students-help.ga/
174.129.25.170301 Moved Permanently 169 B IP 174.129.25.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET / HTTP/1.1
Host: students-help.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 18 Mar 2023 14:28:08 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: http://www.students-help.ga/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7530
Expires: Sat, 18 Mar 2023 16:33:38 GMT
Date: Sat, 18 Mar 2023 14:28:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3396075e8f2d9ceae3bd11f94111fed8
98ba4ccf6b0e38a91c69b76ac1dc07313773ed1d
e533d6bd6a8080facdff772bcbf359373dab2d5a6fe5eabe64f95e68a8cd23aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E533D6BD6A8080FACDFF772BCBF359373DAB2D5A6FE5EABE64F95E68A8CD23AA"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7772
Expires: Sat, 18 Mar 2023 16:37:40 GMT
Date: Sat, 18 Mar 2023 14:28:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 18 Mar 2023 14:14:34 GMT
content-type: application/json
age: 814
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eddc2a353d39e5ce5c30d7e90b3ed6a5
305e86e4b966344c135c50af9a6509ffd3a83e9e
bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813"
Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9173
Expires: Sat, 18 Mar 2023 17:01:01 GMT
Date: Sat, 18 Mar 2023 14:28:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: x/QuMOQFtN0rHSUWT+Pl6OMTlCZLLGUsj9p5coneFIpXnN3HF70FQuH0qwIG7emTgp3p3AZ7psA=
x-amz-request-id: CHGPFZWE5JM8CTQS
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 18 Mar 2023 13:51:58 GMT
age: 2170
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 14:28:08 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.students-help.ga/
142.250.74.147301 Moved Permanently 0 B IP 142.250.74.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET / HTTP/1.1
Host: www.students-help.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sat, 18 Mar 2023 14:28:08 GMT
Location: https://www.students-help.ga/
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/s/gts1d4/Zlk5ibrKUiI
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Zlk5ibrKUiI
IP 142.250.74.131:0
Hash fe2d4f52c16385577ced2bec5e670623
8b0ab73b117741bab9f4c7a4b4905342b3d44742
214807ff9961ffc4fcb576a9799dcc2f5e5491fe24f96ed5eabc979cbc08ac32
POST /s/gts1d4/Zlk5ibrKUiI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 18 Mar 2023 14:17:21 GMT
age: 648
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70f795f7a73fb087a4b08eebe6e2a970
faaa9283e766256900f3c3e00dee00973e7da2a6
4f7e4813f82f60ebf9c536d9342726307686931df7309a4c367f3b658602efde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F7E4813F82F60EBF9C536D9342726307686931DF7309A4C367F3B658602EFDE"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15936
Expires: Sat, 18 Mar 2023 18:53:45 GMT
Date: Sat, 18 Mar 2023 14:28:09 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/_/atari/_/ss/k=atari.vw.FSWui5jqiNM.L.F4.O/d=1/rs=AGEqA5kyijUe-3aB1IGc2sx7WerqTj6I2w
216.58.211.3200 OK 139 kB URL HTTP/2 www.gstatic.com/_/atari/_/ss/k=atari.vw.FSWui5jqiNM.L.F4.O/d=1/rs=AGEqA5kyijUe-3aB1IGc2sx7WerqTj6I2w
IP 216.58.211.3:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 139 kB (138999 bytes)
Hash 73c3a6c314f1235870e51fa83b995c14
d30dc1058400b680f0b931091f93234609e0481d
506bfc3c18294a782118d5001dda8d587ffb020b3bd916b9243f5d2a3e156ca5
GET /_/atari/_/ss/k=atari.vw.FSWui5jqiNM.L.F4.O/d=1/rs=AGEqA5kyijUe-3aB1IGc2sx7WerqTj6I2w HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-length: 138999
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 23:37:22 GMT
expires: Thu, 14 Mar 2024 23:37:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Mar 2023 13:24:31 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 226247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 84218ca0c6d2080f6c56f779ce2c10b5
4eb6e50352f2d63ccdf546ba1f3395f5128dda5e
d6effba6bc376c5e8cdedf0042cb30df6d1b8304346cc1d3bb58aec9ca8e3676
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/client.js?onload=gapiLoaded
142.250.74.46200 OK 6.9 kB URL HTTP/2 apis.google.com/js/client.js?onload=gapiLoaded
IP 142.250.74.46:0
File type ASCII text, with very long lines (2054)
