study-assistantph.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: study-assistantph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 16:38:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 02 Oct 2022 17:38:25 GMT
Location: https://study-assistantph.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2p1K2G03FNvtsJAW6hixzoH50ug4fsnJc5cwuyuOA6MpRxWwjqY4dRdg9J04HQ3faVHfCJD3Utn65b%2FwMK8tfAtPLWP8qofyzyhmVbosqpdTPSS5kC8cjvrqqiJIQyoGYBUqd6fgQc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753ede46d8670b39-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 16:03:11 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: Go9kHF8hNhaXDoIPbATt13TpH8SeMkFrVysETQO9wbsTkg2cj-FHMA==
Age: 2114
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5316
Expires: Sun, 02 Oct 2022 18:07:01 GMT
Date: Sun, 02 Oct 2022 16:38:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: maxxIBdB69BNDuVHutn-5aPR5cm--daGbUq3jLfQj4asi6hiYPQr0g==
age: 47109
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f45db70971ccee128e91017f4b2857a8
9abd81a557dda94ebd37991c17fec6ad6824cf18
3aaf63af0dbf7178f56c363eb23d5d0377e5001ae26cd79c9e15c7e800c96e54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AAF63AF0DBF7178F56C363EB23D5D0377E5001AE26CD79C9E15C7E800C96E54"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3372
Expires: Sun, 02 Oct 2022 17:34:37 GMT
Date: Sun, 02 Oct 2022 16:38:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 05dd0c20371cbf97c9a78370cafe6ce6
3a4fa80c974c416f2e14e92d7bd8806dc59dd6b9
389ea7c1f6f4425be6cf252036da9747c7e7f39a8020a4eaf81aab7f2f4d67b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "389EA7C1F6F4425BE6CF252036DA9747C7E7F39A8020A4EAF81AAB7F2F4D67B1"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18273
Expires: Sun, 02 Oct 2022 21:42:58 GMT
Date: Sun, 02 Oct 2022 16:38:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55573632eadb9276d486f5815c2bb4f8
349ed4ea21af1011187777531d2fc45334c367cc
f097eb26ae9f2b09c3758350f043d0252a524d20a8eef8450c8994d769a03350
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F097EB26AE9F2B09C3758350F043D0252A524D20A8EEF8450C8994D769A03350"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3961
Expires: Sun, 02 Oct 2022 17:44:26 GMT
Date: Sun, 02 Oct 2022 16:38:25 GMT
Connection: keep-alive
loulouly.net/zone?pub=0&zone_id=3914651&is_mobile=false&domain=study-assistantph.com&var=&ymid=&var_3=
200 OK 758 B URL HTTP/2 loulouly.net/zone?pub=0&zone_id=3914651&is_mobile=false&domain=study-assistantph.com&var=&ymid=&var_3=
IP
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 35d92b5d2052d00687b0de0ce3437c71
ddade391e18342b326efdce9712c310a23a0a91a
78152fe7e8ba4c6727d4bfa45b0374a29abf508bcdafbbcf1430fa1fe5383057
GET /zone?pub=0&zone_id=3914651&is_mobile=false&domain=study-assistantph.com&var=&ymid=&var_3= HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:25 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 7423d8d577e500f0c013f340d4285a4c
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 16:32:56 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 16:54:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bfad1bfbe8b9892941877774853e07da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: ovwDkdn_7Hjhq2cEQ9AGg5M0_Y1dTMcE5MQxiIt_tTZoxEQvELYgkw==
Age: 332
cdn.dmtgvn.com/wrapper/js/dynamic-engine.js?v=s-f85104db-c6b5-4c08-9bea-34c6ced319b5
200 OK 1.8 kB URL HTTP/2 cdn.dmtgvn.com/wrapper/js/dynamic-engine.js?v=s-f85104db-c6b5-4c08-9bea-34c6ced319b5
IP
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (4487), with no line terminators
Hash 98f80f65023d469e98fa48b4da1742d1
5a351b2e597179dfc96bf8b9e22d4ca9b05b810a
6e7195b24987f1c27eeb9067d0b3189f244b4da39746035914138e104ba41108
GET /wrapper/js/dynamic-engine.js?v=s-f85104db-c6b5-4c08-9bea-34c6ced319b5 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:26 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: HIT
x-cached-since: 2022-09-30T17:26:01+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5371
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:26 GMT
Last-Modified: Sun, 02 Oct 2022 15:08:55 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
loulouly.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Content-Type: application/json
Origin: https://study-assistantph.com
Content-Length: 379
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:26 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d18fa18bb14554e2b215716bde27f2d1
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 3f221772ec0c9958b2c88cae5babcd0b
dc78dc227b42d1d4967d64c81374693440bf3f4f
037c8d5c260b070d810b31fd5d9db67c9aa44f3e103ec170cbd7234210555ba1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:38:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 18:25:21 GMT
Expires: Thu, 06 Oct 2022 18:25:20 GMT
Etag: "dc78dc227b42d1d4967d64c81374693440bf3f4f"
Cache-Control: max-age=351413,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 753ede4d4987b503-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aac09956d05ead11e1d5a37ef9eef230
86f955247846aaae44d3ce9f2729c753a76ff9ee
