)
            }), Y), y)(22, 282, function(D, H, A, q, S) {
                !T(49, 4, true, false, H, D) && (q = At(true, 0, D, 2), S = q.Rz, A = q.X2, D.h == D || S == D.ev && A == D) && (p(D, q.DV, S.apply(A, q.o)), D.D = D.G())
            }, Y), Y), 370, 2048), 309), []), $u)("Submit"), function(D, H, A, q, S, a) {
                p(D, (S = Z(D, (q = Z(D, (H = J(5, (A = J(3, (a = J(5, D), D)), D)), A)), a)), H), S in q | 0)
            }), Y), p)(Y, 29, {}), function(D, H, A) {
                (A = Z((H = J(6, D), D.h), H), A[0]).removeEventListener(A[1], A[2], q$)
            }), Y), 404), function(D, H, A, q, S, a, m, v, e, B) {
                0 !== (B = (m = Z(D, (q = (v = (e = J(6, (a = J(6, (S = (H = J(3, D), J(7, D)), D)), D)), Z)(D, a), Z(D.h, H)), e)), Z)(D, S), q) && (A = d(1, v, 5, 2, 1, m, D, q, B), q.addEventListener(B, A, q$), p(D, 208, [q, B, A]))
            }, Y), qu(4))), 14), function(D, H, A, q, S, a) {
                p(D, (S = (A = Z((q = J(6, (H = J((a = J(7, D), 3), D), D)), D), H), Z(D, a)), q), S[A])
            }, Y), Y)), 226), function(D, H, A, q, S, a, m) {
                for (A = (H = (S = Z(D, (m = (a = kD(8, D, true, (q = J(5, D), 7)), ""), 472)), S.length), 0); a--;) A = ((A | 0) + (kD(8, D, true, 5) | 0)) % H, m += X[S[A]];
                p(D, q, m)
            }, Y), function(D, H, A, q) {
                T(25, 4, true, false, H, D) || (q = J(5, D), A = J(6, D), p(D, A, function(S) {
                    return eval(S)
                }(gj(Z(D.h, q)))))
            }), Y), function(D, H, A) {
                p(D, (H = (A = J(6, D), J)(7, D), H), "" + Z(D, A))
            }), Y), Y)), 165), function(D, H, A, q, S) {
                p(D, (A = Z(D, (S = (H = J(6, (q = J(3, D), D)), Z)(D, H), q)), H), S + A)
            }, Y), 114), function(D, H, A, q, S, a, m, v, e, B, N, n, F, C) {
                if (!T(41, 4, true, true, H, D)) {
                    if ("object" == GQ("object", "number", (n = Z(D, (B = Z(D, (v = Z(D, (C = (q = J(6, (A = J(5, (a = J(7, (S = J(6, D), D)), D)), D)), Z(D, A)), a)), q)), S)), n))) {
                        for (e in m = [], n) m.push(e);
                        n = m
                    }
                    for (C = (F = n.length, N = 0, 0) < C ? C : 1; N < F; N += C) v(n.slice(N, 3 * (N & C) + ~(N & C) - (~N ^ C)), B)
                }
            }, Y), 417), [165, 0, 0]), Y)), Y.d6 = 0, 398), function(D, H, A, q, S, a) {
                (S = J(3, (H = J(5, (a = J(7, D), D)), D)), D.h) == D && (q = Z(D, H), A = Z(D, S), Z(D, a)[q] = A, 463 == a && (D.Z = void 0, 2 == q && (D.g = ob(8, false, D, 32), D.Z = void 0)))
            }, Y), y(34, 129, function(D, H, A, q, S, a, m, v, e, B, N, n, F, C, I, BD, HD) {
                function l(x, E) {
                    for (; F < x;) e |= V(8, true, D) << F, F += 8;
                    return e >>= (F -= x, E = e & (1 << x) - 1, x), E
                }
                for (S = (m = (a = (n = (F = (B = J(3, D), e = 0), N = l(3), ~N - 3 * ~(N | 1) + (N & -2) + 2 * (~N ^ 1)), l)(5), []), C = 0); C < a; C++) HD = l(1), m.push(HD), S += HD ? 0 : 1;
                for (v = (A = (BD = ((S | 0) - 1).toString(2).length, []), 0); v < a; v++) m[v] || (A[v] = l(BD));
                for (H = 0; H < a; H++) m[H] && (A[H] = J(5, D));
                for (q = [], I = n; I--;) q.push(Z(D, J(3, D)));
                y(38, B, function(x, E, D$, cD, hg) {
                    for (cD = (hg = (E = [], 0), []); hg < a; hg++) {
                        if (!(D$ = A[hg], m)[hg]) {
                            for (; D$ >= E.length;) E.push(J(3, x));
                            D$ = E[D$]
                        }
                        cD.push(D$)
                    }
                    x.V = J(24, x, (x.j = J(26, x, q.slice()), cD))
                }, D)
            }, Y), U(0, [tg], Y, 14), [SG, R]), Y, 10), 0), [ar, G], Y, 7), true), false, Y)
        },
        GQ = function(Y, G, R, g, M) {
            if ((M = typeof R, M) == Y)
                if (R) {
                    if (R instanceof Array) return "array";
                    if (R instanceof Object) return M;
                    if (g = Object.prototype.toString.call(R), "[object Window]" == g) return Y;
                    if ("[object Array]" == g || typeof R.length == G && "undefined" != typeof R.splice && "undefined" != typeof R.propertyIsEnumerable && !R.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == g || "undefined" != typeof R.call && "undefined" != typeof R.propertyIsEnumerable && !R.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == M && "undefined" == typeof R.call) return Y;
            return M
        },
        vO = function(Y, G, R, g, M) {
            if (g = (M = Y, k.trustedTypes), !g || !g.createPolicy) return M;
            try {
                M = g.createPolicy(G, {
                    createHTML: Jt,
                    createScript: Jt,
                    createScriptURL: Jt
                })
            } catch (X) {
                if (k.console) k.console[R](X.message)
            }
            return M
        },
        jG = function(Y, G) {
            return z.call(this, "~", 5, Y, G)
        },
        t = function(Y, G, R) {
            R = this;
            try {
                mS(this, Y, G)
            } catch (g) {
                z("~", 3, 0, g, this), Y(function(M) {
                    M(R.A)
                })
            }
        },
        Jt = function(Y) {
            return TQ.call(this, 72, 72, Y)
        },
        f = function(Y) {
            return nz.call(this, 3, Y)
        },
        Uj = function(Y, G, R, g, M, X, D, H, A, q) {
            for (R = (D = (g = (H = Y.replace(/\r\n/g, "\n"), 0), []), 0); g < H.length; g++) A = H.charCodeAt(g), 128 > A ? D[R++] = A : (A < G ? D[R++] = (X = A >> 6, -~(X | 192) + (X & -193) + (~X | 192)) : (55296 == (A | 64512) - ~A + -64513 - 2 * (A & -64513) && g + 1 < H.length && 56320 == (H.charCodeAt(g + 1) & 64512) ? (A = 65536 + (1023 - (~A & 1023) << 10) + (H.charCodeAt(++g) & 1023), D[R++] = A >> 18 | 240, D[R++] = (q = A >> 12, 63 - ~(q & 63) + -64) | 128) : D[R++] = A >> 12 | 224, D[R++] = A >> 6 & 63 | 128), D[R++] = (M = A & 63, 128 + ~(M & 128) - ~M));
            return D
        },
        eG = function(Y, G, R, g, M, X, D, H, A, q) {
            for (; g.L.length;) {
                A = (g.R = M, g.L.pop());
                try {
                    H = $D(X, A, Y, g)
                } catch (S) {
                    z("~", 34, 0, S, g)
                }
                if (G && g.R) {
                    q = g.R, q(function() {
                        M$(true, R, R, D, g)
                    });
                    break
                }
            }
            return H
        },
        c = function(Y, G, R, g, M, X, D, H) {
            return r.call(this, G, R, 5, Y, g, M, X, D, H)
        },
        $D = function(Y, G, R, g, M, X, D, H, A, q) {
            if ((X = G[0], X) == Xq) g.g7 = 25, g.I(G);
            else if (X == gx) {
                H = G[1];
                try {
                    A = g.A || g.I(G)
                } catch (S) {
                    z("~", 66, 0, S, g), A = g.A
                }
                H(A)
            } else if (X == Q1) g.I(G);
            else if (X == SG) g.I(G);
            else if (X == ar) {
                try {
                    for (M = 0; M < g.F2.length; M++) try {
                        q = g.F2[M], q[0][q[1]](q[2])
                    } catch (S) {}
                } catch (S) {}(0, G[1])(function(S, a) {
                    g.QH(S, true, a)
                }, (g.F2 = [], function(S) {
                    (U((S = !g.L.length, 0), [zJ], g, 15), S) && M$(true, true, false, false, g)
                }))
            } else {
                if (X == Ag) return D = G[2], p(g, Y, G[6]), p(g, R, D), g.I(G);
                X == zJ ? (g.O = null, g.Gl = [], g.N = []) : X == tg && "loading" === k.document.readyState && (g.R = function(S, a) {
                    function m() {
                        a || (a = true, S())
                    }
                    k.document.addEventListener((a = false, "DOMContentLoaded"), m, q$), k.addEventListener("load", m, q$)
                })
            }
        },
        dj = function(Y, G, R, g, M) {
            return eX.call(this, 63, 9, g, R, M, Y, G)
        },
        ih = function(Y, G, R, g, M, X, D, H) {
            if (!g.A) {
                g.p4++;
                try {
                    for (H = (M = void 0, X = g.s, 0); --G;) try {
                        if ((D = void 0, g).j) M = YD(g, g.j);
                        else {
                            if (H = Z(g, 166), H >= X) break;
                            M = (p(g, Y, H), D = J(5, g), Z(g, D))
                        }
                        T(33, 4, R, R, (M && M[zJ] & 2048 ? M(g, G) : BO([ht, 21, D], g, 0, 2048), G), g)
                    } catch (A) {
                        Z(g, 228) ? BO(A, g, 22, 2048) : p(g, 228, A)
                    }
                    if (!G) {
                        if (g.bn) {
                            ih(223, 383840374050, (g.p4--, false), g);
                            return
                        }
                        BO([ht, 33], g, 0, 2048)
                    }
                } catch (A) {
                    try {
                        BO(A, g, 22, 2048)
                    } catch (q) {
                        z("~", 67, 0, q, g)
                    }
                }
                g.p4--
            }
        },
        K = function(Y, G, R, g, M, X, D, H, A) {
            if (Y.h == Y)
                for (M = Z(Y, R), 194 == R ? (H = function(q, S, a, m, v, e) {
                        if (M.Sv != (m = ((e = M.length, e) ^ 4) + 2 * (~e ^ 4) - 2 * (~e | 4) >> 3, m)) {
                            S = (a = (m << 3) - 4, M.Sv = m, [0, 0, D[1], D[2]]);
                            try {
                                M.mZ = Nu(1419, 24, d(a, M, 12, 3, 8), d((a | 0) + 4, M, 20, 3, 8), S, 255, 8)
                            } catch (B) {
                                throw B;
                            }
                        }
                        M.push((v = M.mZ[e & 7], 1 + 2 * (v & ~q) - (~v ^ q) + 2 * (~v | q)))
                    }, D = Z(Y, 448)) : H = function(q) {
                        M.push(q)
                    }, g && H(~g - 2 * ~(g | 255) - (g ^ 255) + (g | -256)), X = G.length, A = 0; A < X; A++) H(G[A])
        },
        xu = function(Y, G, R, g, M, X, D, H) {
            try {
                H = Y[((G | 0) + 2) % 3], Y[G] = (X = (M = Y[G], g = Y[((G | 0) + 1) % 3], (M ^ g) - (~M ^ g) - 3 * (~M & g) + (~M | g)) - (H | 0), D = 1 == G ? H << R : H >>> R, (X | D) + ~X - (~X | D))
            } catch (A) {
                throw A;
            }
        },
        Nu = function(Y, G, R, g, M, X, D, H, A, q) {
            for (A = M[3] | (H = 0, 0), q = M[2] | 0; 14 > H; H++) g = g >>> D | g << G, g += R | 0, R = R << 3 | R >>> 29, A = A >>> D | A << G, g ^= q + Y, A += q | 0, A ^= H + Y, q = q << 3 | q >>> 29, R ^= g, q ^= A;
            return [R >>> G & X, R >>> 16 & X, R >>> D & X, R >>> 0 & X, g >>> G & X, g >>> 16 & X, g >>> D & X, g >>> 0 & X]
        },
        M$ = function(Y, G, R, g, M, X, D, H) {
            if (M.L.length) {
                M.cp = (M.U6 && 0(), M.U6 = Y, G);
                try {
                    X = M.G(), M.r7 = 0, M.S = X, M.D = X, D = eG(29, G, Y, M, null, 424, false), H = M.G() - M.S, M.n4 += H, H < (R ? 0 : 10) || 0 >= M.g7-- || (H = Math.floor(H), M.Gl.push(254 >= H ? H : 254))
                } finally {
                    M.U6 = g
                }
                return D
            }
        },
        w, At = function(Y, G, R, g, M, X, D, H, A, q) {
            for (H = J(5, (D = ((A = J((q = R[ku] || {}, 5), R), q.DV = J(3, R), q).o = [], R.h == R ? (X = V(8, Y, R), -4 * ~(X & 1) + ~X + -6 + g * (X ^ 1)) : 1), R)), M = G; M < D; M++) q.o.push(J(6, R));
            for (q.X2 = Z(R, H); D--;) q.o[D] = Z(R, q.o[D]);
            return q.Rz = Z(R, A), q
        },
        Fq = function() {
            return Q.call(this, 68)
        },
        Mu = function(Y, G, R, g, M, X, D) {
            K(((g = Z(Y, (D = J(7, (M = J(7, (X = -~(G & 4) - (~G ^ 4) + (G | -(R = (G | 0) - ~(G & 3) + ~G, 5)) + (~G | 4), Y)), Y)), M)), X) && (g = Uj("" + g, 2048)), R && K(Y, P(2, g.length), D), Y), g, D)
        },
        Qm = function() {
            return O.call(this, 15)
        },
        p = function(Y, G, R) {
            if (166 == G || 223 == G) Y.O[G] ? Y.O[G].concat(R) : Y.O[G] = J(25, Y, R);
            else {
                if (Y.NE && 463 != G) return;
                417 == G || 194 == G || 309 == G || 482 == G || 448 == G ? Y.O[G] || (Y.O[G] = d(G, 126, 32, 2, 7, Y, R)) : Y.O[G] = d(G, 153, 33, 2, 7, Y, R)
            }
            463 == G && (Y.g = ob(8, false, Y, 32), Y.Z = void 0)
        },
        YD = function(Y, G, R) {
            return (R = G.create().shift(), Y).j.create().length || Y.V.create().length || (Y.V = void 0, Y.j = void 0), R
        },
        sj = function(Y, G, R, g, M, X, D, H, A, q) {
            function S(a) {
                a && Y.appendChild("string" === typeof a ? R.createTextNode(a) : a)
            }
            for (q = G; q < X.length; q++)
                if (H = X[q], !h(89, "object", M, "number", H) || O(44, null, H) && 0 < H.nodeType) S(H);
                else {
                    a: {
                        if (H && "number" == typeof H.length) {
                            if (O(36, null, H)) {
                                A = "function" == typeof H.item || "string" == typeof H.item;
                                break a
                            }
                            if ("function" === typeof H) {
                                A = "function" == typeof H.item;
                                break a
                            }
                        }
                        A = g
                    }
                    b(null, 3, 0, D, S, A ? jX(7, 5, 0, H) : H)
                }
        },
        ob = function(Y, G, R, g, M, X, D, H, A, q, S, a, m, v, e, B, N) {
            if ((B = Z(R, 166), B) >= R.s) throw [ht, 31];
            for (H = (m = (N = (S = B, R.Oo.length), g), 0); 0 < m;) X = S % Y, D = Y - (X | 0), M = S >> 3, a = D < m ? D : m, A = R.N[M], G && (e = R, e.Z != S >> 6 && (e.Z = S >> 6, v = Z(e, 463), e.vp = Nu(1419, 24, e.g, e.Z, [0, 0, v[1], v[2]], 255, Y)), A ^= R.vp[M & N]), H |= (A >> Y - (X | 0) - (a | 0) & (1 << a) - 1) << (m | 0) - (a | 0), m -= a, S += a;
            return p(R, (q = H, 166), (B | 0) + (g | 0)), q
        },
        V1 = function(Y) {
            return Ib.call(this, 32, Y, 3)
        },
        bM = function(Y, G, R, g, M, X) {
            return UD.call(this, 52, 5, Y, G, R, g, M, X)
        },
        V = function(Y, G, R) {
            return R.j ? YD(R, R.V) : ob(Y, G, R, Y)
        },
        Z = function(Y, G, R) {
            if (void 0 === (R = Y.O[G], R)) throw [ht, 30, G];
            if (R.value) return R.create();
            return (R.create(3 * G * G + -76 * G + 7), R).prototype
        },
        nl = function(Y) {
            return TQ.call(this, 72, 19, Y)
        },
        $u = function(Y, G, R) {
            return Cz.call(this, 1, Y, 3, G, R)
        },
        k = this || self,
        P = function(Y, G, R, g) {
            for (R = (g = [], 2 * (Y & 1) + ~(Y & 1)) + ~(Y | 1) - 2 * (~Y | 1); 0 <= R; R--) g[(Y | 0) - 1 - (R | 0)] = G >> 8 * R & 255;
            return g
        },
        BO = function(Y, G, R, g, M, X, D, H, A, q) {
            if (!G.NE) {
                if (3 < (M = Z(G, (q = (0 == (X = Z(G, ((D = void 0, Y) && Y[0] === ht && (R = Y[1], D = Y[2], Y = void 0), 482)), X.length) && (A = Z(G, 223) >> 3, X.push(R, A >> 8 & 255, -255 - ~A - ~(A | 255) + 2 * (~A | 255)), void 0 != D && X.push(D & 255)), ""), Y && (Y.message && (q += Y.message), Y.stack && (q += ":" + Y.stack)), 370)), M)) {
                    G.h = (H = (q = (M -= ((q = q.slice(0, (M & -4) + (~M ^ 3) - (~M | 3)), q).length | 0) + 3, Uj)(q, g), G.h), G);
                    try {
                        K(G, P(2, q.length).concat(q), 194, 12)
                    } finally {
                        G.h = H
                    }
                }
                p(G, 370, M)
            }
        },
        uh = function(Y, G, R, g, M, X) {
            return Z((p(M, (ih(Y, (X = Z(M, 166), M.N && X < M.s ? (p(M, 166, M.s), Rr(166, G, M)) : p(M, 166, G), R), false, M), 166), X), M), g)
        },
        u = function(Y, G, R, g, M) {
            return z.call(this, "~", 16, Y, G, R, g, M)
        },
        Cl = function() {
            return jX.call(this, 7, 54)
        },
        fz = function() {
            return T.call(this, 56)
        },
        Jg = function(Y, G, R, g) {
            return b.call(this, null, 17, Y, G, R, g)
        },
        sD = function() {
            return eX.call(this, 63, 70)
        },
        HO = function(Y, G, R, g) {
            (R = J(7, (g = J(7, Y), Y)), K)(Y, P(G, Z(Y, g)), R)
        },
        bh = function(Y, G, R, g, M) {
            return zQ.call(this, "string", Y, G, 3, R, g, M)
        },
        W = function() {
            return jX.call(this, 7, 3)
        },
        qu = function(Y, G) {
            for (G = []; Y--;) G.push(255 * Math.random() | 0);