Hash f46619e06f439ccc33690c54d740390f
8f52d887200719be7140675b66d6982a065d317e
52f0209782f29b3defea5bee0ea42015147cde2ff986073168187d5219f73c0d
GET /js/client.js?onload=gapiLoaded HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 6894
date: Sat, 18 Mar 2023 14:28:09 GMT
expires: Sat, 18 Mar 2023 14:28:09 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "e146e87ebc9f2947"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.226.72.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.226.72.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p2iokzB8/ghmzgTfy51OQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xfEqKd9J9gHHXt+m+kXIM5vrMHI=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 10bb1da74cabb050bb1f1af5989d201a
a28a2ce1097c2bbbbd42869df64551a01d2c7de4
180b15454b4cd4d39194bee9ce00122c7cffb85decddb8083d3f1361ea01eb13
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5a2f6d953f946b542f1145cdcae9946e
00184b28856db5a12858eab98f97dc01c1471449
7f32b4afd160b8ecff360fc0e83e582cf49918a379c6c73f2a837c48439aab00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-PRVQHGHZFQ
142.250.74.40200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-PRVQHGHZFQ
IP 142.250.74.40:0
File type ASCII text, with very long lines (19390)
Hash e9d8d1b218e5a43cd467b04009ef883e
db1d77d3db0220169794998a126e4912462526c7
deb0b2c055f7dd998e5119f5b9777a6f2b4878305c8c767b7cb1c70ece53f222
GET /gtag/js?id=G-PRVQHGHZFQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 14:28:09 GMT
expires: Sat, 18 Mar 2023 14:28:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.students-help.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 14:34:21 GMT
expires: Fri, 15 Mar 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 172429
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.students-help.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 17:39:58 GMT
expires: Fri, 15 Mar 2024 17:39:58 GMT
cache-control: public, max-age=31536000
age: 161292
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21544, version 1.0\012- data
Hash d89cae5474ac4464b71bd3c51794cee6
ba9e55412727b5050e61bca6b288ff1b27ba548d
b6872478482ee5d74077229ed5a9dad8d6f15e3d34e8ad7ef2192dbc837e6693
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.students-help.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 14:24:43 GMT
expires: Fri, 15 Mar 2024 14:24:43 GMT
cache-control: public, max-age=31536000
age: 173007
last-modified: Mon, 11 Jul 2022 19:15:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Hash e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.students-help.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 17:45:39 GMT
expires: Fri, 15 Mar 2024 17:45:39 GMT
cache-control: public, max-age=31536000
age: 160951
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.students-help.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 07:51:59 GMT
expires: Thu, 14 Mar 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 282971
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2
142.250.74.35200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 42500, version 1.0\012- data
Hash 8c5246074400a5141ea18bf48dff17ee
b0650d9d042dfdc6e5fbc3b9f79f87822f9ee689
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
GET /s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.students-help.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 42500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 18 Mar 2023 10:20:35 GMT
expires: Sun, 17 Mar 2024 10:20:35 GMT
cache-control: public, max-age=31536000
age: 14855
last-modified: Wed, 27 Apr 2022 16:01:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
142.250.74.35200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Hash d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.students-help.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 15:13:53 GMT
expires: Thu, 14 Mar 2024 15:13:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
age: 256457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0w8mIEDQ.woff2
142.250.74.35200 OK 29 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0w8mIEDQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 29304, version 1.0\012- data