fd5bb95275653829ba7bd4648e3e5a99e8ebeb6357adb52e0411d8da4b27e8fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD5BB95275653829BA7BD4648E3E5A99E8EBEB6357ADB52E0411D8DA4B27E8FC"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20983
Expires: Sun, 02 Oct 2022 22:28:09 GMT
Date: Sun, 02 Oct 2022 16:38:26 GMT
Connection: keep-alive
my.rtmark.net/gid.js
200 OK 65 B IP
File type JSON data\012- , ASCII text
Hash fa007cad225a71e935c0d4632c737c09
10a8c635cc04795f3f7b8a9f1c9c37f8efedda38
10a0c60c53c39bfaf15bee11d307682a792a9b1e015ce2219a68968a082453a9
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:26 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://study-assistantph.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fe4bbd38581a45b19f830c17e460612c; expires=Mon, 02 Oct 2023 16:38:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=4493436
200 OK 968 B URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=4493436
IP
File type ASCII text, with very long lines (801)
Hash 6488d2d9ffca075b8108321f2b7a4d6b
a156377867fd73dd6fd736641cefe24c1cc78ea5
ff998a4f03bbd94d352c41d6a10a3da73de2c1e907e6d12657d7514663bd271a
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=4493436 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:26 GMT
content-type: application/javascript
content-length: 968
x-trace-id: 6880dd86980a8d7ff361605df6175e34
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f5672df5744d4aafb66789bffa4f973b; expires=Mon, 02 Oct 2023 16:38:26 GMT; path=/; secure; SameSite=None
oaidts=1664728706; expires=Mon, 02 Oct 2023 16:38:26 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash f8081518e3d57221621e2a9a82e1e2d4
49d78923340dd0afa2d8eaadb8aa32bb14c0b6b3
aaab42de1da4de8c53295899d0b4cde36ea419c105a46baaad8a3e6a7fb7d7fa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:38:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 12:52:18 GMT
Expires: Thu, 06 Oct 2022 12:52:17 GMT
Etag: "49d78923340dd0afa2d8eaadb8aa32bb14c0b6b3"
Cache-Control: max-age=331430,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 753ede4daa60b503-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 1.2 kB URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
Hash c75a2c0c11d9c532eda2d605b3121fa0
c01786fdc1abd735732c58edc24272b5e6f24d77
9fdb4c819b64e03d67d596e30af5614d6bdaa8408be53cd04b1077f2fbaf62e5
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://study-assistantph.com
Content-Length: 1518
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 02 Oct 2022 16:38:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://study-assistantph.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
eehuzaih.com/500/5041469?excludes=&oaid=fe4bbd38581a45b19f830c17e460612c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/2 eehuzaih.com/500/5041469?excludes=&oaid=fe4bbd38581a45b19f830c17e460612c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5041469?excludes=&oaid=fe4bbd38581a45b19f830c17e460612c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:26 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://study-assistantph.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
loulouly.net/pfe/current/universal.min.js?v=3.1.396
200 OK 47 kB URL HTTP/2 loulouly.net/pfe/current/universal.min.js?v=3.1.396
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 98125808af7833cf1d5dffc1f871261d
0fc4525d6a296c9a936eab1f4b17544a33c7ab7d
c4eccf967e17ef0f1fb34aba633c778f932e0be2c50168260d2769932ab761c4
GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:25 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1fafa"
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.dmtgvn.com/wrapper/js/prebid.js?v=s-f85104db-c6b5-4c08-9bea-34c6ced319b5
200 OK 127 kB URL HTTP/2 cdn.dmtgvn.com/wrapper/js/prebid.js?v=s-f85104db-c6b5-4c08-9bea-34c6ced319b5
IP
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (65423)
Size 127 kB (126629 bytes)
Hash d3aee769960ef08bc95ceb26861ebbc7
cb266c8554b5a2ddae91573ec58a8264d0154484
d795a0344a5d26043b9da07c6cb32495fdcbde38792448bf7938d76abf912da0
GET /wrapper/js/prebid.js?v=s-f85104db-c6b5-4c08-9bea-34c6ced319b5 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:26 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: HIT
x-cached-since: 2022-09-30T17:28:15+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 62446c4d2d52e4ffee0dd5d0c13a50db
6a4964759739de727ee5521a938ee58dae4dce82
f0b74f21568e91ef48066032a45073174c937b2345f8393184d75b1097edb3b8
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:38:26 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 06 Oct 2022 13:08:20 GMT
ETag: "6a4964759739de727ee5521a938ee58dae4dce82"
Last-Modified: Sun, 02 Oct 2022 13:08:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2923
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753ede4f8f4ab529-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c120ef4802f4eb64e93225496ba6944a
cdebb30349fa79f7ddb7d13aac47735565ac0ba2
1bcd7dc722018962f16783f0f888742a7926c0a7e466deef174f0f4fc5eb4a4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
200 OK 97 kB URL HTTP/2 offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ef316842349308dfa69b2337a1f2f26
cfb295c74af7d2432c8f0dde1819e1aa35b2ab89
88d7d3964d36d102797d185fb23dab82ac6142c12a5119497b95d2dc018c5bcd
GET /www/images/3ef316842349308dfa69b2337a1f2f26.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:38:26 GMT