            return G
        },
        TJ = function(Y, G, R, g, M, X, D, H, A, q, S, a, m, v, e, B) {
            (G.push((A = (X = Y[0] << 24, H = Y[1] << 16, (H | 0) - 1 - (~X | H)), S = Y[2] << 8, (A & S) + ~(A & S) - ~(A | S)) | Y[3]), G).push((D = (M = Y[4] << 24, R = Y[5] << 16, (M & R) - ~(M & R) + ~(M | R) + 2 * (M ^ R)) | Y[6] << 8, m = Y[7], -~(D & m) + (D & ~m) + 2 * (~D & m) + (D | ~m))), G.push((a = (q = (B = Y[8] << 24, v = Y[9] << 16, (B | 0) + ~B - ~(B | v)), g = Y[10] << 8, (g | 0) - (q & ~g) - 2 * (~q ^ g) + 2 * (q | ~g)), e = Y[11], (a | 0) - (~a ^ e) + (~a | e)))
        },
        y1 = "closure_uid_" + (1E9 * Math.random() >>> 0),
        WD = 0,
        Z$, Kz = function(Y, G) {
            if (!k.addEventListener || !Object.defineProperty) return false;
            Y = Object.defineProperty({}, "passive", {get: (G = false, function() {
                    G = true
                })
            });
            try {
                k.addEventListener("test", function() {}, Y), k.removeEventListener("test", function() {}, Y)
            } catch (R) {}
            return G
        }(),
        lM = {
            2: ((OD.prototype.stopPropagation = function() {
                this.l = true
            }, sD.prototype).C4 = (OD.prototype.preventDefault = function() {
                this.defaultPrevented = true
            }, false), r(u, OD, 71, 2), "touch"),
            3: "pen",
            4: "mouse"
        },
        iM = "closure_listenable_" + (u.prototype.stopPropagation = function() {
            (u.u.stopPropagation.call(this), this.i).stopPropagation ? this.i.stopPropagation() : this.i.cancelBubble = true
        }, u.prototype.preventDefault = function(Y) {
            Y = (u.u.preventDefault.call(this), this).i, Y.preventDefault ? Y.preventDefault() : Y.returnValue = false
        }, 1E6 * Math.random() | 0),
        Lz = 0,
        PD = "constructor hasOwnProperty isPrototypeOf propertyIsEnumerable toLocaleString toString valueOf".split(" "),
        xD = "closure_lm_" + (1E6 * (f.prototype.add = function(Y, G, R, g, M, X, D, H, A) {
            return A = O(23, 0, (X = this.U[H = Y.toString(), H], X || (X = this.U[H] = [], this.T++), M), g, X, G), -1 < A ? (D = X[A], R || (D.Y = false)) : (D = new dj(!!g, M, H, G, this.src), D.Y = R, X.push(D)), D
        }, f.prototype.jv = (f.prototype.hasListener = function(Y, G, R, g, M) {
            return Ib(32, false, 9, true, (g = (R = (M = void 0 !== Y) ? Y.toString() : "", void 0) !== G, this.U), function(X, D) {
                for (D = 0; D < X.length; ++D)
                    if (!(M && X[D].type != R || g && X[D].capture != G)) return true;
                return false
            })
        }, function(Y, G, R, g, M, X) {
            return -(M = this.U[X = -1, G.toString()], M && (X = O(55, 0, Y, R, M, g)), 1) < X ? M[X] : null
        }), f.prototype.remove = function(Y, G, R, g, M, X, D) {
            if (D = Y.toString(), !(D in this.U)) return false;
            return -1 < (X = O(39, 0, (M = this.U[D], g), R, M, G), X) ? (h(48, M[X], true), Array.prototype.splice.call(M, X, 1), 0 == M.length && (delete this.U[D], this.T--), true) : false
        }, Math.random()) | 0),
        uM = {},
        N$ = 0,
        mE = "__closure_events_fn_" + (1E9 * Math.random() >>> 0);
    (((w = ((r(fz, sD, 64, 2), fz).prototype[iM] = true, fz).prototype, w).un = function(Y) {
        this.tb = Y
    }, w.addEventListener = function(Y, G, R, g) {
        r(0, G, 24, null, Y, this, R, g)
    }, w).removeEventListener = function(Y, G, R, g) {
        nz(16, null, 0, g, R, G, this, Y)
    }, w).dispatchEvent = function(Y, G, R, g, M, X, D, H, A, q, S) {
        if (g = this.tb)
            for (R = []; g; g = g.tb) R.push(g);
        if (S = (H = (M = (X = Y, (D = R, this).w7), X.type || X), "string" === typeof X ? X = new OD(X, M) : X instanceof OD ? X.target = X.target || M : (G = X, X = new OD(H, M), Yu(X, G)), true), D)
            for (A = D.length - 1; !X.l && 0 <= A; A--) q = X.currentTarget = D[A], S = Q(66, 1, X, H, q, true) && S;
        if (X.l || (q = X.currentTarget = M, S = Q(34, 1, X, H, q, true) && S, X.l || (S = Q(35, 1, X, H, q, false) && S)), D)
            for (A = 0; !X.l && A < D.length; A++) q = X.currentTarget = D[A], S = Q(3, 1, X, H, q, false) && S;
        return S
    }, w.jv = function(Y, G, R, g) {
        return this.C.jv(Y, String(G), R, g)
    }, w.hasListener = function(Y, G) {
        return this.C.hasListener(void 0 !== Y ? String(Y) : void 0, G)
    };
    var rx;
    ((w = (r(V1, (((UD(((((((w = Fq.prototype, w.B = function(Y) {
        return "string" === typeof Y ? this.W.getElementById(Y) : Y
    }, w).getElementsByTagName = function(Y, G) {
        return (G || this.W).getElementsByTagName(String(Y))
    }, w.createElement = function(Y, G, R) {
        return (R = String((G = this.W, Y)), "application/xhtml+xml" === G.contentType) && (R = R.toLowerCase()), G.createElement(R)
    }, w).createTextNode = function(Y) {
        return this.W.createTextNode(String(Y))
    }, w).appendChild = function(Y, G) {
        Y.appendChild(G)
    }, w.append = function(Y, G) {
        sj(Y, 1, 9 == Y.nodeType ? Y : Y.ownerDocument || Y.document, false, "array", arguments, "")
    }, w.canHaveChildren = function(Y) {
        if (1 != Y.nodeType) return false;
        switch (Y.tagName) {
            case "APPLET":
            case "AREA":
            case "BASE":
            case "BR":
            case "COL":
            case "COMMAND":
            case "EMBED":
            case "FRAME":
            case "HR":
            case "IMG":
            case "INPUT":
            case "IFRAME":
            case "ISINDEX":
            case "KEYGEN":
            case "LINK":
            case "NOFRAMES":
            case "NOSCRIPT":
            case "META":
            case "OBJECT":
            case "PARAM":
            case "SCRIPT":
            case "SOURCE":
            case "STYLE":
            case "TRACK":
            case "WBR":
                return false
        }
        return true
    }, w).removeNode = nl, w).contains = function(Y, G, R) {
        if (!Y || !G) return false;
        if (Y.contains && 1 == G.nodeType) return Y == G || Y.contains(G);
        if ("undefined" != typeof Y.compareDocumentPosition) return Y == G || !!(R = Y.compareDocumentPosition(G), -1 - ~(R | 16) - (R ^ 16));
        for (; G && Y != G;) G = G.parentNode;
        return G == Y
    }, 52), 24, or), or).prototype.ad = 0, or.prototype).E6 = "", fz), 70, 2), V1.prototype), w.Wp = or.az(), w.B = function() {
        return this.K4
    }, w.getParent = function() {
        return this.O6
    }, w).un = function(Y) {
        if (this.O6 && this.O6 != Y) throw Error("Method not supported");
        V1.u.un.call(this, Y)
    }, w).f4 = function() {
        ((dx(16, this, 8, function(Y) {
            Y.ln && Y.f4()
        }), this.VH) && Q(37, 0, true, this.VH), this).ln = false
    }, w.removeChild = function(Y, G, R, g, M, X, D, H, A, q, S, a) {
        if (Y && ("string" === typeof Y ? D = Y : ((S = Y.Iz) || (R = Y.Wp, A = Y, g = R.E6 + ":" + (R.ad++).toString(36), S = A.Iz = g), D = S), a = D, this.Ab && a ? (q = this.Ab, X = (null !== q && a in q ? q[a] : void 0) || null) : X = null, Y = X, a && Y)) {
            if (null == (Q(9, (H = this.Ab, a in H && delete H[a], 1), this.L4, Y), G && (Y.f4(), Y.K4 && nl(Y.K4)), M = Y, M)) throw Error("Unable to set parent component");
            M.O6 = null, V1.u.un.call(M, null)
        }
        if (!Y) throw Error("Child is not in parent component");
        return Y
    };
    var Ll, Vm = {
            button: "pressed",
            checkbox: "checked",
            menuitem: (((w = (UD(52, 25, Cl), Cl.prototype), w.kW = function(Y) {
                return Y.B()
            }, w).xW = function(Y, G, R, g, M, X, D) {
                D = (Ll || (Ll = {
                    1: "disabled",
                    8: "selected",
                    16: "checked",
                    64: "expanded"
                }), Ll[G]), (M = Y.getAttribute("role") || null) ? (X = Vm[M] || D, g = "checked" == D || "selected" == D ? X : D) : g = D, g && pz(1, "none", 17, "busy", Y, R, g)
            }, w).P = function(Y, G, R, g, M, X) {
                if (g = Y.B()) this.Bp || (X = this.oz(), X.replace(/\xa0|\s/g, " "), this.Bp = {
                    1: X + "-disabled",
                    2: X + "-hover",
                    4: X + "-active",
                    8: X + "-selected",
                    16: X + "-checked",
                    32: X + "-focused",
                    64: X + "-open"
                }), (M = this.Bp[G]) && this.J(Y, M, R), this.xW(g, G, R)
            }, w.J = function(Y, G, R, g) {
                (g = Y.B ? Y.B() : Y) && (R ? bh : jG)(g, [G])
            }, "selected"),
            menuitemcheckbox: "checked",
            menuitemradio: "checked",
            radio: "checked",
            tab: "selected",
            treeitem: "selected"
        },
        ED = ((UD(52, 27, (r(Qm, (w.oz = (w.d7 = function(Y, G, R, g, M, X) {
            if (Cz(1, 2, 24, 32, Y) && (g = Y.kW())) {
                if (!G && h(61, Y, 32)) {
                    try {
                        g.blur()
                    } catch (D) {}
                    h(45, Y, 32) && (Y.ME & 4 && Cz(1, 2, 27, 4, Y) && Y.setActive(false), Y.ME & 32 && Cz(1, 2, 32, 32, Y) && Ib(32, 8, 24, Y, false, 32) && Y.P(32, false))
                }
                if (M = g.hasAttribute("tabindex")) R = g.tabIndex, M = "number" === typeof R && 0 <= R && 32768 > R;
                M != G && (X = g, G ? X.tabIndex = 0 : (X.tabIndex = -1, X.removeAttribute("tabIndex")))
            }
        }, function() {
            return "goog-control"
        }), Cl), 65, 2), Qm)), Qm.prototype.xW = function(Y, G, R) {
            switch (G) {
                case 8:
                case 16:
                    pz(1, "none", 5, "busy", Y, R, "pressed");
                    break;
                default:
                case 64:
                case 1:
                    Qm.u.xW.call(this, Y, G, R)
            }
        }, Qm).prototype.oz = function() {
            return "goog-button"
        }, {});
    if ("function" !== ((((((((((w = (r(c, V1, 69, 2), c).prototype, w).Uo = true, w.K = null, w.ME = 255, w).J = function(Y, G) {
            G ? Y && (this.K ? 0 <= U(1, Y, this.K, 17) || this.K.push(Y) : this.K = [Y], this.v.J(this, Y, true)) : Y && this.K && Q(33, 1, this.K, Y) && (0 == this.K.length && (this.K = null), this.v.J(this, Y, false))
        }, w.X = 0, w.hm = 0, w.f4 = function() {
            (c.u.f4.call(this), this.Jb && this.Jb.detach(), this).isVisible() && this.isEnabled() && this.v.d7(this, false)
        }, w).kW = function() {
            return this.v.kW(this)
        }, w).pK = 39, w).isVisible = function() {
            return this.Uo
        }, w).isEnabled = function() {
            return !h(46, this, 1)
        }, w.isActive = function() {
            return h(77, this, 4)
        }, w).setActive = function(Y) {
            Ib(32, 8, 7, this, Y, 4) && this.P(4, Y)
        }, w).getState = function() {
            return this.X
        }, w).P = function(Y, G, R, g, M, X) {
            R || 1 != Y ? Cz(1, 2, 25, Y, this) && G != h(14, this, Y) && (this.v.P(this, Y, G), this.X = G ? (M = this.X, (M | 0) - 1 - (M | ~Y)) : this.X & ~Y) : (X = !G, g = this.getParent(), g && "function" == typeof g.isEnabled && !g.isEnabled() || !Ib(32, 8, 23, this, !X, 1) || (X || (this.setActive(false), Ib(32, 8, 39, this, false, 2) && this.P(2, false)), this.isVisible() && this.v.d7(this, X), this.P(1, !X, true)))
        }, typeof c)) throw Error("Invalid component class " + c);
    if ("function" !== typeof Cl) throw Error("Invalid renderer class " + Cl);
    var pl = pz(1, c, 8);
    (r($u, c, 68, (((UD(52, 26, (r(W, Qm, (O(3, (ED[pl] = Cl, function() {
        return new c(null)
    }), "goog-control"), 73), 2), W)), W.prototype).xW = function() {}, W).prototype.P = function(Y, G, R, g) {
        (g = (W.u.P.call(this, Y, G, R), Y.B())) && 1 == G && (g.disabled = R)
    }, W.prototype.d7 = function() {}, 2)), O)(5, function() {
        return new $u(null)
    }, "goog-button");
    var L, vD = k.requestIdleCallback ? function(Y) {
            requestIdleCallback(function() {
                Y()
            }, {
                timeout: 4
            })
        } : k.setImmediate ? function(Y) {
            setImmediate(Y)
        } : function(Y) {
            setTimeout(Y, 0)
        },
        q$ = {
            passive: true,
            capture: true
        },
        ku = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        ar = [],
        zJ = [],
        Ag = ((t.prototype.nK = (t.prototype.s6 = "toString", t.prototype.bn = false, void 0), t).prototype.FD = void 0, []),
        ht = {},
        tg = [],
        SG = [],
        Q1 = [],
        gx = [],
        Xq = [],
        Rb = (((TJ, qu, function() {})(xu), function() {})(wx), ht).constructor,
        SX = (t.prototype.F = (w = t.prototype, "create"), w.CK = function(Y, G, R, g, M, X, D, H) {
            return zQ.call(this, "string", Y, G, 12, R, g, M, X, D, H)
        }, w.tm = function(Y, G, R, g, M, X) {
            return Ib.call(this, 32, Y, 73, G, R, g, M, X)
        }, void 0);
    t.prototype.I = (w.G = ((w.QH = function(Y, G, R, g, M, X) {
        return d.call(this, R, g, 6, Y, G, M, X)
    }, w).LK = function() {
        return z.call(this, "~", 25)
    }, ((w.zV = function() {
        return O.call(this, 57)
    }, w.r6 = function(Y, G, R, g, M, X) {
        return UD.call(this, 52, 48, Y, G, R, g, M, X)
    }, window).performance || {}).now ? function() {
        return this.fK + window.performance.now()
    } : function() {
        return +new Date
    }), function(Y, G) {
        return G = (SX = (Y = {}, function() {
                return G == Y ? 7 : -54
            }), {}),
            function(R, g, M, X, D, H, A, q, S, a, m, v, e, B, N, n, F, C, I, BD, HD, l, x, E) {
                C = G, G = Y;
                try {
                    if (e = R[0], e == SG) {
                        BD = R[1];
                        try {
                            for (M = (q = [], atob)(BD), E = N = 0; E < M.length; E++) v = M.charCodeAt(E), 255 < v && (q[N++] = -~(v & 255) - (~v ^ 255) + (v | -256) + (~v | 255), v >>= 8), q[N++] = v;
                            p(this, (this.N = q, this.s = this.N.length << 3, 463), [0, 0, 0])
                        } catch (D$) {
                            BO(D$, this, 17, 2048);
                            return
                        }
                        ih(223, 8001, false, this)
                    } else if (e == Xq) R[1].push(Z(this, 309).length, Z(this, 417).length, Z(this, 194).length, Z(this, 370)), p(this, 29, R[2]), this.O[396] && uh(223, Z(this, 396), 8001, 29, this);
                    else {
                        if (e == gx) {
                            X = (m = R[2], P)(2, (Z(this, 417).length | 0) + 2), F = this.h, this.h = this;
                            try {
                                a = Z(this, 482), 0 < a.length && K(this, P(2, a.length).concat(a), 417, 15), K(this, P(1, this.zl), 417, 104), K(this, P(1, this[gx].length), 417), I = 0, I += Z(this, 465) & 2047, I -= (B = Z(this, 417).length, 11 - (~B ^ 5) + 2 * (B | -6)), n = Z(this, 194), 4 < n.length && (I -= (n.length | 0) + 3), 0 < I && K(this, P(2, I).concat(qu(I)), 417, 10), 4 < n.length && K(this, P(2, n.length).concat(n), 417, 153)
                            } finally {
                                this.h = F
                            }
                            if (g = (((x = qu(2).concat(Z(this, 417)), x)[1] = (H = x[0], ~H + -4 - 2 * ~(H | 3)), x)[3] = x[1] ^ X[0], x[4] = (l = x[1], A = X[1], -(A | 0) - ~(l | A) + 2 * (~l & A) + (l | ~A)), this.Tl(x))) g = "!" + g;
                            else
                                for (D = 0, g = ""; D < x.length; D++) S = x[D][this.s6](16), 1 == S.length && (S = "0" + S), g += S;
                            return (Z(this, (Z((Z(this, (HD = g, 309)).length = m.shift(), this), 417).length = m.shift(), 194)).length = m.shift(), p)(this, 370, m.shift()), HD
                        }
                        if (e == Q1) uh(223, R[1], R[2], 29, this);
                        else if (e == Ag) return uh(223, R[1], 8001, 29, this)
                    }
                } finally {
                    G = C
                }
            }
    }());
    var Xu, GJ = (((t.prototype[ar] = [0, 0, 1, 1, 0, 1, 1], t).prototype.so = 0, t).prototype.Tl = function(Y, G, R, g, M) {
            return TQ.call(this, 72, 3, Y, G, R, g, M)
        }, t.prototype.xl = 0, /./),
        Ej = SG.pop.bind(t.prototype[Xq]),
        gj = ((Xu = zQ("string", (GJ[t.prototype.s6] = Ej, {get: Ej
        }), t.prototype.F, 25), t.prototype).Am = void 0, function(Y, G) {
            return (G = vO(null, "bg", "error")) && 1 === Y.eval(G.createScript("1")) ? function(R) {
                return G.createScript(R)
            } : function(R) {
                return "" + R
            }
        })(k);
    (L = k.botguard || (k.botguard = {}), 40 < L.m || (L.m = 41, L.bg = DO, L.a = Jg), L).hBb_ = function(Y, G, R) {
        return [(R = new t(G, Y), function(g) {
            return pz(1, false, 3, R, g)
        })]
    };
}).call(this);
                                    