Hash 98e03106504cc3727fb4ee43e6a1f74a
f392f04165fd73fd730b89a9183936351517c4bf
3d039543ba70226b3a26ff11c2c004e322c5a6b68ba9e22699ded771267333b3
GET /s/ptsans/v17/jizYRExUiTo99u79D0e0w8mIEDQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.students-help.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Mar 2023 02:09:55 GMT
expires: Sat, 16 Mar 2024 02:09:55 GMT
cache-control: public, max-age=31536000
age: 130695
last-modified: Wed, 27 Apr 2022 16:01:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 28444, version 1.0\012- data
Hash e996a4db02cc36705ce700e4b5d06b3a
c5fa1dff68d7d83689f58bc498caea9041cf7b75
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
GET /s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.students-help.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 00:32:07 GMT
expires: Fri, 15 Mar 2024 00:32:07 GMT
cache-control: public, max-age=31536000
age: 222963
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5a2f6d953f946b542f1145cdcae9946e
00184b28856db5a12858eab98f97dc01c1471449
7f32b4afd160b8ecff360fc0e83e582cf49918a379c6c73f2a837c48439aab00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 89d57527c89c079687a9c8d685a47aaf
20170b647d294dd023bd1d0c2a554afc77d4caff
442332478ef19f8bb4814a12730e0066804f4709bbc282676d101e9c40c8ea45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 89d57527c89c079687a9c8d685a47aaf
20170b647d294dd023bd1d0c2a554afc77d4caff
442332478ef19f8bb4814a12730e0066804f4709bbc282676d101e9c40c8ea45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 89d57527c89c079687a9c8d685a47aaf
20170b647d294dd023bd1d0c2a554afc77d4caff
442332478ef19f8bb4814a12730e0066804f4709bbc282676d101e9c40c8ea45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 89d57527c89c079687a9c8d685a47aaf
20170b647d294dd023bd1d0c2a554afc77d4caff
442332478ef19f8bb4814a12730e0066804f4709bbc282676d101e9c40c8ea45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 89d57527c89c079687a9c8d685a47aaf
20170b647d294dd023bd1d0c2a554afc77d4caff
442332478ef19f8bb4814a12730e0066804f4709bbc282676d101e9c40c8ea45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.students-help.ga/_/view/logImpressions?authuser=0
142.250.74.147200 OK 221 B URL HTTP/2 www.students-help.ga/_/view/logImpressions?authuser=0
IP 142.250.74.147:0
Hash 875432b6931c34b9a0b6e3ca8acdb490
44775cb2186e3e24a66043bae0fb05adf72ee2b0
4d563a7a20caa3df201fe417c6783221c374441f5892130eedb870215d4a91ea
POST /_/view/logImpressions?authuser=0 HTTP/1.1
Host: www.students-help.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3257
Origin: https://www.students-help.ga
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Mar 2023 14:28:10 GMT
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
lh3.googleusercontent.com/X5afp-Enju8QD1rZL24Wn8MefE2ilEldnk28fKkSbr1wVAWQs0UeobIbI8IDDnX12Ep_XfNs8CH5AQ6ZmQ28vd6Co-BPJcDIWa3YPYk_MxvRcTr3
216.58.211.1200 OK 6.5 kB URL HTTP/2 lh3.googleusercontent.com/X5afp-Enju8QD1rZL24Wn8MefE2ilEldnk28fKkSbr1wVAWQs0UeobIbI8IDDnX12Ep_XfNs8CH5AQ6ZmQ28vd6Co-BPJcDIWa3YPYk_MxvRcTr3
IP 216.58.211.1:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f44976345a3cd22a718542e6d6639c9
d54c0b5423dba9c0dd6a566117a3cd5a169b7c5d
de84ce67c2ac9a6cb573ef0b4603ec6a0e7bfe20c4188c47f9792f233b1c989e
GET /X5afp-Enju8QD1rZL24Wn8MefE2ilEldnk28fKkSbr1wVAWQs0UeobIbI8IDDnX12Ep_XfNs8CH5AQ6ZmQ28vd6Co-BPJcDIWa3YPYk_MxvRcTr3 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="favicon 120.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 6514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/TgiVOmA5fwa1vIjI3IJmGo2FrbOmqZuoL-7H-Vdh480C4CaZxNsTmgYfxB859HM_BXH0xc07-f9uoNtJoZK_xWQ=w16383
216.58.211.1200 OK 212 kB URL HTTP/2 lh3.googleusercontent.com/TgiVOmA5fwa1vIjI3IJmGo2FrbOmqZuoL-7H-Vdh480C4CaZxNsTmgYfxB859HM_BXH0xc07-f9uoNtJoZK_xWQ=w16383
IP 216.58.211.1:0
File type PNG image data, 2160 x 2160, 8-bit/color RGBA, non-interlaced\012- data
Size 212 kB (211966 bytes)
Hash 8dce8cc160584b831bdb1805e3b3bd96
058d29dd1bcf278183153e570da29983a78c6ea5
c69f368afae12ff5f486c8df4c0230c914364b9ee1991607197cd92d61417219