content-type: image/png
content-length: 96644
last-modified: Fri, 06 Nov 2020 13:23:01 GMT
etag: "5fa54e35-17984"
expires: Sun, 02 Oct 2022 18:11:23 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 80823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ede5028b098eb-ARN
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 7a68c8644032413981e4ba5bc0d66c4a
2d46ca8055e8577ae7138140e34a6e633434973c
e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Sun, 02 Oct 2022 16:38:26 GMT
access-control-allow-origin: *
etag: "633583ac-11a95"
expires: Sun, 02 Oct 2022 17:38:26 GMT
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=study-assistantph.com
200 OK 88 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=study-assistantph.com
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babd7375cb8a8ba5e9049383c525d286
adcd0be5aac95f5852a98d1d095e1df83152b2f0
78ccb4f15aafeeedc6a81557cf1f4dbc1c9ff00262ae2d53e62dbaf9bba58870
GET /pagead/ppub_config?ippd=study-assistantph.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Sun, 02 Oct 2022 16:38:26 GMT
expires: Sun, 02 Oct 2022 16:38:26 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 88
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 16:53:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
200 OK 131 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
IP
File type ASCII text, with very long lines (65439)
Size 131 kB (131011 bytes)
Hash 7899f0ee9fd803d3184f687e9e51c08a
1ecbc68dbadb9078b893c9035e1f1b02e52588d8
838e5ed28453d0b0f6f8215f1855f8b6ff977452346d4a1ffe5f0143d1f29077
GET /gpt/pubads_impl_2022092701.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 131011
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 11:27:03 GMT
expires: Sun, 01 Oct 2023 11:27:03 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 27 Sep 2022 08:38:39 GMT
content-type: text/javascript
age: 105083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88477929?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A957896610888%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163826%3Aet%3A1664728707%3Ac%3A1%3Arn%3A913020600%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C%2C%2C%2C525%3Ans%3A1664728704943%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728707%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/88477929?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A957896610888%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163826%3Aet%3A1664728707%3Ac%3A1%3Arn%3A913020600%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C%2C%2C%2C525%3Ans%3A1664728704943%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728707%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 412dc6c5703321e71a662e02b2e7d055
a74a3b686ff5ba75b864a0c59c6898dddae41d7b
dcce1c5aad84796aac9131f55fc7914d57f719bfd4c09ef1bd26967ab1cf879a
GET /watch/88477929?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A957896610888%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163826%3Aet%3A1664728707%3Ac%3A1%3Arn%3A913020600%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C%2C%2C%2C525%3Ans%3A1664728704943%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728707%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/88477929/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A957896610888%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163826%3Aet%3A1664728707%3Ac%3A1%3Arn%3A913020600%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C%2C%2C%2C525%3Ans%3A1664728704943%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728707%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 02 Oct 2022 16:38:26 GMT
access-control-allow-origin: https://study-assistantph.com
set-cookie: yandexuid=5543644131664728706; Expires=Mon, 02-Oct-2023 16:38:26 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5543644131664728706; Expires=Mon, 02-Oct-2023 16:38:26 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1274612001664728706; Path=/; SameSite=None; Secure
i=q82Wc8q9on1nltnUtbUoCKH7C5S+nYVHLNw/2xG6aHCzS//Q7KlCbveKHlmjNr5e3HO7ueYr1iVnXUmimiERvXcYHM4=; Expires=Wed, 29-Sep-2032 16:38:21 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696264706.yrts.1664728706#1696264706.yrtsi.1664728706; Expires=Mon, 02-Oct-2023 16:38:26 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 02-Oct-2022 16:38:26 GMT
last-modified: Sun, 02-Oct-2022 16:38:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 02 Oct 2022 16:38:26 GMT
access-control-allow-origin: *
etag: "633583ac-2b"
expires: Sun, 02 Oct 2022 17:38:26 GMT
accept-ranges: bytes
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
loulouly.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Content-Type: application/json
Origin: https://study-assistantph.com
Content-Length: 740
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:26 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: bacdfc4c3ca7a5f059fc5cf01f63f907
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4f94a2722366412417efbb65aa368b8
f2942fbd2a6f0326f99c3a271de2dab12c881b15