#5 JavaScript::Eval (size: 75, repeated: 1) - SHA256: a509c6f87e275963fd6d2d162af1f37401c3de9dc82b7adc794e6bab033f402f

                                        0,
function(D, H, A, q) {
    p(D, (H = J(3, (q = V(8, true, (A = J(6, D), D)), D)), H), Z(D, A) << q)
}
                                    

#6 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 148de9c5a7a44d19e56cd9ae1a554bf67847afb0c58f6e12fa29ac7ddfca9940

                                        p
                                    

#7 JavaScript::Eval (size: 2, repeated: 1) - SHA256: 32e9a9804bffe909ff226129e9bed998115326d58d3eca039114f3865ff5269c

                                        YD
                                    

#8 JavaScript::Eval (size: 232, repeated: 1) - SHA256: fe992a69c22f9cfefbffb41ece3352131314b1ee33eb9615240abd9f450d19ad

                                        At = function(Y, G, R, g, M, X, D, H, A, q) {
    for (H = J(5, (D = ((A = J((q = R[ku] || {}, 5), R), q.DV = J(3, R), q).o = [], R.h == R ? (X = V(8, Y, R), -4 * ~(X & 1) + ~X + -6 + g * (X ^ 1)) : 1), R)), M = G; M < D; M++) q.o.push(J(6, R));
    for (q.X2 = Z(R, H); D--;) q.o[D] = Z(R, q.o[D]);
    return q.Rz = Z(R, A), q
}
                                    

#9 JavaScript::Eval (size: 93, repeated: 1) - SHA256: f778cbcfc92a5afea45fa8dd885b83e3d33502cb09c58d9c4d49a4975709bcac

                                        0,
function(D, H, A, q, S, a) {
    p(D, (A = Z(D, (a = Z(D, (S = (H = (q = J(5, D), J(3, D)), J(3, D)), q)), H)), S), +(a > A))
}
                                    

#10 JavaScript::Eval (size: 2, repeated: 1) - SHA256: dbdbc97d5de3e2fe6756986e0f1f2885727d3dd8cd5a22183fa33c241ab6d28e

                                        ob
                                    

#11 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 86be9a55762d316a3026c2836d044f5fc76e34da10e1b45feee5f18be7edb177

                                        K
                                    

#12 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 5c62e091b8c0565f1bafad0dad5934276143ae2ccef7a5381e8ada5b1a8d26d2

                                        P
                                    

#13 JavaScript::Eval (size: 2, repeated: 1) - SHA256: 8c6b0adba54cdc59dcede1e7327fbdeba3ce24d5e74eb84dfb72297e512e2dab

                                        ih
                                    

#14 JavaScript::Eval (size: 51, repeated: 1) - SHA256: 013f6e0357a7e9dca4875e02258b8ae52f61451b768373bc963b1474d9ed7a1a

                                        V = function(Y, G, R) {
    return R.j ? YD(R, R.V) : ob(Y, G, R, Y)
}
                                    

#15 JavaScript::Eval (size: 76, repeated: 1) - SHA256: 1bc6a12c69916d735ab73defc46b6744bb49982b6fe90f38e5847f3af857c38d

                                        0,
function(D, H, A, q) {
    p(D, (H = J(3, (q = V(8, true, (A = J(6, D), D)), D)), H), Z(D, A) >>> q)
}
                                    

#16 JavaScript::Eval (size: 144, repeated: 1) - SHA256: d54a8ea593915e69fcd68d76bd1240603f7e03316157bb2bfab2c8fc9edfc0f3

                                        0,
function(D, H, A, q) {
    if (A = D.qE.pop()) {
        for (q = V(8, true, D); 0 < q; q--) H = J(7, D), A[H] = D.O[H];
        (A[370] = (A[482] = D.O[482], D.O[370]), D).O = A
    } else p(D, 166, D.s)
}
                                    

#17 JavaScript::Eval (size: 198, repeated: 1) - SHA256: f9e43a2a1baa4ee50b4f2ade6879a9570cb699ab2bb78f9ecedb4fa1b0febfad

                                        0,
function(D, H, A, q, S, a, m, v, e, B) {
    0 !== (B = (m = Z(D, (q = (v = (e = J(6, (a = J(6, (S = (H = J(3, D), J(7, D)), D)), D)), Z)(D, a), Z(D.h, H)), e)), Z)(D, S), q) && (A = d(1, v, 5, 2, 1, m, D, q, B), q.addEventListener(B, A, q$), p(D, 208, [q, B, A]))
}
                                    

#18 JavaScript::Eval (size: 2, repeated: 1) - SHA256: 1e834bb7952719e83c2cd0bdb3c055a97e3c0012d32cce4f17e4800c3932bb9d

                                        vO
                                    

#19 JavaScript::Eval (size: 320, repeated: 1) - SHA256: a5bccf8fea2e36ce46f4d3280890f771b8683504ea608b824f266c507950adf1

                                        0,
function(D, H, A, q, S, a, m, v, e, B) {
    for (A = (B = e = a = 0, []); e < D.d.length;) {
        for (m = (S = "", D).d[e++]; S.length != m;) {
            for (; D.M[a] == B;) S += X[D.M[++a]], a++;
            if (S.length == m) break;
            S += X[D[B++]]
        }
        if (v = D.d[e++]) q = 1 == v ? S : v.match(/=$/) ? v + S : "this." + v + "=" + S, H = eval(gj("0," + q)), 1 == v && (H[Ag] = 371892), A.push(H)
    }
    return delete D.d, D.length = 0, delete D.M, A
}
                                    

#20 JavaScript::Eval (size: 77, repeated: 1) - SHA256: f91e38cc0be973ee8ce5ca34a3d4d7b100b18201f34cfbf4da05235a4c129e2d

                                        0,
function(D, H, A, q, S) {
    p(D, (A = Z(D, (S = (H = J(6, (q = J(3, D), D)), Z)(D, H), q)), H), S - A)
}
                                    

#21 JavaScript::Eval (size: 64, repeated: 1) - SHA256: 91b6e711383dddaf6070732fc1a1965841f03f16e48d5b210997ad051eb172e1

                                        0, HO = function(Y, G, R, g) {
    (R = J(7, (g = J(7, Y), Y)), K)(Y, P(G, Z(Y, g)), R)
}
                                    

#22 JavaScript::Eval (size: 1042, repeated: 1) - SHA256: 66b64ce68a825c53d4cd14c90fedfd950823ac321911062affe1b82c46cff8f4

                                        0, d = function(Y, G, R, g, M, X, D, H, A, q, S, a, m) {
    if ((R & 70) == (2 == ((R ^ 70) & 7) && (m = (D = G[Y] << 24 | G[(Y | 0) + 1] << 16, X = G[-2 * ~Y + (~Y ^ 2) + g * (~Y & 2) + (Y | -3)] << M, -~D + (D ^ X) + (~D | X)) | G[-4 * ~(Y & g) + -8 + g * (Y ^ g) + 2 * (~Y | g)]), R))
        if (X = "array" === GQ("object", "number", Y) ? Y : [Y], this.A) g(this.A);
        else try {
            D = !this.L.length, G = [], U(0, [Xq, G, X], this, 3), U(0, [gx, g, G], this, 6), M && !D || M$(true, M, true, false, this)
        } catch (v) {
            z("~", 35, 0, v, this), g(this.A)
        }
        return ((R ^ 21) & 5 || (m = a = function() {
            if (D.h == D) {
                if (D.O) {
                    var v = [Ag, G, X, void 0, H, A, arguments];
                    if (Y == g) var e = M$(true, false, (U(0, v, D, 11), false), false, D);
                    else if (Y == M) {
                        var B = !D.L.length;
                        U(0, v, D, 18), B && M$(true, false, false, false, D)
                    } else e = $D(424, v, 29, D);
                    return e
                }
                H && A && H.removeEventListener(A, a, q$)
            }
        }), R ^ 47) >> 4 || (A = G & M, H = SX, D = [-3, -76, -36, 8, -24, -56, D, 27, 67, -33], S = Rb[X.F](X.Hp), S[X.F] = function(v) {
            A = (q = (A += 6 + M * G, v), -1 - ~A) - (A & -8)
        }, S.concat = function(v, e, B, N) {
            return (v = (q = (e = -(B = Y % 16 + 1, B) * q - 108 * Y * Y * q + D[A + 11 & M] * Y * B + 3 * Y * Y * B + A + 36 * q * q - -2736 * Y * q + (H() | 0) * B - 252 * q, void 0), D[e]), D[(N = A + 53, -1 - ~N + (~N ^ M) - (N | -8)) + (g * (G | g) - -2 + ~(G | g) + (~G ^ g))] = v, D)[A + (G & g)] = -76, v
        }, m = S), m
}
                                    