GET /TgiVOmA5fwa1vIjI3IJmGo2FrbOmqZuoL-7H-Vdh480C4CaZxNsTmgYfxB859HM_BXH0xc07-f9uoNtJoZK_xWQ=w16383 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="____ 2.png";filename*=UTF-8''%D0%BB%D0%BE%D0%B3%D0%BE%202.png
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 211966
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh4.googleusercontent.com/Yj6aTsM77L4nyEk8-BUwUDg0hQn1qkUGjIIGQATzku5_iIpBJoXYeCvMG93l2L_U2zAJUb8vuwVO2772Dy0MAhk=w1280
216.58.211.1200 OK 12 kB URL HTTP/2 lh4.googleusercontent.com/Yj6aTsM77L4nyEk8-BUwUDg0hQn1qkUGjIIGQATzku5_iIpBJoXYeCvMG93l2L_U2zAJUb8vuwVO2772Dy0MAhk=w1280
IP 216.58.211.1:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 64cfb2d9b6e93684485a5c21f451ebf8
2660b963b111edebc021915ea8f4f8db842680a5
11e846a39fb361457d01dd8ed3d747e6301145bfc5d70c26b1589accda24a305
GET /Yj6aTsM77L4nyEk8-BUwUDg0hQn1qkUGjIIGQATzku5_iIpBJoXYeCvMG93l2L_U2zAJUb8vuwVO2772Dy0MAhk=w1280 HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="050-video.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 11793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/FXSxQwO5pTg819W8o_gO2HJGDrmzdNSKpwV1n9x8LGglnDl9fopQ4ISCSP7F9-KfkfI9qPnxLS5mLN30fiVZX0w=w1280
216.58.211.1200 OK 7.6 kB URL HTTP/2 lh3.googleusercontent.com/FXSxQwO5pTg819W8o_gO2HJGDrmzdNSKpwV1n9x8LGglnDl9fopQ4ISCSP7F9-KfkfI9qPnxLS5mLN30fiVZX0w=w1280
IP 216.58.211.1:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 881ebd21c6eaca560f202a2094ab5817
e662e69235277c1c4ceedad650ff2431ea33be92
349b154fd4af14fc08708e5ea5dd7143dd8a8be4dabd2b51c25cc2af5d7a5056
GET /FXSxQwO5pTg819W8o_gO2HJGDrmzdNSKpwV1n9x8LGglnDl9fopQ4ISCSP7F9-KfkfI9qPnxLS5mLN30fiVZX0w=w1280 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="022-file folder.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 7550
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 89d57527c89c079687a9c8d685a47aaf
20170b647d294dd023bd1d0c2a554afc77d4caff
442332478ef19f8bb4814a12730e0066804f4709bbc282676d101e9c40c8ea45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 14:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh6.googleusercontent.com/zRZRhrRTdAOHrpKNq08WUPD_o5Kf9qjqdRt5GnvUaOZ3RE_RPsC9vURyUdUgLD_Y07xVGhHWG3y1UMe7hpbkiOE=w1280
216.58.211.1200 OK 7.1 kB URL HTTP/2 lh6.googleusercontent.com/zRZRhrRTdAOHrpKNq08WUPD_o5Kf9qjqdRt5GnvUaOZ3RE_RPsC9vURyUdUgLD_Y07xVGhHWG3y1UMe7hpbkiOE=w1280
IP 216.58.211.1:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 0beaca9a78f8f6eee50e7b3af3d3d540
acc1e9bd1daacf2ffb40fe57c6f3f439b54ff1cc
8d7624abd8ff98b8b8280d5fdaf4ae52ad51afb6eed2d5c65ce5678863e386a1
GET /zRZRhrRTdAOHrpKNq08WUPD_o5Kf9qjqdRt5GnvUaOZ3RE_RPsC9vURyUdUgLD_Y07xVGhHWG3y1UMe7hpbkiOE=w1280 HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="045-scroll.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 7131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh5.googleusercontent.com/FizkKzrc9fLB27UFHo8L1TQFoQLx_MoPWnpQ52i1bQ89MrFEKdgljflQJT7ZwlHasEwT7h7XBWrxPGxDIBU9dL4=w1280
216.58.211.1200 OK 15 kB URL HTTP/2 lh5.googleusercontent.com/FizkKzrc9fLB27UFHo8L1TQFoQLx_MoPWnpQ52i1bQ89MrFEKdgljflQJT7ZwlHasEwT7h7XBWrxPGxDIBU9dL4=w1280
IP 216.58.211.1:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash f1ab27f3dbd7390874883f7fb7803377
4141fea54a4a66e47eaac292eb1dc19950687b8a
aa3f4de2477bfb8f3340af5deec26775b29ae7b791bb1b27537a1d02bf3419ea
GET /FizkKzrc9fLB27UFHo8L1TQFoQLx_MoPWnpQ52i1bQ89MrFEKdgljflQJT7ZwlHasEwT7h7XBWrxPGxDIBU9dL4=w1280 HTTP/1.1
Host: lh5.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="025-global.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 14951
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh5.googleusercontent.com/d3aF4wion8gcywDzAMDhebUpT4T9YZilLfQCKF_VyBL5p1pl27bZs91ElISH5EsSabEK8pR-7Weo8Kn5jb2yeQ=w1280
216.58.211.1200 OK 9.7 kB URL HTTP/2 lh5.googleusercontent.com/d3aF4wion8gcywDzAMDhebUpT4T9YZilLfQCKF_VyBL5p1pl27bZs91ElISH5EsSabEK8pR-7Weo8Kn5jb2yeQ=w1280
IP 216.58.211.1:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 21cb0774d10c1497131a55c208a9c0a1
94566a69153afd0eefceebb9711c0fa73e8d12a7
fe12fae4b8b080fc733f2199a97ce81df9cfb6dd85597401030d64e2526705dd
GET /d3aF4wion8gcywDzAMDhebUpT4T9YZilLfQCKF_VyBL5p1pl27bZs91ElISH5EsSabEK8pR-7Weo8Kn5jb2yeQ=w1280 HTTP/1.1