97805013c570f1c9ad0158d99dfc6f521628bfb4b72a2a5d79526ec7b04df2f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=study-assistantph.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=study-assistantph.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=study-assistantph.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 02 Oct 2022 16:38:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=study-assistantph.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=study-assistantph.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=study-assistantph.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 02 Oct 2022 16:38:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4f94a2722366412417efbb65aa368b8
f2942fbd2a6f0326f99c3a271de2dab12c881b15
97805013c570f1c9ad0158d99dfc6f521628bfb4b72a2a5d79526ec7b04df2f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14834), with no line terminators
Hash a112a7dd920f2811ad72eb0b89fdd978
c5704a9272060c1322bbf09258fcefc99286f019
de0f018e3f32ffc7cd617c481ad1959cbcce7a66b0815b0d361924fadacc5827
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 02 Oct 2022 16:38:27 GMT
server: cafe
cache-control: private
content-length: 11258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3f93a4e8e0546182abeea471654f77d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
200 OK 3.1 kB URL HTTP/2 3f93a4e8e0546182abeea471654f77d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: 3f93a4e8e0546182abeea471654f77d8.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 02 Oct 2022 16:38:27 GMT
expires: Mon, 02 Oct 2023 16:38:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb52d91ef821fa976d93510f1f1be11e
139e9f578346acfdee8276831c3fa1946fb917a0
411a9160de93abacf184321c47c19aa9bbb3cbe43b52e4e7c930fee26b3ff21f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 02 Oct 2022 16:38:27 GMT
expires: Sun, 02 Oct 2022 16:38:27 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 14:14:54 GMT
expires: Sun, 01 Oct 2023 14:14:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 95013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ac3bd9203842561ff6c0efa66a4f0c53
6e4a2cfd9c78b8f74eaed22be5d3a97e0ef4d4e6
d12d2268c2e86892041bc3c4f3a6724afc1ddafcb442d4007f32fd13ec3b9aa9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4469
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:27 GMT
Last-Modified: Sun, 02 Oct 2022 15:23:58 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ceb7f2392dd816131e0001a76cb54e19
6416c2a788f016ff94f0a10616e443e47890e97f
517337577ada3f7f9e3da9c42ce722b5a760721d59a0404afdb2810fe252245e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash a81001c958e637efe394f6554ef6b159
dbd40adcd10d3e308c64b85648a32eba4aca2371
689365c8363eb6b57a19f0da8708373d97dc6a1af52755ff39736e221cc5ed72
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 02 Oct 2022 16:38:27 GMT
date: Sun, 02 Oct 2022 16:38:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-0VVg4VF22tN9mqWlUUVjRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=945384f4-1d66-46be-80ba-51f09a71308f&l_pb_bid_id=48be522b74a3a4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3951054743705086
200 OK 304 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=945384f4-1d66-46be-80ba-51f09a71308f&l_pb_bid_id=48be522b74a3a4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3951054743705086
IP
File type JSON data\012- , ASCII text, with very long lines (304), with no line terminators
Hash 42b442be587e1f202a65be8f54351c9c
2dc3432aa9b16bcfede0b1480beb0f5da1497878
38cc9cdc07538dd1742ce78c301b5160c01e6efae61bfed6231f758b145eb56b
GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=945384f4-1d66-46be-80ba-51f09a71308f&l_pb_bid_id=48be522b74a3a4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3951054743705086 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Sun, 02 Oct 2022 16:38:27 GMT
Content-Type: application/json
Content-Length: 304
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8RKHNEM-1M-LDT8; Domain=.rubiconproject.com; Path=/; Expires=Mon, 02-Oct-2023 16:38:27 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrtP+4AIapah+9DtVM30fCgU74j91hFNWkbZmZzZPdXaD9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 02-Oct-2023 16:38:27 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ib.adnxs.com/ut/v3/prebid
200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d4a0a9cb962ee8eeca21ae0246b9a3f9
8e6e5986e6cd557ebef9c1589cc60c129a95109a
f2d58701124b07dccb0277c1728da0676df50bf8805bc66ecb94f5472b9a736a
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 611
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 02 Oct 2022 16:38:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: 9242ddfb-b848-44ed-b503-1dd2a4972663
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 4f4acdd883bdf2851e49b264607e0ffb
6324a3f77209f41fa14aad5aab9f7542179be5f9
ac1dc5abb2f31927345656aa95571bcc423c4d3f1135fc31922bd5f713cde03e
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 475
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 02 Oct 2022 16:38:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: 1b1eeb23-c18c-4dda-b067-58e62fd3d4b2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4458
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:38:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4458