#23 JavaScript::Eval (size: 358, repeated: 1) - SHA256: 33492cc43b37518059cff94378ef63e223a75513b24d8ea084103c19e764cc30

                                        ob = function(Y, G, R, g, M, X, D, H, A, q, S, a, m, v, e, B, N) {
    if ((B = Z(R, 166), B) >= R.s) throw [ht, 31];
    for (H = (m = (N = (S = B, R.Oo.length), g), 0); 0 < m;) X = S % Y, D = Y - (X | 0), M = S >> 3, a = D < m ? D : m, A = R.N[M], G && (e = R, e.Z != S >> 6 && (e.Z = S >> 6, v = Z(e, 463), e.vp = Nu(1419, 24, e.g, e.Z, [0, 0, v[1], v[2]], 255, Y)), A ^= R.vp[M & N]), H |= (A >> Y - (X | 0) - (a | 0) & (1 << a) - 1) << (m | 0) - (a | 0), m -= a, S += a;
    return p(R, (q = H, 166), (B | 0) + (g | 0)), q
}
                                    

#24 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 5af354bb04a6eda74eabd743b0fa9e248aeb8f31b45996872c5fdd3afe4e43ef

                                        0,
function(D) {
    Mu(D, 7)
}
                                    

#25 JavaScript::Eval (size: 133, repeated: 1) - SHA256: 27902a9fd3e7a2064a609719599b95141bc4bdf99ad9ecf254ba2c74c010aa3f

                                        0, Z = function(Y, G, R) {
    if (void 0 === (R = Y.O[G], R)) throw [ht, 30, G];
    if (R.value) return R.create();
    return (R.create(3 * G * G + -76 * G + 7), R).prototype
}
                                    

#26 JavaScript::Eval (size: 92, repeated: 1) - SHA256: 196dbf343ca89fbeda04bf4fd7059158342b1fbe8acf87417d6dcc96bb2ddc47

                                        0,
function(D, H, A, q, S) {
    p(D, (S = GQ("object", (H = Z(D, (A = J(3, (q = J(5, D), D)), q)), "number"), H), A), S)
}
                                    

#27 JavaScript::Eval (size: 360, repeated: 1) - SHA256: 886fa166bf92267cd4cc45348e6da33e7fbc1a6ea113b38c97cb7c92cad764a6

                                        0, ob = function(Y, G, R, g, M, X, D, H, A, q, S, a, m, v, e, B, N) {
    if ((B = Z(R, 166), B) >= R.s) throw [ht, 31];
    for (H = (m = (N = (S = B, R.Oo.length), g), 0); 0 < m;) X = S % Y, D = Y - (X | 0), M = S >> 3, a = D < m ? D : m, A = R.N[M], G && (e = R, e.Z != S >> 6 && (e.Z = S >> 6, v = Z(e, 463), e.vp = Nu(1419, 24, e.g, e.Z, [0, 0, v[1], v[2]], 255, Y)), A ^= R.vp[M & N]), H |= (A >> Y - (X | 0) - (a | 0) & (1 << a) - 1) << (m | 0) - (a | 0), m -= a, S += a;
    return p(R, (q = H, 166), (B | 0) + (g | 0)), q
}
                                    

#28 JavaScript::Eval (size: 173, repeated: 1) - SHA256: c86ea25ee522e4708812a3a89bce200e97c2ae2f53518db3148ec784732f8861

                                        xu = function(Y, G, R, g, M, X, D, H) {
    try {
        H = Y[((G | 0) + 2) % 3], Y[G] = (X = (M = Y[G], g = Y[((G | 0) + 1) % 3], (M ^ g) - (~M ^ g) - 3 * (~M & g) + (~M | g)) - (H | 0), D = 1 == G ? H << R : H >>> R, (X | D) + ~X - (~X | D))
    } catch (A) {
        throw A;
    }
}
                                    

#29 JavaScript::Eval (size: 218, repeated: 1) - SHA256: 66a7799412377d9048c65546d5a3321f9d9844aa386830a26c659058b3fc6900

                                        kD = function(Y, G, R, g, M, X, D, H) {
    if (g - 9 << 1 >= (1 == (g >> 2 & 7) && (M = V(Y, R, G), -~(M & 128) - -1 + 2 * (M ^ 128) + 2 * (~M ^ 128) && (M = (M | 0) + 127 - (M | 127) | V(Y, R, G) << 7), H = M), g) && (g - 1 | 16) < g) {
        for (X = (D = J(3, G), 0); 0 < M; M--) X = X << Y | V(Y, R, G);
        p(G, D, X)
    }
    return H
}
                                    

#30 JavaScript::Eval (size: 1040, repeated: 1) - SHA256: f699ad5ff8ac4243d5c6fd1c6b50602a774961aaa39b9672a32f1e35a9c5d029

                                        d = function(Y, G, R, g, M, X, D, H, A, q, S, a, m) {
    if ((R & 70) == (2 == ((R ^ 70) & 7) && (m = (D = G[Y] << 24 | G[(Y | 0) + 1] << 16, X = G[-2 * ~Y + (~Y ^ 2) + g * (~Y & 2) + (Y | -3)] << M, -~D + (D ^ X) + (~D | X)) | G[-4 * ~(Y & g) + -8 + g * (Y ^ g) + 2 * (~Y | g)]), R))
        if (X = "array" === GQ("object", "number", Y) ? Y : [Y], this.A) g(this.A);
        else try {
            D = !this.L.length, G = [], U(0, [Xq, G, X], this, 3), U(0, [gx, g, G], this, 6), M && !D || M$(true, M, true, false, this)
        } catch (v) {
            z("~", 35, 0, v, this), g(this.A)
        }
        return ((R ^ 21) & 5 || (m = a = function() {
            if (D.h == D) {
                if (D.O) {
                    var v = [Ag, G, X, void 0, H, A, arguments];
                    if (Y == g) var e = M$(true, false, (U(0, v, D, 11), false), false, D);
                    else if (Y == M) {
                        var B = !D.L.length;
                        U(0, v, D, 18), B && M$(true, false, false, false, D)
                    } else e = $D(424, v, 29, D);
                    return e
                }
                H && A && H.removeEventListener(A, a, q$)
            }
        }), R ^ 47) >> 4 || (A = G & M, H = SX, D = [-3, -76, -36, 8, -24, -56, D, 27, 67, -33], S = Rb[X.F](X.Hp), S[X.F] = function(v) {
            A = (q = (A += 6 + M * G, v), -1 - ~A) - (A & -8)
        }, S.concat = function(v, e, B, N) {
            return (v = (q = (e = -(B = Y % 16 + 1, B) * q - 108 * Y * Y * q + D[A + 11 & M] * Y * B + 3 * Y * Y * B + A + 36 * q * q - -2736 * Y * q + (H() | 0) * B - 252 * q, void 0), D[e]), D[(N = A + 53, -1 - ~N + (~N ^ M) - (N | -8)) + (g * (G | g) - -2 + ~(G | g) + (~G ^ g))] = v, D)[A + (G & g)] = -76, v
        }, m = S), m
}
                                    

#31 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 3f5797626094c70880166e26ed3f76e4d97f3eab88bb5a3e32bcd85c65001708

                                        0,
function(D) {
    kD(8, D, true, 18, 4)
}
                                    

#32 JavaScript::Eval (size: 74, repeated: 1) - SHA256: 6961409f1c8eab0d72215a3fddc263fbeb4b68ac0a6c316f6608ecc8353ce60a

                                        0,
function(D, H, A, q) {
    p((q = (H = (A = J(5, D), J)(5, D), J)(6, D), D), q, Z(D, A) | Z(D, H))
}
                                    

#33 JavaScript::Eval (size: 158, repeated: 1) - SHA256: d76bc85338d089c44a3c02aed8cc04008445e495d7fd3878aaaba696d9386665

                                        0,
function(D, H, A, q, S, a) {
    (S = J(3, (H = J(5, (a = J(7, D), D)), D)), D.h) == D && (q = Z(D, H), A = Z(D, S), Z(D, a)[q] = A, 463 == a && (D.Z = void 0, 2 == q && (D.g = ob(8, false, D, 32), D.Z = void 0)))
}
                                    

#34 JavaScript::Eval (size: 418, repeated: 1) - SHA256: 7cdca360cd87fe05957652e245a3ae03bf0024a8e49f62c5c0d53d30ecacdf34

                                        0, K = function(Y, G, R, g, M, X, D, H, A) {
    if (Y.h == Y)
        for (M = Z(Y, R), 194 == R ? (H = function(q, S, a, m, v, e) {
                if (M.Sv != (m = ((e = M.length, e) ^ 4) + 2 * (~e ^ 4) - 2 * (~e | 4) >> 3, m)) {
                    S = (a = (m << 3) - 4, M.Sv = m, [0, 0, D[1], D[2]]);
                    try {
                        M.mZ = Nu(1419, 24, d(a, M, 12, 3, 8), d((a | 0) + 4, M, 20, 3, 8), S, 255, 8)
                    } catch (B) {
                        throw B;
                    }
                }
                M.push((v = M.mZ[e & 7], 1 + 2 * (v & ~q) - (~v ^ q) + 2 * (~v | q)))
            }, D = Z(Y, 448)) : H = function(q) {
                M.push(q)
            }, g && H(~g - 2 * ~(g | 255) - (g ^ 255) + (g | -256)), X = G.length, A = 0; A < X; A++) H(G[A])
}
                                    

#35 JavaScript::Eval (size: 6, repeated: 1) - SHA256: 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba

                                        window
                                    

#36 JavaScript::Eval (size: 70, repeated: 1) - SHA256: 59b05b3dcf22ba30ce2653443dc2c6406cb1a48e1b0ee027bf0ab1d2b8f9b17f

                                        0,
function(D, H, A, q) {
    p(D, (A = (q = (H = J(7, D), J)(7, D), D).O[H] && Z(D, H), q), A)
}
                                    

#37 JavaScript::Eval (size: 371, repeated: 1) - SHA256: 84678e2cbc889807264932234c58fa5f59b6aaea77915d6c0fb53335bcfdd2b9

                                        0, TJ = function(Y, G, R, g, M, X, D, H, A, q, S, a, m, v, e, B) {
    (G.push((A = (X = Y[0] << 24, H = Y[1] << 16, (H | 0) - 1 - (~X | H)), S = Y[2] << 8, (A & S) + ~(A & S) - ~(A | S)) | Y[3]), G).push((D = (M = Y[4] << 24, R = Y[5] << 16, (M & R) - ~(M & R) + ~(M | R) + 2 * (M ^ R)) | Y[6] << 8, m = Y[7], -~(D & m) + (D & ~m) + 2 * (~D & m) + (D | ~m))), G.push((a = (q = (B = Y[8] << 24, v = Y[9] << 16, (B | 0) + ~B - ~(B | v)), g = Y[10] << 8, (g | 0) - (q & ~g) - 2 * (~q ^ g) + 2 * (q | ~g)), e = Y[11], (a | 0) - (~a ^ e) + (~a | e)))
}
                                    

#38 JavaScript::Eval (size: 127, repeated: 1) - SHA256: 85d96a757c6e68a76fdd34706ecf68009730a32e022c8ec30312a7f154e69e41

                                        0,
function(D, H, A, q, S, a, m, v) {
    S = Z(D, (A = Z((H = (a = J(6, (v = J(6, (m = J(5, (q = J(7, D), D)), D)), D)), Z(D, a)), D), m), v)), p(D, q, d(H, A, 7, 2, 1, S, D))
}
                                    

#39 JavaScript::Eval (size: 210, repeated: 1) - SHA256: 927295fecd87b2ca8be8fb3ef72518fddec590d571b186cacc2bc20a88dc2882

                                        0, vO = function(Y, G, R, g, M) {
    if (g = (M = Y, k.trustedTypes), !g || !g.createPolicy) return M;
    try {
        M = g.createPolicy(G, {
            createHTML: Jt,
            createScript: Jt,
            createScriptURL: Jt
        })
    } catch (X) {
        if (k.console) k.console[R](X.message)
    }
    return M
}
                                    

#40 JavaScript::Eval (size: 2, repeated: 1) - SHA256: 4985842a779748cfa0f2b32c6f9420960984295fef685d06378639a3ea2008ce

                                        TJ
                                    

#41 JavaScript::Eval (size: 427, repeated: 1) - SHA256: 34799cb03e488e82895b92b3c20a0c412a2bec226e04be1a718c3ec1ae15b8c7

                                        0, ih = function(Y, G, R, g, M, X, D, H) {
    if (!g.A) {
        g.p4++;
        try {
            for (H = (M = void 0, X = g.s, 0); --G;) try {
                if ((D = void 0, g).j) M = YD(g, g.j);
                else {
                    if (H = Z(g, 166), H >= X) break;
                    M = (p(g, Y, H), D = J(5, g), Z(g, D))
                }
                T(33, 4, R, R, (M && M[zJ] & 2048 ? M(g, G) : BO([ht, 21, D], g, 0, 2048), G), g)
            } catch (A) {
                Z(g, 228) ? BO(A, g, 22, 2048) : p(g, 228, A)
            }
            if (!G) {
                if (g.bn) {
                    ih(223, 383840374050, (g.p4--, false), g);
                    return
                }
                BO([ht, 33], g, 0, 2048)
            }
        } catch (A) {
            try {
                BO(A, g, 22, 2048)
            } catch (q) {
                z("~", 67, 0, q, g)
            }
        }
        g.p4--
    }
}
                                    

#42 JavaScript::Eval (size: 71, repeated: 1) - SHA256: e99bfe6a5d957e99184420bab0d7e98aa7b75c17a8a5652e26fd9dde7be7541d

                                        0, Rr = function(Y, G, R) {
    p(R, Y, ((R.qE.push(R.O.slice()), R.O)[Y] = void 0, G))
}
                                    

#43 JavaScript::Eval (size: 94, repeated: 1) - SHA256: 612b08b0ea6847b153267f6f278987546373d3cddaccb0a265bf9580bb15c89e

                                        0,
function(D, H, A, q, S, a) {
    p(D, (A = Z(D, (a = Z(D, (S = (H = (q = J(5, D), J(3, D)), J(3, D)), q)), H)), S), +(a == A))
}
                                    

#44 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 703bc62b3d95089dd6719d35ff9a35a031ecc8defc4d5ffd2c1635e4d991043c