Host: lh5.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="024-book.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 9663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh5.googleusercontent.com/sbGqCROXXI5oAQBndXNQEcGXBQhiBJ3aeqi2lxcQe1s_0A0_DjfLLwKNxRy__snb0s3FOMBOOmJC7Cj-jcypGgM=w1280
216.58.211.1200 OK 8.0 kB URL HTTP/2 lh5.googleusercontent.com/sbGqCROXXI5oAQBndXNQEcGXBQhiBJ3aeqi2lxcQe1s_0A0_DjfLLwKNxRy__snb0s3FOMBOOmJC7Cj-jcypGgM=w1280
IP 216.58.211.1:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash c51472c69ce15b8d6c5bdc540390d618
f5020f477daab7183c6e4d6992953417dd6ee07d
06fa30435f34a2e46b77f32a960c8610b85a04d2f485e4deeb32c41b4ac2684c
GET /sbGqCROXXI5oAQBndXNQEcGXBQhiBJ3aeqi2lxcQe1s_0A0_DjfLLwKNxRy__snb0s3FOMBOOmJC7Cj-jcypGgM=w1280 HTTP/1.1
Host: lh5.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="020-exam.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 8007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh5.googleusercontent.com/jfzrUCh1WWk3CzS24CAVW_RejwyUPwvuZ916ZGAeHFPYpWAi4hFJfVWfuASwVMmXIsHf5tPCUARxo9TAX09UWA=w1280
216.58.211.1200 OK 21 kB URL HTTP/2 lh5.googleusercontent.com/jfzrUCh1WWk3CzS24CAVW_RejwyUPwvuZ916ZGAeHFPYpWAi4hFJfVWfuASwVMmXIsHf5tPCUARxo9TAX09UWA=w1280
IP 216.58.211.1:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e0b319e78c67aca76c5485a2ea84f25
17fa257d6bcd341f321044c6d2bcee03a4d7abc1
481679e617bada75fc2cd962010425e5044e1d43e55497b52d3bcf0f6d9dd575
GET /jfzrUCh1WWk3CzS24CAVW_RejwyUPwvuZ916ZGAeHFPYpWAi4hFJfVWfuASwVMmXIsHf5tPCUARxo9TAX09UWA=w1280 HTTP/1.1
Host: lh5.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="listening.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 21342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh4.googleusercontent.com/H0QmQf5xYMQPB8LDCNw2fEokqp21eOs5VC7fGddkB8zpv5bEr2oX7Qpw3UjctzmGasjsBRcyMkyQQ92DXHuunOU=w1280
216.58.211.1200 OK 7.9 kB URL HTTP/2 lh4.googleusercontent.com/H0QmQf5xYMQPB8LDCNw2fEokqp21eOs5VC7fGddkB8zpv5bEr2oX7Qpw3UjctzmGasjsBRcyMkyQQ92DXHuunOU=w1280
IP 216.58.211.1:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c6e93076681f7ff6a91ae62e8e6eefe
1d1abe0153dd182f5bd9e06dc126542e26d33b1c
951e8b1e9219d39af2179ec8e4080b9ccaf9c17cf0a61d073f3bb37f46cb6333
GET /H0QmQf5xYMQPB8LDCNw2fEokqp21eOs5VC7fGddkB8zpv5bEr2oX7Qpw3UjctzmGasjsBRcyMkyQQ92DXHuunOU=w1280 HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="034-online learning.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 7902
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8659
Expires: Sat, 18 Mar 2023 16:52:29 GMT
Date: Sat, 18 Mar 2023 14:28:10 GMT
Connection: keep-alive
lh6.googleusercontent.com/gm8MH81jTAqeddQBfC140gYtvd_LSqaMXWxk2fQbfHq1oI6rEa9MD5rKrnFLLPoPHYMtglGjVI065CoTxTzlJv8Z7J3w9z6scfL5QGKH7-n3p1rVUVpFuDNshXjGYoN1Zg=w1280
216.58.211.1200 OK 390 kB URL HTTP/2 lh6.googleusercontent.com/gm8MH81jTAqeddQBfC140gYtvd_LSqaMXWxk2fQbfHq1oI6rEa9MD5rKrnFLLPoPHYMtglGjVI065CoTxTzlJv8Z7J3w9z6scfL5QGKH7-n3p1rVUVpFuDNshXjGYoN1Zg=w1280
IP 216.58.211.1:0
File type PNG image data, 503 x 596, 8-bit/color RGB, non-interlaced\012- data
Size 390 kB (389674 bytes)
Hash 1a4d6a37806e704a1023d1fb232e013b
9f8986f030f79f362aa14b87c293d7dee264e8e6
d3a44498238c207c04c60887fe7a4e634c796e127628249f6bab105ee5390239
GET /gm8MH81jTAqeddQBfC140gYtvd_LSqaMXWxk2fQbfHq1oI6rEa9MD5rKrnFLLPoPHYMtglGjVI065CoTxTzlJv8Z7J3w9z6scfL5QGKH7-n3p1rVUVpFuDNshXjGYoN1Zg=w1280 HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:10 GMT
server: fife
content-length: 389674
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd477c41-ec4b-4410-9c2a-271787375125.webp
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd477c41-ec4b-4410-9c2a-271787375125.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43fc355515c5bd733af9a846700aa7d2
c923bcfca532c6addd909788f5f4ea111a9b0d76
4c31fc1068285b85cb2bf3d40f8626500e77dfef17e568fdd695624d36d39fc5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd477c41-ec4b-4410-9c2a-271787375125.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3403
x-amzn-requestid: a6808ed6-c83c-456b-9e35-1660c603b358
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eNfFWOoAMF4eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd89-2f9c25887c8338b25024bd01;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: CVW02FEm5UVWZnX1UtA1th2telwfvoT6SkjMmL7TKZA5txpNeX_ZRA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:48:47 GMT