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:38:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4458
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:38:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4458
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:38:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4458
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:38:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94d82ad8d70761f6ee1384b4183335f3
5d3389a965cfa45dab2202d89b40264368674e8a
ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:21:15 GMT
age: 65832
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
age: 67793
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 67794
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 67790
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
200 OK 42 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP
File type gzip compressed data, max speed, from Unix\012- data
Hash 4f3d82aaf19aad6bb864edf5463c0568
48c96fe076491d352021f52c5e448ed023f722e2
b8e197e65f1edcb492be07ba96f227573703a574b149b26c505af07f07dece72
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 67791
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 43047
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b89ef752588ee214626799f3d0a55b36
dab0a8e6d93bb441c2008a9e34d002660b17b383
35fe207395f1ea3e404b1f96305ebe330fa9ebb13aa0983b64befad70457f4f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35FE207395F1EA3E404B1F96305EBE330FA9EBB13AA0983B64BEFAD70457F4F5"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2360
Expires: Sun, 02 Oct 2022 17:17:47 GMT
Date: Sun, 02 Oct 2022 16:38:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b89ef752588ee214626799f3d0a55b36
dab0a8e6d93bb441c2008a9e34d002660b17b383
35fe207395f1ea3e404b1f96305ebe330fa9ebb13aa0983b64befad70457f4f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35FE207395F1EA3E404B1F96305EBE330FA9EBB13AA0983B64BEFAD70457F4F5"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2092
Expires: Sun, 02 Oct 2022 17:13:19 GMT
Date: Sun, 02 Oct 2022 16:38:27 GMT
Connection: keep-alive
worker.sttsmntz.ru/stats/format
200 OK 231 B URL HTTP/2 worker.sttsmntz.ru/stats/format
IP
File type JSON data\012- , ASCII text
Hash 4e03e6a375beec0a625d72c5c96624e4
2afc71920fe61435f85f6b675622195cd5eebf34
d2c372df1665c800a980edb07408337b0f8afcaa5a7819d551d7f46ddd57a5ef
POST /stats/format HTTP/1.1
Host: worker.sttsmntz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ycalb
date: Sun, 02 Oct 2022 16:38:27 GMT
content-type: application/json
content-encoding: gzip
content-length: 231
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
worker.sttsmntz.ru/stats/format
200 OK 229 B URL HTTP/2 worker.sttsmntz.ru/stats/format
IP
File type JSON data\012- , ASCII text
Hash 5dddf5ccc87a17166357dc679d40b216
254d2d0a7880a5caf0bc083a191b9d5da4a0f0e7
c11b43b554479014ec4bcdd6d7a68b797ff07cb07199171281eb572e30a5e6b8
POST /stats/format HTTP/1.1
Host: worker.sttsmntz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ycalb
date: Sun, 02 Oct 2022 16:38:27 GMT
content-type: application/json
content-encoding: gzip
content-length: 229
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71915284/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A583358946784%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163827%3Aet%3A1664728708%3Ac%3A1%3Arn%3A125741208%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C1849%2C1849%2C1%2C525%3Aeu%3A1%3Ans%3A1664728704943%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728708%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/71915284/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A583358946784%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163827%3Aet%3A1664728708%3Ac%3A1%3Arn%3A125741208%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C1849%2C1849%2C1%2C525%3Aeu%3A1%3Ans%3A1664728704943%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728708%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash df3507dbb2b96157236041bb727a6671
597b546d95589090d1bcf594a0548e93a62190f4
2c76e78755e821f349d1e76b122115e459cf681e3797f8dd2fb291d21f06ff26
GET /watch/71915284/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A583358946784%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163827%3Aet%3A1664728708%3Ac%3A1%3Arn%3A125741208%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C1849%2C1849%2C1%2C525%3Aeu%3A1%3Ans%3A1664728704943%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728708%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Referer: https://study-assistantph.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sun, 02 Oct 2022 16:38:27 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 02-Oct-2022 16:38:27 GMT
last-modified: Sun, 02-Oct-2022 16:38:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