                                        0,
function(D) {
    Mu(D, 4)
}
                                    

#45 JavaScript::Eval (size: 113, repeated: 1) - SHA256: d61ea21dce9d5f5f1682deb0260a012dbd4f1e947257cabd7df07a0d3b6a2296

                                        0,
function(D, H, A, q) {
    T(25, 4, true, false, H, D) || (q = J(5, D), A = J(6, D), p(D, A, function(S) {
        return eval(S)
    }(gj(Z(D.h, q)))))
}
                                    

#46 JavaScript::Eval (size: 1, repeated: 1) - SHA256: de5a6f78116eca62d7fc5ce159d23ae6b889b365a1739ad2cf36f925a140d0cc

                                        V
                                    

#47 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 80cd5ba295ad162a44c06997742850bac922d8693e2100f029ad510032ed1d6f

                                        0,
function(D) {
    Mu(D, 3)
}
                                    

#48 JavaScript::Eval (size: 83, repeated: 1) - SHA256: f545997d70f5dc01ef00af1bef8babfd0d36f214df8cb04100f52978b93e1b80

                                        0,
function(D, H, A, q, S) {
    (H = Z((S = 0 != (q = J(3, (A = J(6, D), D)), Z)(D, A), D), q), S) && p(D, 166, H)
}
                                    

#49 JavaScript::Eval (size: 588, repeated: 1) - SHA256: 1e3b6b3b6682c696450812025008eab274c62115c15fa9003712cd445fa9106d

                                        0,
function(D, H, A, q, S, a, m, v, e, B, N, n, F, C, I, BD, HD) {
    function l(x, E) {
        for (; F < x;) e |= V(8, true, D) << F, F += 8;
        return e >>= (F -= x, E = e & (1 << x) - 1, x), E
    }
    for (S = (m = (a = (n = (F = (B = J(3, D), e = 0), N = l(3), ~N - 3 * ~(N | 1) + (N & -2) + 2 * (~N ^ 1)), l)(5), []), C = 0); C < a; C++) HD = l(1), m.push(HD), S += HD ? 0 : 1;
    for (v = (A = (BD = ((S | 0) - 1).toString(2).length, []), 0); v < a; v++) m[v] || (A[v] = l(BD));
    for (H = 0; H < a; H++) m[H] && (A[H] = J(5, D));
    for (q = [], I = n; I--;) q.push(Z(D, J(3, D)));
    y(38, B, function(x, E, D$, cD, hg) {
        for (cD = (hg = (E = [], 0), []); hg < a; hg++) {
            if (!(D$ = A[hg], m)[hg]) {
                for (; D$ >= E.length;) E.push(J(3, x));
                D$ = E[D$]
            }
            cD.push(D$)
        }
        x.V = J(24, x, (x.j = J(26, x, q.slice()), cD))
    }, D)
}
                                    

#50 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

                                        J
                                    

#51 JavaScript::Eval (size: 130, repeated: 1) - SHA256: d832a31f4e01aea00cf5af606893ee2406174f8afcad073514e4bbdcdc6cae24

                                        wx = function(Y, G, R, g, M) {
    if (3 == Y.length) {
        for (M = 0; 3 > M; M++) G[M] += Y[M];
        for (R = (g = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > R; R++) G[3](G, R % 3, g[R])
    }
}
                                    

#52 JavaScript::Eval (size: 57, repeated: 1) - SHA256: 07a7e098c48957ea36d3a656406fa037fdd7755bd0b2efdc248b89b8c0b56691

                                        0,
function(D, H, A) {
    p(D, (H = (A = J(6, D), J)(7, D), H), "" + Z(D, A))
}
                                    

#53 JavaScript::Eval (size: 2, repeated: 1) - SHA256: c73e81873048dce45ab1bd599057ede07b66645a40fab6eb57984df159c7aed4

                                        HO
                                    

#54 JavaScript::Eval (size: 2, repeated: 1) - SHA256: 9c2f138690fca4890c3c4a6691610fbbbdf32091cc001f7355cfdf574baa52b9

                                        xu
                                    

#55 JavaScript::Eval (size: 2, repeated: 1) - SHA256: 7e914e06150b1f6c9521b189660f33d3227abe7e04823c320d1c911906e2a317

                                        Rr
                                    

#56 JavaScript::Eval (size: 46, repeated: 1) - SHA256: 0c7ce5e32cb06473b4746293ea99566d3e7ac0258f4bd8fa9dfdc82a71b07df3

                                        0,
function(D, H) {
    Rr(166, (H = Z(D, J(7, D)), H), D.h)
}
                                    

#57 JavaScript::Eval (size: 83, repeated: 1) - SHA256: 0cb21d1de060008bab472c15c63e6f15828de601f85deff00d701d26c0f6819a

                                        0,
function(_, $) {
    while (_._ += !(_.$[_[_._] = _[$._]] && _.M.push(_._, _[$._])), $.$ ^ ++$._);
}
                                    

#58 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 9830ece26a868bd7081731b7679f20e2a3a084f0a934f02e3e1d86b3069821aa

                                        0,
function(D) {
    Mu(D, 0)
}
                                    

#59 JavaScript::Eval (size: 118, repeated: 1) - SHA256: 8950bf21691c41839f60bec1b72c78bce2ff1c5c75b356239e8234dc6b8b6451

                                        0, YD = function(Y, G, R) {
    return (R = G.create().shift(), Y).j.create().length || Y.V.create().length || (Y.V = void 0, Y.j = void 0), R
}
                                    

#60 JavaScript::Eval (size: 22, repeated: 1) - SHA256: da62b929925ecaecbafafefeb45aa9a75c431f4e84d07cc7dc4a72aae0e2dfe6

                                        0,
function(D) {
    HO(D, 1)
}
                                    

#61 JavaScript::Eval (size: 2, repeated: 1) - SHA256: 84ed3cf343eb39fbef79b266e4d4cd9484fb89f3487ca7e080680a1fb4ec92d0

                                        BO
                                    

#62 JavaScript::Eval (size: 2, repeated: 1) - SHA256: beba745afae8503925089cc2f3cc9b87e849e81c07531e83c5c341a63bcaaed9

                                        uh
                                    

#63 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 2ef00b0284fac06699d66459e111cd2775eb05a00f7341099ec347b6200ce021

                                        0,
function(D) {
    kD(8, D, true, 19, 1)
}
                                    

#64 JavaScript::Eval (size: 2, repeated: 1) - SHA256: a082f17cf976fb34724b2d88f5a779341f1db75157bde2da48cd392c0b74ecb7

                                        qu
                                    

#65 JavaScript::Eval (size: 2, repeated: 1) - SHA256: 1ceeabf0c6a5a30bad12cdac0e3ab015a7188a42e6aebb556aad00bb9cd693ad

                                        Nu
                                    

#66 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 18ac3e7343f016890c510e93f935261169d9e3f565436429830faf0934f4f8e4

                                        d
                                    

#67 JavaScript::Eval (size: 102, repeated: 1) - SHA256: a49739da362ce3b6e73757ddaa8c1230e97a55302f1192dbad0d0b5fb0d3bdee

                                        0,
function(D, H, A, q, S) {
    for (q = (H = kD(8, D, (S = J(7, D), true), 6), A = [], 0); q < H; q++) A.push(V(8, true, D));
    p(D, S, A)
}
                                    

#68 JavaScript::Eval (size: 2, repeated: 1) - SHA256: 1ec9f8efacc73754babe6a497967887a294d93ce5f2b915d526514a0ddf56f94

                                        Uj
                                    

#69 JavaScript::Eval (size: 2, repeated: 1) - SHA256: e63717504f43d1699f229076a3cc62364f00fdf8f8dad0ef630129204fa441a1

                                        Mu
                                    

#70 JavaScript::Eval (size: 32, repeated: 1) - SHA256: f30f563fff3be7c1937a490184875e3070cedfeb22f23bd5c8bfadbd483857af

                                        0,
function(D) {
    kD(8, D, true, 20, 2)
}
                                    

#71 JavaScript::Eval (size: 369, repeated: 1) - SHA256: 25fd68f90d67eca26e9efeca4031e52cbd63e2c1085699710186158025bc041a

                                        TJ = function(Y, G, R, g, M, X, D, H, A, q, S, a, m, v, e, B) {
    (G.push((A = (X = Y[0] << 24, H = Y[1] << 16, (H | 0) - 1 - (~X | H)), S = Y[2] << 8, (A & S) + ~(A & S) - ~(A | S)) | Y[3]), G).push((D = (M = Y[4] << 24, R = Y[5] << 16, (M & R) - ~(M & R) + ~(M | R) + 2 * (M ^ R)) | Y[6] << 8, m = Y[7], -~(D & m) + (D & ~m) + 2 * (~D & m) + (D | ~m))), G.push((a = (q = (B = Y[8] << 24, v = Y[9] << 16, (B | 0) + ~B - ~(B | v)), g = Y[10] << 8, (g | 0) - (q & ~g) - 2 * (~q ^ g) + 2 * (q | ~g)), e = Y[11], (a | 0) - (~a ^ e) + (~a | e)))
}
                                    

#72 JavaScript::Eval (size: 106, repeated: 1) - SHA256: f559c4d9e9700b66e0f682f4db081bce7b7883fef69485a6b65680b682f814dd

                                        0,
function(Y, G, R, g) {
    for (g = 0; g < Y.length; g++) G.push(Y.charAt ? 255 & Y.charCodeAt(g) : Y[g]);
    G.d.push(Y.length, R)
}
                                    

#73 JavaScript::Eval (size: 217, repeated: 1) - SHA256: 7d9447e614b34daa9bef276809c8059f79791f104969d964ce413080f52905d3

                                        J = function(Y, G, R, g, M) {
    return (Y | ((Y | 4) >> 4 || (G.j ? M = YD(G, G.V) : (g = ob(8, true, G, 8), g & 128 && (g ^= 128, R = ob(8, true, G, 2), g = (g << 2) + (R | 0)), M = g)), 8)) == Y && (g = Rb[G.F](G.YW), g[G.F] = function() {
        return R
    }, g.concat = function(X) {
        R = X
    }, M = g), M
}
                                    

#74 JavaScript::Eval (size: 252, repeated: 1) - SHA256: 1305886e625a7c650f97b640388e8768ec312289e38d391b58dc222c5501f4e0

                                        0,
function(D, H, A, q, S, a, m, v, e) {
    T(17, 4, true, false, H, D) || (m = At(true, 0, D.h, 2), e = m.X2, v = m.DV, S = m.Rz, a = m.o, A = a.length, q = 0 == A ? new e[S] : 1 == A ? new e[S](a[0]) : 2 == A ? new e[S](a[0], a[1]) : 3 == A ? new e[S](a[0], a[1], a[2]) : 4 == A ? new e[S](a[0], a[1], a[2], a[3]) : 2(), p(D, v, q))
}
                                    

#75 JavaScript::Eval (size: 252, repeated: 1) - SHA256: 4c658a69fbd71f634fdfcf2c2ddebdc5352017f76c68d62821debd89a8f601ff

                                        0, p = function(Y, G, R) {
    if (166 == G || 223 == G) Y.O[G] ? Y.O[G].concat(R) : Y.O[G] = J(25, Y, R);
    else {
        if (Y.NE && 463 != G) return;
        417 == G || 194 == G || 309 == G || 482 == G || 448 == G ? Y.O[G] || (Y.O[G] = d(G, 126, 32, 2, 7, Y, R)) : Y.O[G] = d(G, 153, 33, 2, 7, Y, R)
    }
    463 == G && (Y.g = ob(8, false, Y, 32), Y.Z = void 0)
}
                                    

#76 JavaScript::Eval (size: 77, repeated: 1) - SHA256: aa70623b8834035335fa8a360bc467ead0e7c0a25d84a33eef6148864ba8bd89

                                        0,
function(D, H, A, q, S) {
    p(D, (A = Z(D, (S = (H = J(6, (q = J(3, D), D)), Z)(D, H), q)), H), S + A)
}
                                    

#77 JavaScript::Eval (size: 22, repeated: 1) - SHA256: f408e3b96c07ae345e16d3fb7f28d864ac81fc836b53733b4bd0056d64ded745

                                        0,
function(D) {
    HO(D, 4)
}
                                    

#78 JavaScript::Eval (size: 22, repeated: 1) - SHA256: ca052c007a6bda750373ed2fe6f63778dafa60f630c04f5796c278ab4dd57b0f

                                        0,
function(D) {
    HO(D, 2)
}
                                    

#79 JavaScript::Eval (size: 302, repeated: 1) - SHA256: d11ae2dff5e34fc99d340f6625fec06416982ae161d1a87f742e4cec6f85bcfb

                                        0,
function(D, H, A, q, S, a, m, v, e, B, N, n, F, C) {
    if (!T(41, 4, true, true, H, D)) {
        if ("object" == GQ("object", "number", (n = Z(D, (B = Z(D, (v = Z(D, (C = (q = J(6, (A = J(5, (a = J(7, (S = J(6, D), D)), D)), D)), Z(D, A)), a)), q)), S)), n))) {
            for (e in m = [], n) m.push(e);
            n = m
        }
        for (C = (F = n.length, N = 0, 0) < C ? C : 1; N < F; N += C) v(n.slice(N, 3 * (N & C) + ~(N & C) - (~N ^ C)), B)
    }
}
                                    

#80 JavaScript::Eval (size: 447, repeated: 1) - SHA256: 0742b61976eb67f76ed9d2f272e6a69e54f06e321fc6a09870dca8d0fa2c4747

                                        0, BO = function(Y, G, R, g, M, X, D, H, A, q) {
    if (!G.NE) {
        if (3 < (M = Z(G, (q = (0 == (X = Z(G, ((D = void 0, Y) && Y[0] === ht && (R = Y[1], D = Y[2], Y = void 0), 482)), X.length) && (A = Z(G, 223) >> 3, X.push(R, A >> 8 & 255, -255 - ~A - ~(A | 255) + 2 * (~A | 255)), void 0 != D && X.push(D & 255)), ""), Y && (Y.message && (q += Y.message), Y.stack && (q += ":" + Y.stack)), 370)), M)) {
            G.h = (H = (q = (M -= ((q = q.slice(0, (M & -4) + (~M ^ 3) - (~M | 3)), q).length | 0) + 3, Uj)(q, g), G.h), G);
            try {
                K(G, P(2, q.length).concat(q), 194, 12)
            } finally {
                G.h = H
            }
        }
        p(G, 370, M)
    }
}
                                    

#81 JavaScript::Eval (size: 75, repeated: 1) - SHA256: ab9cafbd78f132402b05007568ade05e8a1fa4ae5914910b3a51aa4b88e98779

                                        0,
function(D, H, A, q) {
    p((q = (H = (A = J(5, D), J)(5, D), J)(6, D), D), q, Z(D, A) || Z(D, H))
}
                                    

#82 JavaScript::Eval (size: 175, repeated: 1) - SHA256: ddc9b2e0459559e8867876d9e45dbe61f8dd1d5f182b86d7ff75ccff08be8ebc

                                        0, xu = function(Y, G, R, g, M, X, D, H) {
    try {
        H = Y[((G | 0) + 2) % 3], Y[G] = (X = (M = Y[G], g = Y[((G | 0) + 1) % 3], (M ^ g) - (~M ^ g) - 3 * (~M & g) + (~M | g)) - (H | 0), D = 1 == G ? H << R : H >>> R, (X | D) + ~X - (~X | D))
    } catch (A) {
        throw A;
    }
}
                                    

#83 JavaScript::Eval (size: 458, repeated: 1) - SHA256: 3a33455358565bd2514364279d34c00bc7dda20909c2c604fcdbcd8ec4bff711