age: 59964
etag: "c923bcfca532c6addd909788f5f4ea111a9b0d76"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f53bb1fb90c97461035e7f9f7f7837e
961b5fcbca5b49ca9136e74931253bb300aa1985
dad960991444a4cbd8841e5c673b0e4337bdeb8c18672b5cfadb93d4ac70e8d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11673
x-amzn-requestid: 3675d2d9-47ab-4712-9511-0ad7570dd3cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eNfFXSIAMFbhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd89-53c9817044fda17b212f0237;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: RYqMTTPdmeDjKu7jhuuUFEn4Y420mbCQcZ8LN-vI9oBJ8LBkZEv0Ig==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:05:35 GMT
age: 58956
etag: "961b5fcbca5b49ca9136e74931253bb300aa1985"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bka10YWXvoKBRkwgvJNMzm1SSv_J1USzdugO9lPduHxe2uYFYkXh4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 04:25:40 GMT
age: 36151
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261ec986-2f8d-4ff1-a532-841fb845618b.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261ec986-2f8d-4ff1-a532-841fb845618b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae34f2fd5c842d15f05edef4c8b71dec
7e0306e3aa1b415cf9cae33b07da9f3303216a33
a5c1d1c217f6ebae09bbcb3c7ca6261e75773fdf32c1be4fedc29695f3233bf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261ec986-2f8d-4ff1-a532-841fb845618b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6151
x-amzn-requestid: 3df3d28e-80d9-40ff-a524-1c8d07c5b5f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eWhHeBIAMF2pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddc3-023ab8d94bf6b98a5c0b4260;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:38:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Sf-LgGpKI-9JPfurhJ_S6vfH-mT0jEl77QDUUWeOE1jzGS6OU47QpA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:48:47 GMT
age: 59964
etag: "7e0306e3aa1b415cf9cae33b07da9f3303216a33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f030924-26fe-4a36-bf48-11d8ccfe470b.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f030924-26fe-4a36-bf48-11d8ccfe470b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 772-769, spot sensor temperature 0.000000, unit celsius, color scheme 0, minimum point enabled, calibration: offset 0.000000, slope 1115717714480204991250653249536.000000\012- data
Hash 7c6233f649c3f84fcba3d244b3e5c35d
2820939892ab0d9b7c995043dc0f38642ac1e415
1ff87957f29a41db7bcbfcbc644cd434705b046b32e8d01467ec6b8c9f75c77b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f030924-26fe-4a36-bf48-11d8ccfe470b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12699
x-amzn-requestid: ebcd4e4c-f214-463e-a2c9-1392f278d6d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eSgGFOIAMFt8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dda9-5ec892ee018fe3d118df30d6;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Xm-KvGwI47UAZpwvXtnkLrSo18bFGJIdPrSvw3AayrUqyWVHlgbkqA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:55:54 GMT
age: 59537
etag: "2820939892ab0d9b7c995043dc0f38642ac1e415"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa364ba84-a707-4abe-b4c4-02d5e6726ed4.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa364ba84-a707-4abe-b4c4-02d5e6726ed4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9f21b4636bc8f91e6d456ae496c59ba
d7ca6a3c87043c863f1c23ff4e2062af0a2150ce
f4135a2239629fc461505652c7714515d22d99d8a1c911fdff19a590d68b10bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa364ba84-a707-4abe-b4c4-02d5e6726ed4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4230
x-amzn-requestid: a4e2dfd4-70d2-441e-bd8b-aa4b25491a3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eNfH7RoAMF14w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd89-5c886cab698814b67d7ca624;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: vA7bj07jfn5xlHq61s8RRb4113bAYuP8m4bA-RSvqHLzW8VYHagIsg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:50:32 GMT
age: 59859