eehuzaih.com/impression/wIXOUp9WGlkJ1Eu4paPvqCmpQwCsWz-NPnL6z_ZCRnD59oKcLmknl3Cua91VqDLhyTZGdlj-kgCt_CPilB7AFe-mXJ8goiu-fq_Ys4XoDzP1VC7JKnsX6IfjP04dGOUQmWU3MnlwOIjZKpoj_2n5L1rH-1fPwQw0eGCLS-gGV8PtNcAJKb_fqgHoZPtzDba70DtGSMbWEYBSVlxmxq9HqIXeS0hOB41cbH6x8frC7teL5iD0DWBQTn9AC4fEJ3XhFzgcL7HLzPN6aeiCYaVXxrVBaf3vD0iTXpEVeEJTqSPZ2bpD-XsbEswQsJbuKlCUOa4WZuXdq3_TbKCPOM7CAfAvBxjB-TUl0qro86MPY-Yo4tan4aRcqJoija8dFju-E4pGpg5aKUZynJ_Z9fKZwSfAnV8S7W9AXMeoOnZpXK7ksTO4M6k-X_KRob_iTUkAF1XclpCNqda8WI1Xng8eIRKkq_PfoCEtFNdeDqZE2Fpy88nut64yX44aS1k9ptgUAArsB7NqQdZxEPLXgAwA-JnVdp1jE_m3l1pDusURUt_tMwJ9lHjZYj2JlQvED_OTgqUFBsHMiB7r33hA0Bc-ZHXKxEEg3TuhbutdbOQ4FnM=?_z=5041469&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 43 B URL HTTP/2 eehuzaih.com/impression/wIXOUp9WGlkJ1Eu4paPvqCmpQwCsWz-NPnL6z_ZCRnD59oKcLmknl3Cua91VqDLhyTZGdlj-kgCt_CPilB7AFe-mXJ8goiu-fq_Ys4XoDzP1VC7JKnsX6IfjP04dGOUQmWU3MnlwOIjZKpoj_2n5L1rH-1fPwQw0eGCLS-gGV8PtNcAJKb_fqgHoZPtzDba70DtGSMbWEYBSVlxmxq9HqIXeS0hOB41cbH6x8frC7teL5iD0DWBQTn9AC4fEJ3XhFzgcL7HLzPN6aeiCYaVXxrVBaf3vD0iTXpEVeEJTqSPZ2bpD-XsbEswQsJbuKlCUOa4WZuXdq3_TbKCPOM7CAfAvBxjB-TUl0qro86MPY-Yo4tan4aRcqJoija8dFju-E4pGpg5aKUZynJ_Z9fKZwSfAnV8S7W9AXMeoOnZpXK7ksTO4M6k-X_KRob_iTUkAF1XclpCNqda8WI1Xng8eIRKkq_PfoCEtFNdeDqZE2Fpy88nut64yX44aS1k9ptgUAArsB7NqQdZxEPLXgAwA-JnVdp1jE_m3l1pDusURUt_tMwJ9lHjZYj2JlQvED_OTgqUFBsHMiB7r33hA0Bc-ZHXKxEEg3TuhbutdbOQ4FnM=?_z=5041469&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/wIXOUp9WGlkJ1Eu4paPvqCmpQwCsWz-NPnL6z_ZCRnD59oKcLmknl3Cua91VqDLhyTZGdlj-kgCt_CPilB7AFe-mXJ8goiu-fq_Ys4XoDzP1VC7JKnsX6IfjP04dGOUQmWU3MnlwOIjZKpoj_2n5L1rH-1fPwQw0eGCLS-gGV8PtNcAJKb_fqgHoZPtzDba70DtGSMbWEYBSVlxmxq9HqIXeS0hOB41cbH6x8frC7teL5iD0DWBQTn9AC4fEJ3XhFzgcL7HLzPN6aeiCYaVXxrVBaf3vD0iTXpEVeEJTqSPZ2bpD-XsbEswQsJbuKlCUOa4WZuXdq3_TbKCPOM7CAfAvBxjB-TUl0qro86MPY-Yo4tan4aRcqJoija8dFju-E4pGpg5aKUZynJ_Z9fKZwSfAnV8S7W9AXMeoOnZpXK7ksTO4M6k-X_KRob_iTUkAF1XclpCNqda8WI1Xng8eIRKkq_PfoCEtFNdeDqZE2Fpy88nut64yX44aS1k9ptgUAArsB7NqQdZxEPLXgAwA-JnVdp1jE_m3l1pDusURUt_tMwJ9lHjZYj2JlQvED_OTgqUFBsHMiB7r33hA0Bc-ZHXKxEEg3TuhbutdbOQ4FnM=?_z=5041469&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Cookie: OAID=fe4bbd38581a45b19f830c17e460612c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:30 GMT
content-type: image/gif
content-length: 43
x-trace-id: 2e2fc35d5956abbc144b97ea5304bc82
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
Hash 49dcb3f23a58f998f11d8c2ca1b90a68
0aee92fad52d2f03484a134901a90260af43e913
92223ea8fd1122967d4b3adaec6c401be4ab899e973ed13fb3fb90520cdefcfa
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 16:38:31 GMT
date: Sun, 02 Oct 2022 16:38:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 335063
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:38:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/ut/v3/prebid
200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 8c5b6b79667862a04af129c24b4a9851
170ae6b6859372707daaf2e46e792b959ff338b2
6bf93913502583ff1dca0adc5d9adc1b40bf90a83556ffa08042e55ffb19f45d
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 611
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 02 Oct 2022 16:38:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: 6e5cf0e3-3048-4485-a9f8-101638406341
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=4a677d58-27e7-4577-b78d-11d34510f4a9&l_pb_bid_id=123419558a453ff8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2359854178229217
200 OK 312 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=4a677d58-27e7-4577-b78d-11d34510f4a9&l_pb_bid_id=123419558a453ff8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2359854178229217
IP
File type JSON data\012- , ASCII text, with very long lines (312), with no line terminators
Hash c55ef285937a3db901bdb2603a28b41a
4aa13bc5efea5617b48a3c7f2f15b54c57b7d285
12121ff9f914f723af7d490bad81bc4fa8e0c200901f64c48b6cb602da94147e
GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197872&size_id=15&alt_size_ids=9%2C10%2C17%2C48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=4a677d58-27e7-4577-b78d-11d34510f4a9&l_pb_bid_id=123419558a453ff8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2359854178229217 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Sun, 02 Oct 2022 16:38:32 GMT
Content-Type: application/json
Content-Length: 312
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8RKHRLX-1J-6VRY; Domain=.rubiconproject.com; Path=/; Expires=Mon, 02-Oct-2023 16:38:32 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqYSzyELgAQf+9DtVM30fCgU74j91hFNWlEe1mj+7b78j9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 02-Oct-2023 16:38:32 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ib.adnxs.com/ut/v3/prebid
200 OK 140 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 3c71217edcbebb677d9ffc69d85856a8
0353fb76d619cd7b57ccc68829030925167076f6
3a3bf038fc26424e0f05299df05e605494e795b6ba024e7d653f48e280999382
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 477
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 02 Oct 2022 16:38:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
AN-X-Request-Uuid: 9f569b13-8997-4ca0-959e-5304ee79ee27
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=c02e9be0-8fb2-4cd7-9ef4-3d7e9c554daa&l_pb_bid_id=141868ee4ed84b4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7725350239916239
200 OK 304 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=c02e9be0-8fb2-4cd7-9ef4-3d7e9c554daa&l_pb_bid_id=141868ee4ed84b4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7725350239916239
IP
File type JSON data\012- , ASCII text, with very long lines (304), with no line terminators