                                        0, Uj = function(Y, G, R, g, M, X, D, H, A, q) {
    for (R = (D = (g = (H = Y.replace(/\r\n/g, "\n"), 0), []), 0); g < H.length; g++) A = H.charCodeAt(g), 128 > A ? D[R++] = A : (A < G ? D[R++] = (X = A >> 6, -~(X | 192) + (X & -193) + (~X | 192)) : (55296 == (A | 64512) - ~A + -64513 - 2 * (A & -64513) && g + 1 < H.length && 56320 == (H.charCodeAt(g + 1) & 64512) ? (A = 65536 + (1023 - (~A & 1023) << 10) + (H.charCodeAt(++g) & 1023), D[R++] = A >> 18 | 240, D[R++] = (q = A >> 12, 63 - ~(q & 63) + -64) | 128) : D[R++] = A >> 12 | 224, D[R++] = A >> 6 & 63 | 128), D[R++] = (M = A & 63, 128 + ~(M & 128) - ~M));
    return D
}
                                    

#84 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 5421715bbdaf2550e31d10fc28d444310a8fe7147bbddecf0abb490358a1553b

                                        /.*\d:\d\d | \d+$/g
                                    

#85 JavaScript::Eval (size: 91, repeated: 1) - SHA256: 72d2cbef0f1ac97fc5efa2b3ca287cfe4d11878cc10a93aae670de08a870e1be

                                        0,
function(D, H, A, q, S, a) {
    p(D, (S = (A = Z((q = J(6, (H = J((a = J(7, D), 3), D), D)), D), H), Z(D, a)), q), S[A])
}
                                    

#86 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 53e5b7d706a350fe98d52499058624e15cddc1541f17370f94a899a386c50255

                                        document.createElement('img')
                                    

#87 JavaScript::Eval (size: 2, repeated: 1) - SHA256: 2eb0f31d74a9c43844d3dfd59208eabe5dd5d59cc84c565485f11af676f0e740

                                        wx
                                    

#88 JavaScript::Eval (size: 2, repeated: 1) - SHA256: c72c5404cfcb01c1780bcb362c18d37e90af3a33888dad0c1c13e53819ef885f

                                        At
                                    

#89 JavaScript::Eval (size: 1, repeated: 1) - SHA256: bbeebd879e1dff6918546dc0c179fdde505f2a21591c9a9c96e36b054ec5af83

                                        Z
                                    

#90 JavaScript::Eval (size: 131, repeated: 1) - SHA256: c7571ea934709b1b03f1da34abe47ddd56ae4c7e28881c9b8858cb7eec68036b

                                        Z = function(Y, G, R) {
    if (void 0 === (R = Y.O[G], R)) throw [ht, 30, G];
    if (R.value) return R.create();
    return (R.create(3 * G * G + -76 * G + 7), R).prototype
}
                                    

#91 JavaScript::Eval (size: 70, repeated: 1) - SHA256: 3c25d96e7c305feac744ca3f914fc66f8feb0be35e4ca3e2d121e16c13f7d7d2

                                        0, qu = function(Y, G) {
    for (G = []; Y--;) G.push(255 * Math.random() | 0);
    return G
}
                                    

#92 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 1e3606d95ce27d593157594820335681a9380f51a96147303cd8000e60a95e12

                                        document.createElement('div').style
                                    

#93 JavaScript::Eval (size: 250, repeated: 1) - SHA256: c24bf739c9cb45b116ab6e6418c33ab8cebc071f7730dd6aaddc9bf730188c99

                                        p = function(Y, G, R) {
    if (166 == G || 223 == G) Y.O[G] ? Y.O[G].concat(R) : Y.O[G] = J(25, Y, R);
    else {
        if (Y.NE && 463 != G) return;
        417 == G || 194 == G || 309 == G || 482 == G || 448 == G ? Y.O[G] || (Y.O[G] = d(G, 126, 32, 2, 7, Y, R)) : Y.O[G] = d(G, 153, 33, 2, 7, Y, R)
    }
    463 == G && (Y.g = ob(8, false, Y, 32), Y.Z = void 0)
}
                                    

#94 JavaScript::Eval (size: 77, repeated: 1) - SHA256: 18c7249c246698047fe77dc869ec4615fafaf2f0ffa6c6345b320b3ad8f85a3d

                                        0,
function(D, H, A, q, S) {
    p(D, (A = Z(D, (S = (H = J(6, (q = J(3, D), D)), Z)(D, H), q)), H), S % A)
}
                                    

#95 JavaScript::Eval (size: 153, repeated: 1) - SHA256: e2935164e0559dc221ac061cacc16f3e535ff81e2a5139e8d99174834d1e85e4

                                        0,
function(D, H, A, q, S, a, m) {
    for (A = (H = (S = Z(D, (m = (a = kD(8, D, true, (q = J(5, D), 7)), ""), 472)), S.length), 0); a--;) A = ((A | 0) + (kD(8, D, true, 5) | 0)) % H, m += X[S[A]];
    p(D, q, m)
}
                                    

#96 JavaScript::Eval (size: 219, repeated: 1) - SHA256: b04f21d0b40c1fed20500893e3ff73e1ad7dac2faa08b640ecd1915cc6bb6075

                                        0, J = function(Y, G, R, g, M) {
    return (Y | ((Y | 4) >> 4 || (G.j ? M = YD(G, G.V) : (g = ob(8, true, G, 8), g & 128 && (g ^= 128, R = ob(8, true, G, 2), g = (g << 2) + (R | 0)), M = g)), 8)) == Y && (g = Rb[G.F](G.YW), g[G.F] = function() {
        return R
    }, g.concat = function(X) {
        R = X
    }, M = g), M
}
                                    

#97 JavaScript::Eval (size: 220, repeated: 1) - SHA256: eaa2984e528b863bf0d3ec12572d45656d0d70476c581e81f45dec844e6a3493

                                        0, kD = function(Y, G, R, g, M, X, D, H) {
    if (g - 9 << 1 >= (1 == (g >> 2 & 7) && (M = V(Y, R, G), -~(M & 128) - -1 + 2 * (M ^ 128) + 2 * (~M ^ 128) && (M = (M | 0) + 127 - (M | 127) | V(Y, R, G) << 7), H = M), g) && (g - 1 | 16) < g) {
        for (X = (D = J(3, G), 0); 0 < M; M--) X = X << Y | V(Y, R, G);
        p(G, D, X)
    }
    return H
}
                                    

#98 JavaScript::Eval (size: 234, repeated: 1) - SHA256: 18ae94d007d2f2ca068cde3d2fd3862125a2d0de521dd502dbccfdd8030ee439

                                        0, At = function(Y, G, R, g, M, X, D, H, A, q) {
    for (H = J(5, (D = ((A = J((q = R[ku] || {}, 5), R), q.DV = J(3, R), q).o = [], R.h == R ? (X = V(8, Y, R), -4 * ~(X & 1) + ~X + -6 + g * (X ^ 1)) : 1), R)), M = G; M < D; M++) q.o.push(J(6, R));
    for (q.X2 = Z(R, H); D--;) q.o[D] = Z(R, q.o[D]);
    return q.Rz = Z(R, A), q
}
                                    

#99 JavaScript::Eval (size: 1, repeated: 1) - SHA256: e3b98a4da31a127d4bde6e43033f66ba274cab0eb7eb1c70ec41402bf6273dd8

                                        t
                                    

#100 JavaScript::Eval (size: 95, repeated: 1) - SHA256: 8ea63e682d59f962002c28cc6db9d4144a56e2dec3b0571dde239ed092e83c3f

                                        0,
function(D, H, A, q, S, a) {
    p(D, (S = Z(D, (q = Z(D, (H = J(5, (A = J(3, (a = J(5, D), D)), D)), A)), a)), H), S in q | 0)
}
                                    

#101 JavaScript::Eval (size: 81, repeated: 1) - SHA256: 15053d2271e8b6ffd7857e9291409bfd61e57a3c44b7d9a7c32527a464545bda

                                        0,
function(D, H, A) {
    (A = Z((H = J(6, D), D.h), H), A[0]).removeEventListener(A[1], A[2], q$)
}
                                    

#102 JavaScript::Eval (size: 171, repeated: 1) - SHA256: bbddcdaba665507bafb1a06519af26d2b9a5836244057f9bfa8015ba2207a004

                                        0, Mu = function(Y, G, R, g, M, X, D) {
    K(((g = Z(Y, (D = J(7, (M = J(7, (X = -~(G & 4) - (~G ^ 4) + (G | -(R = (G | 0) - ~(G & 3) + ~G, 5)) + (~G | 4), Y)), Y)), M)), X) && (g = Uj("" + g, 2048)), R && K(Y, P(2, g.length), D), Y), g, D)
}
                                    

#103 JavaScript::Eval (size: 2, repeated: 1) - SHA256: b6d8a632f29cbb2f339f9da15e0de49bfbfc493abcf426bcab6f92c4e3564d7d

                                        kD
                                    

#104 JavaScript::Eval (size: 77, repeated: 1) - SHA256: 5f72facda7b42f03c51ea7db110c781bd7b42deaaca69c38a5c6dfe188f41937

                                        0,
function(D, H, A, q, S) {
    p(D, (A = Z(D, (S = (H = J(6, (q = J(3, D), D)), Z)(D, H), q)), H), S * A)
}
                                    

#105 JavaScript::Eval (size: 140, repeated: 1) - SHA256: 782402ce57c84eaf4e3d83e6f9136fb58d428784f48be90230a8fe55c058ff9f

                                        0,
function(D, H, A, q, S) {
    !T(49, 4, true, false, H, D) && (q = At(true, 0, D, 2), S = q.Rz, A = q.X2, D.h == D || S == D.ev && A == D) && (p(D, q.DV, S.apply(A, q.o)), D.D = D.G())
}
                                    

#106 JavaScript::Eval (size: 132, repeated: 1) - SHA256: 22184c3bb4acd2e557bd3e07fee1a4c7744f3190cea15ee945695451bdb577d2

                                        0, wx = function(Y, G, R, g, M) {
    if (3 == Y.length) {
        for (M = 0; 3 > M; M++) G[M] += Y[M];
        for (R = (g = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > R; R++) G[3](G, R % 3, g[R])
    }
}
                                    

#107 JavaScript::Eval (size: 134, repeated: 1) - SHA256: 3144c527fe20c444af9f0528a2b6916c40579cae4fd54fe8342f5b553eda1828

                                        0, uh = function(Y, G, R, g, M, X) {
    return Z((p(M, (ih(Y, (X = Z(M, 166), M.N && X < M.s ? (p(M, 166, M.s), Rr(166, G, M)) : p(M, 166, G), R), false, M), 166), X), M), g)
}
                                    

#108 JavaScript::Eval (size: 35, repeated: 1) - SHA256: f2a353ed5469812b863c5fbeb58b4d46b864ba4e20a49f57f9c44c7cda45f46b

                                        document.createEvent('MouseEvents')
                                    

Executed Writes (0)



HTTP Transactions (93)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: study-assistantph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.14.47
HTTP/1.1 301 Moved Permanently
                                        
Date: Sun, 25 Sep 2022 08:13:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 25 Sep 2022 09:13:53 GMT
Location: https://study-assistantph.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVBajqH0z3Tw%2FlKrJhyhPyy0K1GD6%2FqxOeYv14D48bZBwiSQ41LMxbip9mbmm%2BM3OaoWfmiia%2B8osqeDzjNytlM%2BTvGHo9RAdJvBvJltUX%2FYazAqzQzj5IDrtClnYoDi9DY%2B6%2BjiSmA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75024d975d321c16-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 07:14:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8-VmKjIjYgwv_F028W0OkpohfUzFrysM5OdDIq5BcSY2dLR7lmW3Bg==
Age: 3541


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12727
Expires: Sun, 25 Sep 2022 11:46:00 GMT
Date: Sun, 25 Sep 2022 08:13:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11524
Expires: Sun, 25 Sep 2022 11:25:57 GMT
Date: Sun, 25 Sep 2022 08:13:53 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: QKbE9khhv8Z9YAHEyBsqxBV+HwOOPBAE2MHQ2PmHougIkRswC2hy8kwLB2kWtrxMv/Pcowdkq34=
x-amz-request-id: 7TYMTGNH57PHMY6C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Sep 2022 07:48:00 GMT
age: 1553
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:53 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4D4B5DA8CDC7826B6F07251D8B80CD8B20D9DDE077AF2721FD4275A872FC386F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14681
Expires: Sun, 25 Sep 2022 12:18:34 GMT
Date: Sun, 25 Sep 2022 08:13:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1372BDE70751F1AF4C3A8027F1913DEDE5229095A04884DA6ECFD4C6782035CD"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3423
Expires: Sun, 25 Sep 2022 09:10:56 GMT
Date: Sun, 25 Sep 2022 08:13:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3B326A0A75541888149CD7C2C2E1708C212C914277B3511B2E2A9FB621A3060A"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14950
Expires: Sun, 25 Sep 2022 12:23:03 GMT
Date: Sun, 25 Sep 2022 08:13:53 GMT
Connection: keep-alive

                                        
                                            GET /zone?pub=0&zone_id=3914651&is_mobile=false&domain=study-assistantph.com&var=&ymid=&var_3= HTTP/1.1 
Host: loulouly.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:53 GMT
content-length: 758
x-trace-id: 9a491306a9fcac973987b33521fc2a9f
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (757)
Size:   758
Md5:    35d92b5d2052d00687b0de0ce3437c71
Sha1:   ddade391e18342b326efdce9712c310a23a0a91a
Sha256: 78152fe7e8ba4c6727d4bfa45b0374a29abf508bcdafbbcf1430fa1fe5383057
                                        
                                            GET /wrapper/js/manager.js?pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026 HTTP/1.1 
Host: cdn.dmtgvn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:53 GMT
cache-control: max-age=600, public, s-maxage=600
access-control-allow-origin: *
content-encoding: gzip
cache: STALE
x-cached-since: 2022-09-25T06:44:53+00:00
x-id: sto5-up-gc14
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2117
Md5:    32d81e6209cb6dc4339f0f3a6c68001d
Sha1:   c7aaa390f5ebdd58133c30e74445a9aefe684d6c
Sha256: 90e1984c9cca24f2763c9b4f46a4065a8c352fb761beae17b6fb983383812e9a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C7CFF996C12BAD16CF9E7AFC802C2A15C22C0A11A53BAF5E2018B30E94EC038D"
Last-Modified: Sat, 24 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2398
Expires: Sun, 25 Sep 2022 08:53:52 GMT
Date: Sun, 25 Sep 2022 08:13:54 GMT
Connection: keep-alive

                                        
                                            OPTIONS /custom HTTP/1.1 
Host: loulouly.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
content-length: 0
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: loulouly.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Content-Type: application/json
Origin: https://study-assistantph.com
Content-Length: 379
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
content-length: 39
x-trace-id: d1fd409ae03607ead5c73e5746a28fbe
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3945
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 08:13:54 GMT
Last-Modified: Sun, 25 Sep 2022 07:08:09 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /apu.php?zoneid=4493436 HTTP/1.1 
Host: cdn.betgorebysson.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
content-length: 968
x-trace-id: 2e0a03b7920162cef765c0e0e3134ef3
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=90690aa8d6564637983815092dd14d79; expires=Mon, 25 Sep 2023 08:13:54 GMT; path=/; secure; SameSite=None oaidts=1664093634; expires=Mon, 25 Sep 2023 08:13:54 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (801)
Size:   968
Md5:    6488d2d9ffca075b8108321f2b7a4d6b
Sha1:   a156377867fd73dd6fd736641cefe24c1cc78ea5
Sha256: ff998a4f03bbd94d352c41d6a10a3da73de2c1e907e6d12657d7514663bd271a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:54 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 12:52:21 GMT
Expires: Thu, 29 Sep 2022 12:52:20 GMT
Etag: "b25b1883b0f0e02956c3eb5beb98552f814ee6ab"
Cache-Control: max-age=361705,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75024d9e58e8b511-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:54 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=381686,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75024d9e5ea7b517-OSL