etag: "d7ca6a3c87043c863f1c23ff4e2062af0a2150ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lh6.googleusercontent.com/iWjNEE6jBHGx_oFDtI8JJoQL8g7WnwpqjAGoNmRbRvF7xaJ936S07VAoZ6jwquT5v2dYu8PiFHRr02W7VZkBU2U=w16383
216.58.211.1200 OK 5.9 MB URL HTTP/2 lh6.googleusercontent.com/iWjNEE6jBHGx_oFDtI8JJoQL8g7WnwpqjAGoNmRbRvF7xaJ936S07VAoZ6jwquT5v2dYu8PiFHRr02W7VZkBU2U=w16383
IP 216.58.211.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Mockup image of male hands using a laptop computer and holing a smart phone both with blank white screens. Focus on the index f, manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, xresolution=141, yresolution=149, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:07:25 12:37:24], baseline, precision 8, 5472x3648, components 3\012- data
Size 5.9 MB (5932426 bytes)
Hash 583707976208cc031c19c435e89e22d5
eb68b710bf4bbbbf9cf8c471d3bc4aba1f80cdf0
ba68015f07e9736c5ae384136e127c2088a3555d0ec1e550fea9f255fcca6e0a
GET /iWjNEE6jBHGx_oFDtI8JJoQL8g7WnwpqjAGoNmRbRvF7xaJ936S07VAoZ6jwquT5v2dYu8PiFHRr02W7VZkBU2U=w16383 HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="EmbeddedImage.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:11 GMT
server: fife
content-length: 5932426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/ajNk6oPFuW4xV5K9KhtNybrXI9QYrND_nz-Y8HlvHn1Wt75zsL0d_EwzmBGE6Azx7Dfc4OPtGPjlQjyMa_bkRgE=w1280
216.58.211.1200 OK 347 kB URL HTTP/2 lh3.googleusercontent.com/ajNk6oPFuW4xV5K9KhtNybrXI9QYrND_nz-Y8HlvHn1Wt75zsL0d_EwzmBGE6Azx7Dfc4OPtGPjlQjyMa_bkRgE=w1280
IP 216.58.211.1:0
File type PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size 347 kB (346747 bytes)
Hash 7fb0f9e21713b5e250ea1aee5c50a27f
b456a86cc4696d5ada7117076238fcb807250c84
d152847f408d1e53e7694065466546142f90f79e7432af43ef6f6c31c0e9f37a
GET /ajNk6oPFuW4xV5K9KhtNybrXI9QYrND_nz-Y8HlvHn1Wt75zsL0d_EwzmBGE6Azx7Dfc4OPtGPjlQjyMa_bkRgE=w1280 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 19 Mar 2023 14:28:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="____ 2.png";filename*=UTF-8''%D0%BB%D0%BE%D0%B3%D0%BE%202.png
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 14:28:11 GMT
server: fife
content-length: 346747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-PRVQHGHZFQ>m=45je33f0&_p=1423987941&gdid=dZWRiYj&cid=1103246916.1679149690&ul=en-us&sr=1280x1024&_s=1&sid=1679149690&sct=1&seg=0&dl=https%3A%2F%2Fwww.students-help.ga%2F&dt=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%2C%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8.%20%D0%A1%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%3A%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D0%B8%2C%20%D1%8D%D1%81%D1%81%D1%8D%2C%20%D1%80%D1%84%D0%B5%D0%B5%D1%80%D0%B0%D1%82%D1%8B%2C%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B4%D1%8B%2C%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D0%BA%D1%80%D0%B8%D0%B1%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%A1%D0%A0%D0%A1.%20Students-help.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-PRVQHGHZFQ>m=45je33f0&_p=1423987941&gdid=dZWRiYj&cid=1103246916.1679149690&ul=en-us&sr=1280x1024&_s=1&sid=1679149690&sct=1&seg=0&dl=https%3A%2F%2Fwww.students-help.ga%2F&dt=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%2C%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8.%20%D0%A1%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%3A%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D0%B8%2C%20%D1%8D%D1%81%D1%81%D1%8D%2C%20%D1%80%D1%84%D0%B5%D0%B5%D1%80%D0%B0%D1%82%D1%8B%2C%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B4%D1%8B%2C%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D0%BA%D1%80%D0%B8%D0%B1%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%A1%D0%A0%D0%A1.%20Students-help.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-PRVQHGHZFQ>m=45je33f0&_p=1423987941&gdid=dZWRiYj&cid=1103246916.1679149690&ul=en-us&sr=1280x1024&_s=1&sid=1679149690&sct=1&seg=0&dl=https%3A%2F%2Fwww.students-help.ga%2F&dt=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%2C%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8.%20%D0%A1%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%3A%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D0%B8%2C%20%D1%8D%D1%81%D1%81%D1%8D%2C%20%D1%80%D1%84%D0%B5%D0%B5%D1%80%D0%B0%D1%82%D1%8B%2C%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B4%D1%8B%2C%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D0%BA%D1%80%D0%B8%D0%B1%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%A1%D0%A0%D0%A1.%20Students-help.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Origin: https://www.students-help.ga