Hash 835be82acd36ac644384055ba1e68a5f
eb35ff31041f18355800fbf48aef560d805dec99
1473ece5d093fbc1d6b689bb515170d54d0a284e69c1c035c5abba87582b1592
GET /a/api/fastlane.json?account_id=15636&site_id=393244&zone_id=2197868&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fstudy-assistantph.com%2F&tk_flint=pbjs_lite_v6.21.1&x_source.tid=c02e9be0-8fb2-4cd7-9ef4-3d7e9c554daa&l_pb_bid_id=141868ee4ed84b4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7725350239916239 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Sun, 02 Oct 2022 16:38:32 GMT
Content-Type: application/json
Content-Length: 304
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://study-assistantph.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8RKHROF-1A-4AGV; Domain=.rubiconproject.com; Path=/; Expires=Mon, 02-Oct-2023 16:38:32 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qq0/auWqJMKau9DtVM30fCgU74j91hFNWlEe1mj+7b78j9zvlSxEea9VeuKsLvX3bPAUJ+gL7gixUujLKVOyBtu/R7Fz5/Qhm0=; Domain=.rubiconproject.com; Path=/; Expires=Mon, 02-Oct-2023 16:38:32 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
worker.sttsmntz.ru/stats/format
200 OK 232 B URL HTTP/2 worker.sttsmntz.ru/stats/format
IP
File type JSON data\012- , ASCII text
Hash 1a01c6352b147510e897eb91aa5e0fd3
d9d4b38d2e23657967330227531a7b549eae7256
f07b453a88c1c17d0c5a3064cbb500ee20dad3bfbbbc3cb3f7321377104f11e7
POST /stats/format HTTP/1.1
Host: worker.sttsmntz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ycalb
date: Sun, 02 Oct 2022 16:38:32 GMT
content-type: application/json
content-encoding: gzip
content-length: 232
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
worker.sttsmntz.ru/stats/format
200 OK 230 B URL HTTP/2 worker.sttsmntz.ru/stats/format
IP
File type JSON data\012- , ASCII text
Hash 53f1b39e4f6e8b51ba5b59cb9074eae2
f71bcb1fa22dfda7ef9e0ba5271012a21ca5916e
e154390b476de96d98e17e38472ea9195c70226c06c875297ee5563258acd271
POST /stats/format HTTP/1.1
Host: worker.sttsmntz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 223
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ycalb
date: Sun, 02 Oct 2022 16:38:32 GMT
content-type: application/json
content-encoding: gzip
content-length: 230
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=60f9a2e2165b41108634b23fd34632ec&zoneId=3914651&checkDuplicate=true&ymid=&var=
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=60f9a2e2165b41108634b23fd34632ec&zoneId=3914651&checkDuplicate=true&ymid=&var=
IP
File type JSON data\012- , ASCII text
Hash fa007cad225a71e935c0d4632c737c09
10a8c635cc04795f3f7b8a9f1c9c37f8efedda38
10a0c60c53c39bfaf15bee11d307682a792a9b1e015ce2219a68968a082453a9
GET /gid.js?pub=0&userId=60f9a2e2165b41108634b23fd34632ec&zoneId=3914651&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Cookie: ID=fe4bbd38581a45b19f830c17e460612c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://study-assistantph.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fe4bbd38581a45b19f830c17e460612c; expires=Mon, 02 Oct 2023 16:38:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
loulouly.net/custom
200 OK 39 B IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Content-Type: application/json
Origin: https://study-assistantph.com
Content-Length: 387
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:34 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: af7b317bd3208d4a95baaa85fe609473
access-control-allow-origin: https://study-assistantph.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
study-assistantph.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: study-assistantph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:38:25 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Mon, 03 Oct 2022 14:20:59 GMT
cf-cache-status: HIT
age: 8246
last-modified: Sun, 02 Oct 2022 14:20:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juEpCwMlP%2FpzIiDRTXiitNmJABCGwDa6Z%2FRIZGD5yqnSWtQ2uhe%2BpNtc87vA2XrAZhNHlsTQBoRObXPzNVcmasQJOPAv2v4%2Bq%2Bd1%2F8H1ALVgh90oTUw5XoNp2QISDZdedYXRb6MNicQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ede488cbcb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
loulouly.net/pfe/current/tag.min.js?z=3914651
200 OK 0 B URL HTTP/2 loulouly.net/pfe/current/tag.min.js?z=3914651
IP
GET /pfe/current/tag.min.js?z=3914651 HTTP/1.1
Host: loulouly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:25 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.dmtgvn.com/wrapper/js/manager.js?pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026
200 OK 0 B URL HTTP/2 cdn.dmtgvn.com/wrapper/js/manager.js?pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026
IP
ASN #199524 G-Core Labs S.A.
GET /wrapper/js/manager.js?pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:25 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=600, public, s-maxage=600
access-control-allow-origin: *
content-encoding: gzip
cache: STALE
x-cached-since: 2022-10-02T16:28:03+00:00
x-id: sto5-up-gc14
X-Firefox-Spdy: h2
cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-f85104db-c6b5-4c08-9bea-34c6ced319b5
200 OK 0 B URL HTTP/2 cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-f85104db-c6b5-4c08-9bea-34c6ced319b5
IP
ASN #199524 G-Core Labs S.A.