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: fleraprt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://study-assistantph.com
Content-Length: 1518
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.254
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Sun, 25 Sep 2022 08:14:12 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://study-assistantph.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /gid.js HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
content-length: 65
access-control-allow-origin: https://study-assistantph.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8b9bf07df17d4ac58339ecc939bd7143; expires=Mon, 25 Sep 2023 08:13:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    a1a0d9deb2726194150b45d8b357e7e8
Sha1:   08afb4d8647fd5dedbd11e2a7583c965931b9e2f
Sha256: e4c582bc7a3eb8be831b2515c34c4f0d58707de05f6b1c5eae3023a834e3d4b0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wrapper/js/prebid.js?v=s-d0f3aabc-4fb2-4c73-a68d-b6405e59b9a8 HTTP/1.1 
Host: cdn.dmtgvn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: HIT
x-cached-since: 2022-09-22T12:22:29+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65423)
Size:   126776
Md5:    32979c29f7fbdd78f62189b583d8ecb1
Sha1:   453ae979acc8fc3547137d7e139a94b18cd403f1
Sha256: 42f94bf69fbe5d49ef2effb8b48cdf18b2e4b2893e91c1deb862f6f1ad676ea1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:54 GMT
Content-Length: 939
Connection: keep-alive
Expires: Thu, 29 Sep 2022 06:50:41 GMT
ETag: "a655ec3228595c7e708d2543b5c330db6a6c51d1"
Last-Modified: Sun, 25 Sep 2022 06:50:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 848
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75024da00e2fb506-OSL

                                        
                                            GET /pfe/current/tag.min.js?z=3914651 HTTP/1.1 
Host: loulouly.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:53 GMT
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (14782), with no line terminators
Size:   6025
Md5:    d9f2932e137d38ca842ebb251c8292bc
Sha1:   d266256d9b2400cbcb539ef179fcf580c6758d09
Sha256: 08057343f95f9d6ea9a97704b2ee0bb5a1df5dd2c847a0e56e30462e2bc49e17
                                        
                                            OPTIONS /500/5041469?excludes=&oaid=8b9bf07df17d4ac58339ecc939bd7143&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: eehuzaih.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://study-assistantph.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pagead/ppub_config?ippd=study-assistantph.com HTTP/1.1 
Host: securepubads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.194
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Sun, 25 Sep 2022 08:13:54 GMT
expires: Sun, 25 Sep 2022 08:13:54 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 80
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Sep-2022 08:28:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   80
Md5:    bad65bf0d2b16eb724d34890dbf4da18
Sha1:   8399ed72214bea959a09aaf46a655bc1b66d880a
Sha256: 1c24ee737a67c152ebe9932e7b251247f09f631ec4f54de80658075964e20287
                                        
                                            GET /gpt/pubads_impl_2022092101.js?cb=31069828 HTTP/1.1 
Host: securepubads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.194
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 131360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 10:54:39 GMT
expires: Fri, 22 Sep 2023 10:54:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 21 Sep 2022 08:34:49 GMT
age: 249555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65439)
Size:   131360
Md5:    142ab69868a197caebb58071ccfc3373
Sha1:   d42a151e14814aaea9d3ee322bc4883cda1fae6b
Sha256: 7e00ede32409b2b5208d33f29372aab895838fdb40cc84d99f849b3c7a4bc124
                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 72341
date: Sun, 25 Sep 2022 08:13:54 GMT
access-control-allow-origin: *
etag: "632d6d03-11a95"
expires: Sun, 25 Sep 2022 09:13:54 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Size:   72341
Md5:    7a68c8644032413981e4ba5bc0d66c4a
Sha1:   2d46ca8055e8577ae7138140e34a6e633434973c
Sha256: e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /adsid/integrator.js?domain=study-assistantph.com HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.2
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 25 Sep 2022 08:13:54 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   100
Md5:    917951a58be8c6c6f3680159550ba3c2
Sha1:   21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
Sha256: cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
                                        
                                            GET /adsid/integrator.js?domain=study-assistantph.com HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.226
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 25 Sep 2022 08:13:54 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   100
Md5:    917951a58be8c6c6f3680159550ba3c2
Sha1:   21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
Sha256: cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.32.172
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 25 Sep 2022 08:13:55 GMT
content-length: 66121
last-modified: Mon, 12 Oct 2020 05:50:58 GMT
etag: "5f83eec2-10249"
expires: Sun, 25 Sep 2022 13:25:47 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 67688
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75024da34d7c95fd-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   66121
Md5:    3d08aacb36c7474e0d13b60f8f4adc14
Sha1:   e4af2de372b5e3a2211579a5973ef7ed160e7be4
Sha256: 54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c
                                        
                                            GET /safeframe/1-0-38/html/container.html HTTP/1.1 
Host: 145a5ad73c368c66fc91d69920dbebc3.safeframe.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.65
HTTP/2 200 OK
content-type: text/html
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 25 Sep 2022 08:13:55 GMT
expires: Mon, 25 Sep 2023 08:13:55 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Size:   3108
Md5:    3fa5e95a358d660ddb3c45769ae1357f
Sha1:   5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
Sha256: d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sun, 25 Sep 2022 08:13:55 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Sun, 25 Sep 2022 09:13:55 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /custom HTTP/1.1 
Host: loulouly.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Content-Type: application/json
Origin: https://study-assistantph.com
Content-Length: 740
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:55 GMT
content-length: 39
x-trace-id: d56c4ec519feb82d6afe82238672c346
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4332
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 08:13:55 GMT
Last-Modified: Sun, 25 Sep 2022 07:01:43 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4332
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 08:13:55 GMT
Last-Modified: Sun, 25 Sep 2022 07:01:43 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=06dd8352-b543-4f0e-8466-65c3af965397&l_pb_bid_id=6efbd7a332e7e18&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6166311939372394 HTTP/1.1 
Host: fastlane.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.162.41
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx/1.21.4
Date: Sun, 25 Sep 2022 08:13:55 GMT
Content-Length: 304
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8H2DUR3-Q-I04Y; Domain=.rubiconproject.com; Path=/; Expires=Mon, 25-Sep-2023 08:13:55 GMT; Max-Age=31536000; SameSite=None; Secure audit=1|naVuGyos1qr1JOnzb4SqXe9DtVM30fCgJCbxLIA38BNzxCOgGrkE5z9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 25-Sep-2023 08:13:55 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (304), with no line terminators
Size:   304
Md5:    4bf5ae196dc4546039d9b01239a49112
Sha1:   0b4c5b2afe30a9aa89d2916b2208a4180eb82a97
Sha256: 2541cbecbd4dd769e667f3cef0d519704cbdcdc18c357af691b6d47f5facf1c2
                                        
                                            GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=4637a889-bbcf-492e-b923-8e4034882a5d&l_pb_bid_id=4e0cbb84677b3f&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33626168172936255 HTTP/1.1 
Host: fastlane.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.162.41
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx/1.21.4
Date: Sun, 25 Sep 2022 08:13:55 GMT
Content-Length: 312
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8H2DUR3-R-1PNM; Domain=.rubiconproject.com; Path=/; Expires=Mon, 25-Sep-2023 08:13:55 GMT; Max-Age=31536000; SameSite=None; Secure audit=1|naVuGyos1qq1scsEt+z5GO9DtVM30fCgJCbxLIA38BNzxCOgGrkE5z9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 25-Sep-2023 08:13:55 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (312), with no line terminators
Size:   312
Md5:    cd79809ba80f87d1261d937536003e48
Sha1:   19ffd03783fa8dd83cb6ed4dfc60967f32bdea7d
Sha256: 2e1c1e55d23bf119cfb5d8a560647a1ea18f38b684a6cba669808c690e5a007e
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 476
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.90
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Sun, 25 Sep 2022 08:13:55 GMT
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: 0f64df01-4942-4850-8709-8e90618d0aa3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   139
Md5:    ed61cbe5de1c9301dde10c0e78a87c43
Sha1:   1004d52a449cf90ce43d1b51f0dc6de39b9ac878
Sha256: 3a374ee147909deb986d0f395e26e98327b608788c358a81a6bcf16bfb9fe757
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 610
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.90
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Sun, 25 Sep 2022 08:13:55 GMT
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: 0168752a-0441-4bcb-9daf-41b6492d75e6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   138
Md5:    eced1c9d21bb0f78df18f4486286bcaf
Sha1:   577b3607f06b58e35bfd9c0317976000501e02c3
Sha256: bc410c9ad564e563a67abd183c33e008f0771a3451239c21d185eef7bba492c7
                                        
                                            GET /getconfig/sodar?sv=200&tid=gpt&tv=2022092101&st=env HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.194
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 25 Sep 2022 08:13:55 GMT
server: cafe
cache-control: private
content-length: 11183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (14733), with no line terminators
Size:   11183
Md5:    0b9736a6c69eea21ddfd33a6b115d092
Sha1:   81893cad9a6569d7ab02364580caf49d818f32e7
Sha256: 5cfe2f67d66b0d98ed004bd165e9f00dca75be235d07b9160d9fe6739b3cbad1
                                        
                                            GET /watch/88477929/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A582%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A819020845535%3Ahid%3A314542124%3Az%3A0%3Ai%3A20220925081353%3Aet%3A1664093634%3Ac%3A1%3Arn%3A608436294%3Arqn%3A1%3Au%3A1664093634190763323%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C22%2C8%2C6%2C310%2C0%2C%2C304%2C3%2C%2C%2C%2C683%3Ans%3A1664093631734%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664093634%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Referer: https://study-assistantph.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 400
date: Sun, 25 Sep 2022 08:13:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 08:13:55 GMT
last-modified: Sun, 25-Sep-2022 08:13:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size:   400
Md5:    32bdd0da7dd6ba5a7b12785c4f6eddee
Sha1:   ae807de3489cc3e0eae25d779d78e5b80b9afb72
Sha256: eedcbb9fa3d5d71f6fe41ce46f07d4554c15db62572a354536e44c4cd97d59d0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sodar/sodar2.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 25 Sep 2022 08:13:55 GMT
expires: Sun, 25 Sep 2022 08:13:55 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1321)
Size:   6386
Md5:    ac906814ed812c4ecdbb624a3bd2f6c3
Sha1:   8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
Sha256: 8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
                                        
                                            GET /sodar/sodar2/225/runner.html HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: text/html
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 11:30:52 GMT
expires: Fri, 22 Sep 2023 11:30:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
age: 247383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Size:   5046
Md5:    f530c16b248be97e10df228df6a41c24
Sha1:   ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
Sha256: f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api2/aframe HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 25 Sep 2022 08:13:55 GMT
date: Sun, 25 Sep 2022 08:13:55 GMT
cache-control: private, max-age=300
content-security-policy: script-src 'nonce-gDyG19vzxy8PEElzOv22Zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Size:   513
Md5:    1619148fd14b8007a7c72ec5ee8f5e04
Sha1:   486b2d11db9a274be6f2308822d0fb818466ebae
Sha256: 493182ceb4cfa65356d9d55a1a14578552d64463d66752346b8784771c80c6f6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5155
Expires: Sun, 25 Sep 2022 09:39:50 GMT
Date: Sun, 25 Sep 2022 08:13:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5155
Expires: Sun, 25 Sep 2022 09:39:50 GMT
Date: Sun, 25 Sep 2022 08:13:55 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 38183
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:22:33 GMT
age: 3082
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7757
Md5:    9d59e1bbd58ff8c5fe5faecb58149601
Sha1:   ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
Sha256: c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6779391A8D2D73B681A1316EECF58B62DED937F6117B9ADF47CC2B0BB36F2FB5"
Last-Modified: Fri, 23 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14492
Expires: Sun, 25 Sep 2022 12:15:27 GMT
Date: Sun, 25 Sep 2022 08:13:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6779391A8D2D73B681A1316EECF58B62DED937F6117B9ADF47CC2B0BB36F2FB5"
Last-Modified: Fri, 23 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14492
Expires: Sun, 25 Sep 2022 12:15:27 GMT
Date: Sun, 25 Sep 2022 08:13:55 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3_xkH-s3Fzz3CRHux4j3hergFHWBmOFF9vMBCoN1rJrjrCkeSEp0qQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:16 GMT
age: 36759
etag: "358e74de395352a9529ff1c17856daf8900888c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6199
Md5:    714af732a9aa1db2b13ffb62810fd532
Sha1:   358e74de395352a9529ff1c17856daf8900888c5
Sha256: 1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5293
x-amzn-requestid: a35423bc-9112-48da-85e0-93ac41794d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PkGehoAMF1pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-450fad077885fae416572443;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IAon_ZYxu87A9OB775Q1unI4sdLHdE-Ij9QNYaB2mqftP0IoAsgnvQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:22 GMT
age: 38073
etag: "6a02487368bbe41b87feeef1f70f7320392d72a3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5293
Md5:    b156552f4d76fd964b279ebcf8cd1f8e
Sha1:   6a02487368bbe41b87feeef1f70f7320392d72a3
Sha256: ceddf1a515c64d0071a4d90c26de60a27ee2bf2af341bf1572fb05743d2cc644
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8883
x-amzn-requestid: 684fdd05-960b-42cb-8544-3347a4bf9b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmEaqIAMFz4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-2642e1df108d0f7a5d98b126;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ww7Y221O3YKYU2YLj-uLBxsJoTTCvV4nZd1Vlh2DK1TAFv2BINUJ4w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
age: 38210
etag: "5fc6f043ab0929c95b84b78c9d03befbe0fadea0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8883
Md5:    4ecc2a02c5bf02ae98849085d835b2dd
Sha1:   5fc6f043ab0929c95b84b78c9d03befbe0fadea0
Sha256: ac308de6a557df495017c8cd16d431711daee7107686c1b74cd4e6f0e63de961
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9042
x-amzn-requestid: 8c2e6356-2b43-4162-94b9-efd45249047c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHRtIAMFwaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-034b1944694141f04debec31;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k1hcUfebiQMb8IRsmeAOkyI02F1vUvh7J9GxgU4qO8Ebp3TQUC2fQQ==
via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:59:46 GMT
age: 36849
etag: "2fde9899cf74129d7df8868008b323a527dc1170"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9042
Md5:    ca8f8393365641de380e9443b37a8581
Sha1:   2fde9899cf74129d7df8868008b323a527dc1170
Sha256: dbcc05dcbbbf4b89bf0f10999c0f5679e822cce6f9e3437f2cafb913606bd8c3
                                        
                                            POST /stats/format HTTP/1.1 
Host: worker.sttsmntz.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         158.160.4.42
HTTP/2 200 OK
content-type: application/json
                                        
server: ycalb
date: Sun, 25 Sep 2022 08:13:54 GMT
content-encoding: gzip
content-length: 231
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   231
Md5:    99ee39a4c8f113aee49614e21785b5ca
Sha1:   b9a819fca32c1600fd413a65f636a48eef4015cd
Sha256: acc832e71ae269991e13457f455d2bc281daef8b42db5d234da507f22fd6a352
                                        