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.students-help.ga
date: Sat, 18 Mar 2023 14:28:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 47248bf32bb39062529b90f37bdc2d53
ff312abc314ce8a46ee923946d8765064f84107e
35477404bc46daaf9b65115be0f30bea15a7a4d5a5ab849edca4f30d66524065
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 14:28:11 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 22 Mar 2023 10:41:16 GMT
ETag: "ff312abc314ce8a46ee923946d8765064f84107e"
Last-Modified: Sat, 18 Mar 2023 10:41:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1590
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a9e292478aeb4fa-OSL
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash 6a599c9bd605553d6e8ea26b240017e5
ce6de2eaa815569841f1b16de3de7aa841ac7e88
8ee4a7bf51b198d826a7320c21965e73d95fd1642d9071a1a840e566ee9303de
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://810463162-atari-embeds.googleusercontent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73790
date: Sat, 18 Mar 2023 14:28:11 GMT
access-control-allow-origin: *
etag: "6412d54e-1203e"
expires: Sat, 18 Mar 2023 15:28:11 GMT
last-modified: Thu, 16 Mar 2023 11:37:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://810463162-atari-embeds.googleusercontent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 18 Mar 2023 14:28:11 GMT
access-control-allow-origin: *
etag: "6412d54e-2b"
expires: Sat, 18 Mar 2023 15:28:11 GMT
accept-ranges: bytes
last-modified: Thu, 16 Mar 2023 11:37:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.students-help.ga/_/view/logImpressions?authuser=0
142.250.74.147200 OK 449 B URL HTTP/2 www.students-help.ga/_/view/logImpressions?authuser=0
IP 142.250.74.147:0
Hash 99a781fc139f8a0660133e7435d7e9cc
b6e0a7ba0fb3bf09ae10e5890e0990d91ac19063
07d14168c1fd228352874d8f02c4675e224a42db5a7b9e15a1dd8715c0d8256d
POST /_/view/logImpressions?authuser=0 HTTP/1.1
Host: www.students-help.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 12593
Origin: https://www.students-help.ga
Connection: keep-alive
Cookie: _ga_PRVQHGHZFQ=GS1.1.1679149690.1.0.1679149690.0.0.0; _ga=GA1.1.1103246916.1679149690
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Mar 2023 14:28:13 GMT
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
www.students-help.ga/
142.250.74.147200 OK 0 B IP 142.250.74.147:0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET / HTTP/1.1
Host: www.students-help.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Mar 2023 14:28:09 GMT
cross-origin-opener-policy: unsafe-none
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'nonce-i2krsLh04ULCU99uHBQQWQ' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
referrer-policy: strict-origin-when-cross-origin
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%2C700%7CDroid%20Sans%3A400%2C700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%2C700%7CDroid%20Sans%3A400%2C700&display=swap
IP 142.250.74.106:0
GET /css?family=Roboto%20Slab%3A300%2C400%2C700%7CDroid%20Sans%3A400%2C700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 18 Mar 2023 14:28:09 GMT
date: Sat, 18 Mar 2023 14:28:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
IP 142.250.74.106:0
GET /css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 18 Mar 2023 14:28:09 GMT
date: Sat, 18 Mar 2023 14:28:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT%20Sans%3Ai%2Cbi%2C700%2C400&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT%20Sans%3Ai%2Cbi%2C700%2C400&display=swap
IP 142.250.74.106:0
GET /css?family=PT%20Sans%3Ai%2Cbi%2C700%2C400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.students-help.ga/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 18 Mar 2023 14:28:09 GMT
date: Sat, 18 Mar 2023 14:28:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2