GET /wrapper/js/common-engine.js?v=s-f85104db-c6b5-4c08-9bea-34c6ced319b5 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:25 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: HIT
x-cached-since: 2022-09-30T17:25:58+00:00
x-id: sto5-up-gc13
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71915284?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A583358946784%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163827%3Aet%3A1664728708%3Ac%3A1%3Arn%3A125741208%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C1849%2C1849%2C1%2C525%3Aeu%3A1%3Ans%3A1664728704943%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728708%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)ecs(1)fip(1)rqnl(1)ti(2)
302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/71915284?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A583358946784%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163827%3Aet%3A1664728708%3Ac%3A1%3Arn%3A125741208%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C1849%2C1849%2C1%2C525%3Aeu%3A1%3Ans%3A1664728704943%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728708%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)ecs(1)fip(1)rqnl(1)ti(2)
IP
GET /watch/71915284?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A583358946784%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163827%3Aet%3A1664728708%3Ac%3A1%3Arn%3A125741208%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C1849%2C1849%2C1%2C525%3Aeu%3A1%3Ans%3A1664728704943%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728708%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/71915284/1?wmode=7&page-url=https%3A%2F%2Fstudy-assistantph.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A486%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A583358946784%3Ahid%3A541005906%3Az%3A0%3Ai%3A20221002163827%3Aet%3A1664728708%3Ac%3A1%3Arn%3A125741208%3Arqn%3A1%3Au%3A16647287077353055%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C10%2C4%2C284%2C0%2C%2C180%2C1%2C1849%2C1849%2C1%2C525%3Aeu%3A1%3Ans%3A1664728704943%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664728708%3At%3Ae-Education%20for%20the%20Filipino&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 02 Oct 2022 16:38:27 GMT
access-control-allow-origin: https://study-assistantph.com
set-cookie: yandexuid=7605046851664728707; Expires=Mon, 02-Oct-2023 16:38:27 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7605046851664728707; Expires=Mon, 02-Oct-2023 16:38:27 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1269990011664728707; Path=/; SameSite=None; Secure
i=knQbuQ0tunmYtZMDK7KC+zmUA3v+jA+9dVnmktKRXgHoa64jP/sKH49+UKoqkZh5BelwWHDOXR1BOTUQVyuhpD2k8Dg=; Expires=Wed, 29-Sep-2032 16:38:25 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696264707.yrts.1664728707#1696264707.yrtsi.1664728707; Expires=Mon, 02-Oct-2023 16:38:27 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 02-Oct-2022 16:38:27 GMT
last-modified: Sun, 02-Oct-2022 16:38:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 0 B IP
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:38:25 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2806
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYYE6frEwxNUwXioh48kbGalXeAeM4s4Dg6wmcqiwOCSZcjqsmnDnLhWsRXT3amqv03Pf15CxkiD8NyuL0RzGg%2BAkemtbMb7oZ9F%2Fu4vs0oLG6%2FiRmxYViay2fmkng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ede4b58d2fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dmtgvn.com/wrapper-builder/eb107cdf-35a2-42a1-9d1c-f92094e2e026/dynamic.js?host=study-assistantph.com&v=d-1661183947__s-f85104db-c6b5-4c08-9bea-34c6ced319b5
200 OK 0 B URL HTTP/2 cdn.dmtgvn.com/wrapper-builder/eb107cdf-35a2-42a1-9d1c-f92094e2e026/dynamic.js?host=study-assistantph.com&v=d-1661183947__s-f85104db-c6b5-4c08-9bea-34c6ced319b5
IP
ASN #199524 G-Core Labs S.A.
GET /wrapper-builder/eb107cdf-35a2-42a1-9d1c-f92094e2e026/dynamic.js?host=study-assistantph.com&v=d-1661183947__s-f85104db-c6b5-4c08-9bea-34c6ced319b5 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://study-assistantph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:25 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
cache: MISS
x-id: sto5-up-gc14
X-Firefox-Spdy: h2
cdn.dmtgvn.com/kv-api/v1/get-value?&keyValues[][roxotHost]=study-assistantph.com&pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026
200 OK 0 B URL HTTP/2 cdn.dmtgvn.com/kv-api/v1/get-value?&keyValues[][roxotHost]=study-assistantph.com&pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026
IP
ASN #199524 G-Core Labs S.A.
GET /kv-api/v1/get-value?&keyValues[][roxotHost]=study-assistantph.com&pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026 HTTP/1.1
Host: cdn.dmtgvn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://study-assistantph.com/
Origin: https://study-assistantph.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:26 GMT
content-type: application/json
cache-control: max-age=600, public, s-maxage=600
access-control-allow-origin: *
content-encoding: gzip
cache: MISS
x-id: sto5-up-gc11
X-Firefox-Spdy: h2
eehuzaih.com/500/5041469?excludes=&oaid=fe4bbd38581a45b19f830c17e460612c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/2 eehuzaih.com/500/5041469?excludes=&oaid=fe4bbd38581a45b19f830c17e460612c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5041469?excludes=&oaid=fe4bbd38581a45b19f830c17e460612c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fstudy-assistantph.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://study-assistantph.com
Connection: keep-alive
Referer: https://study-assistantph.com/
Cookie: OAID=3147d644ee9d4dc28e368ef0995f9044
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:38:26 GMT
content-type: application/javascript
x-trace-id: ee27adb6d7b04168e8d653bc98bfbcb1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://study-assistantph.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=fe4bbd38581a45b19f830c17e460612c; expires=Mon, 02 Oct 2023 16:38:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
172.67.157.190
92.223.97.97
139.45.195.254
104.22.33.172
185.89.211.12
158.160.4.42
23.36.76.226
87.250.251.119