                                            POST /stats/format HTTP/1.1 
Host: worker.sttsmntz.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         158.160.4.42
HTTP/2 200 OK
content-type: application/json
                                        
server: ycalb
date: Sun, 25 Sep 2022 08:13:55 GMT
content-encoding: gzip
content-length: 231
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   231
Md5:    fa1afdf80716d56df4ca2f0bafda31db
Sha1:   17dd8c82fb37a6b193cb740890ce6c92005b1d33
Sha256: 8ff1cd808cbae12f8a537b9cb747d4f1b3b223864a4c15832dccf3b2884b73ba
                                        
                                            GET /watch/71915284/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A582%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A984926344715%3Ahid%3A314542124%3Az%3A0%3Ai%3A20220925081354%3Aet%3A1664093634%3Ac%3A1%3Arn%3A1034254203%3Arqn%3A1%3Au%3A1664093634190763323%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C22%2C8%2C6%2C310%2C0%2C%2C304%2C3%2C2099%2C2099%2C3%2C683%3Aeu%3A1%3Ans%3A1664093631734%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664093634%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Referer: https://study-assistantph.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 400
date: Sun, 25 Sep 2022 08:13:56 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 08:13:56 GMT
last-modified: Sun, 25-Sep-2022 08:13:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size:   400
Md5:    16a0d8bc9dab8ea9ee3a21ad7ae37c46
Sha1:   74bc5b143b2ae296aaeb9eadf6b33e2808a95b21
Sha256: 45668af4a5c38a8e69cec472726f87e7d9dd6110732fa97d51e773c9877ae8b4
                                        
                                            GET /impression/MsmG2Fy-enNC3sKQ2UZgEMowOoZKl-GZTUAO1Gf9xvAZcxmzcfJ0cPqZ9W5Yyx8NasOCELKXjZVPK3uSZUbdZiVYP33LX9bVJ3jdcrkAaAThZuGT7iO2JYK4z1RntgE2cWfXh_uBx0ZwLk4HwlIFCpZdUuo-jd4jeQ9Lpk0tplhsTYs8Qsfl26K4B0xc5UAe4rzKoB5ANWaLwYRPMjYQBrK2X7i4iAo-6K2eyNSeEhn1MoTfld8rlznHynK-wQAtgkHNe-7xkvhazuM8V_PIc6cMYZ3xXzUoOVPeYoWOiD2_zDGvti6e5XO3d937Su0J1fhTtdaidHA0Hx2kLLMSppNIEp4RbKJ7oR-Vh5Ly2xQ7nxUugeYK3wKGrMWi0Cw-pXcejrQ16H0DaFA4MFVvnASLdcjjin9zpVTBqcLTDhGNkkcwBmiy72_oeZUXOCjr73E25861L1Wy2jFqP06w7Tj2n0bHhhKhm6l0ySM1aKRQp4wIBer6yutrSwCApjb9HXjB6FPDtgoK11uRpKKZfa4dpHTQSYOeo1T12aUj8ZcknIRI7MlvgZkRiA1VpiOnOlb8L6oE6-66VaDUxUfvnVc5Ldr_1_UXPyGicdCdu8Y=?_z=5041469&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: eehuzaih.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Cookie: OAID=8b9bf07df17d4ac58339ecc939bd7143
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:59 GMT
content-length: 43
x-trace-id: a36f2e2fa0f854caed593738946f1b9c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 304791
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 08:13:59 GMT
date: Sun, 25 Sep 2022 08:13:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16504
Md5:    3c74d4f5cfa54e017d9f7e8a2dc9044e
Sha1:   b5884c0de90de3eb1665625cfe24e3e3e4509aa1
Sha256: c3d9b400c1dabc9958c0c59ed97077eb0eab3a527010b3c2ca452537231abff7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 08:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 477
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.90
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Sun, 25 Sep 2022 08:14:00 GMT
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: ff96ca96-379e-47ae-9824-e57fdc283347
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   140
Md5:    01ad77587a39f7ad8928ae12af69365f
Sha1:   5518e05b2ea6fbcc363e41a6eae46b935ce6ba4a
Sha256: 5670bfa6474bbd22dc46f722f1c23ece280b1b2a71472e90b27bd587bf353202
                                        
                                            GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=6fcb7a03-5302-4173-85f4-23c935a1705e&l_pb_bid_id=125d4262db83fa1&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.09970407370270085 HTTP/1.1 
Host: fastlane.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.162.41
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx/1.21.4
Date: Sun, 25 Sep 2022 08:14:00 GMT
Content-Length: 304
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8H2DZ0B-Z-CBN3; Domain=.rubiconproject.com; Path=/; Expires=Mon, 25-Sep-2023 08:14:00 GMT; Max-Age=31536000; SameSite=None; Secure audit=1|naVuGyos1qrnaFS6MISx3+9DtVM30fCgJCbxLIA38BOWeNmH6PrmfD9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 25-Sep-2023 08:14:00 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (304), with no line terminators
Size:   304
Md5:    6b2794d1b9272167cab3ea024c318206
Sha1:   0bd3adf927c971406c29f1d7f3940fa85883ef3b
Sha256: eecaf58e18aea6caf1bc493425c7ae0f98adb3fe7eac4e4364b9848b35054a80
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 612
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.90
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Sun, 25 Sep 2022 08:14:00 GMT
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: 87de932c-b8aa-4167-a8a2-e011422dc88b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   140
Md5:    1e3077949415f709177a2b3f29481eef
Sha1:   29ee695b99b4d147d238591b90897898e6ae3cac
Sha256: 58c237389b94caa6db3199a16c6592567676873c8c667b096210345364614889
                                        
                                            GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=f90728aa-2c06-4cea-98d5-35327e704029&l_pb_bid_id=1615739102a42b4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05349728405247789 HTTP/1.1 
Host: fastlane.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.162.41
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx/1.21.4
Date: Sun, 25 Sep 2022 08:14:00 GMT
Content-Length: 312
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8H2DZ0V-11-427Q; Domain=.rubiconproject.com; Path=/; Expires=Mon, 25-Sep-2023 08:14:00 GMT; Max-Age=31536000; SameSite=None; Secure audit=1|naVuGyos1qrNASfPQrkitO9DtVM30fCgJCbxLIA38BOWeNmH6PrmfD9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 25-Sep-2023 08:14:00 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (312), with no line terminators
Size:   312
Md5:    e7b0fbc9cc3a1dcd5e04d5e2e56a759b
Sha1:   fc6b71c04050058303a8297548476caa2b93d91c
Sha256: 41ecaed85e4aad6f57cee371dc017a173ac82cdabe32bae5bd4e60a53d992a41
                                        
                                            POST /stats/format HTTP/1.1 
Host: worker.sttsmntz.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         158.160.4.42
HTTP/2 200 OK
content-type: application/json
                                        
server: ycalb
date: Sun, 25 Sep 2022 08:14:00 GMT
content-encoding: gzip
content-length: 230
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   230
Md5:    e671827ad541ec3a8569e5a4659b44de
Sha1:   cd179a11ab3b18f162310a88b9629a9ac2c13a54
Sha256: d0268e4bbc642395ba87e82ba2703d81a6efabcabc00267b9e12803b291811c1
                                        
                                            POST /stats/format HTTP/1.1 
Host: worker.sttsmntz.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         158.160.4.42
HTTP/2 200 OK
content-type: application/json
                                        
server: ycalb
date: Sun, 25 Sep 2022 08:14:00 GMT
content-encoding: gzip
content-length: 229
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   229
Md5:    6c662b082f1bc3fd157afda7356149b3
Sha1:   3eb9114c37071cccfbddc00ad3fd0d43c2bccc4c
Sha256: bc883274e6916a8e7d2cc1ef6660d87705206b6316d74285346aad6b63f623ec
                                        
                                            GET /gid.js?pub=0&userId=6ece7183f2594865a4ba0b2ec5c1569e&zoneId=3914651&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Cookie: ID=8b9bf07df17d4ac58339ecc939bd7143
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:14:02 GMT
content-length: 65
access-control-allow-origin: https://study-assistantph.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8b9bf07df17d4ac58339ecc939bd7143; expires=Mon, 25 Sep 2023 08:14:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    a1a0d9deb2726194150b45d8b357e7e8
Sha1:   08afb4d8647fd5dedbd11e2a7583c965931b9e2f
Sha256: e4c582bc7a3eb8be831b2515c34c4f0d58707de05f6b1c5eae3023a834e3d4b0
                                        
                                            GET / HTTP/1.1 
Host: study-assistantph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.157.190
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 25 Sep 2022 08:13:53 GMT
cache-control: max-age=86400
expires: Sun, 25 Sep 2022 16:51:37 GMT
cf-cache-status: HIT
age: 55336
last-modified: Sat, 24 Sep 2022 16:51:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z08yXEUDIBgJSUWB9nuX7SS%2FfRkEu6O7IpmOBxAPE%2B1lrzN0mYS5KumJvTb24FarJOJT5QzU0sh4pY8Lxo0HhBqvHzwFSwiVM1XqVvbQC8oPJFvX0QNAmcs2o1tY9yb1tb01ZoAPIOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75024d993b811c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wrapper-builder/eb107cdf-35a2-42a1-9d1c-f92094e2e026/dynamic.js?host=study-assistantph.com&v=d-1661183947__s-d0f3aabc-4fb2-4c73-a68d-b6405e59b9a8 HTTP/1.1 
Host: cdn.dmtgvn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: MISS
x-id: sto5-up-gc14
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /400/5041469 HTTP/1.1 
Host: eehuzaih.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:53 GMT
x-trace-id: 331b91a053d35af068de50997895dacb
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=30008a8fd0e841999ded99a5aebb0c6d; expires=Mon, 25 Sep 2023 08:13:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /watch/88477929?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A582%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A819020845535%3Ahid%3A314542124%3Az%3A0%3Ai%3A20220925081353%3Aet%3A1664093634%3Ac%3A1%3Arn%3A608436294%3Arqn%3A1%3Au%3A1664093634190763323%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C22%2C8%2C6%2C310%2C0%2C%2C304%2C3%2C%2C%2C%2C683%3Ans%3A1664093631734%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664093634%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 302 Found
                                        
location: /watch/88477929/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A582%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A819020845535%3Ahid%3A314542124%3Az%3A0%3Ai%3A20220925081353%3Aet%3A1664093634%3Ac%3A1%3Arn%3A608436294%3Arqn%3A1%3Au%3A1664093634190763323%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C22%2C8%2C6%2C310%2C0%2C%2C304%2C3%2C%2C%2C%2C683%3Ans%3A1664093631734%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664093634%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 25 Sep 2022 08:13:55 GMT
access-control-allow-origin: https://study-assistantph.com
set-cookie: yandexuid=6576013031664093635; Expires=Mon, 25-Sep-2023 08:13:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=6576013031664093635; Expires=Mon, 25-Sep-2023 08:13:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=60413701664093635; Path=/; SameSite=None; Secure i=xkAkg+DP7iYN6HSccKVHFIuHCOWVECKIuGMWMF1ZuKKxR1+iJBr8YpeqXh3kZUb/LTTqGYQHmfG66UR+AR/iQoVPdNs=; Expires=Wed, 22-Sep-2032 08:13:54 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1695629635.yrts.1664093635#1695629635.yrtsi.1664093635; Expires=Mon, 25-Sep-2023 08:13:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 08:13:55 GMT
last-modified: Sun, 25-Sep-2022 08:13:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /watch/71915284?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A582%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A984926344715%3Ahid%3A314542124%3Az%3A0%3Ai%3A20220925081354%3Aet%3A1664093634%3Ac%3A1%3Arn%3A1034254203%3Arqn%3A1%3Au%3A1664093634190763323%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C22%2C8%2C6%2C310%2C0%2C%2C304%2C3%2C2099%2C2099%2C3%2C683%3Aeu%3A1%3Ans%3A1664093631734%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664093634%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 302 Found
                                        
location: /watch/71915284/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A582%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A984926344715%3Ahid%3A314542124%3Az%3A0%3Ai%3A20220925081354%3Aet%3A1664093634%3Ac%3A1%3Arn%3A1034254203%3Arqn%3A1%3Au%3A1664093634190763323%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C22%2C8%2C6%2C310%2C0%2C%2C304%2C3%2C2099%2C2099%2C3%2C683%3Aeu%3A1%3Ans%3A1664093631734%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664093634%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 25 Sep 2022 08:13:55 GMT
access-control-allow-origin: https://study-assistantph.com
set-cookie: yandexuid=3171265591664093635; Expires=Mon, 25-Sep-2023 08:13:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=3171265591664093635; Expires=Mon, 25-Sep-2023 08:13:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=2643022141664093635; Path=/; SameSite=None; Secure i=zs1YHJjRIytO/gxG/znIYo9D1rDV7AQAWYuOHoBlNbyI96r3yviHEFvgk7t0VbExw71GQ9kmuoyRuE4/NaCGRxaQ1T0=; Expires=Wed, 22-Sep-2032 08:13:55 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1695629635.yrts.1664093635#1695629635.yrtsi.1664093635; Expires=Mon, 25-Sep-2023 08:13:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 08:13:55 GMT
last-modified: Sun, 25-Sep-2022 08:13:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /500/5041469?excludes=&oaid=8b9bf07df17d4ac58339ecc939bd7143&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: eehuzaih.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Cookie: OAID=30008a8fd0e841999ded99a5aebb0c6d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
x-trace-id: 3312bd575159b4d8d2222136dc1f590f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://study-assistantph.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=8b9bf07df17d4ac58339ecc939bd7143; expires=Mon, 25 Sep 2023 08:13:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wrapper/js/common-engine.js?v=s-d0f3aabc-4fb2-4c73-a68d-b6405e59b9a8 HTTP/1.1 
Host: cdn.dmtgvn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:53 GMT
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: HIT
x-cached-since: 2022-09-22T12:17:27+00:00
x-id: sto5-up-gc13
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /kv-api/v1/get-value?&keyValues[][roxotHost]=study-assistantph.com&pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026 HTTP/1.1 
Host: cdn.dmtgvn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.223.97.97
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
cache-control: max-age=600, public, s-maxage=600
access-control-allow-origin: *
content-encoding: gzip
cache: MISS
x-id: sto5-up-gc11
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1 
Host: loulouly.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:53 GMT
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wrapper/js/dynamic-engine.js?v=s-d0f3aabc-4fb2-4c73-a68d-b6405e59b9a8 HTTP/1.1 
Host: cdn.dmtgvn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: HIT
x-cached-since: 2022-09-22T12:17:27+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.194.45
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 25 Sep 2022 08:13:54 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gn%2Br3%2FdOVKqFF7ExagXTMKeogGgMQOvleRbDmw6KFfiH3jQ3sK8ebyy0pmu93G69zPkALzQfqTt58EUmrBOYODUTbFYxu%2F5iTZc28da5bR21PnzZ3dH3wLln4Xw%2FNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75024d9d092eb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wrapper-builder/placement/d3569df2-db2e-46af-b0c2-a97b7f18e4d4?v=d-1661183947 HTTP/1.1 
Host: cdn.dmtgvn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.223.97.97
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
cache-control: max-age=31536000, public, s-maxage=31536000
access-control-allow-origin: *
content-encoding: gzip
cache: MISS
x-id: sto5-up-gc14
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wrapper-builder/placement/4ff18346-1bc6-4f5c-915c-d367f8a53b59?v=d-1661183947 HTTP/1.1 
Host: cdn.dmtgvn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.223.97.97
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 25 Sep 2022 08:13:54 GMT
cache-control: max-age=31536000, public, s-maxage=31536000
access-control-allow-origin: *
content-encoding: gzip
cache: MISS
x-id: sto5-up-gc13
X-Firefox-Spdy: h2


--- Additional Info ---