thraindettery.com/cd145c76-9954-4467-b63f-61105ece8a5e
35.157.49.161302 0 B URL HTTP/1.1 thraindettery.com/cd145c76-9954-4467-b63f-61105ece8a5e
IP 35.157.49.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /cd145c76-9954-4467-b63f-61105ece8a5e HTTP/1.1
Host: thraindettery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Sun, 15 Jan 2023 07:57:37 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://track.leadbazaar.co/click?pid=4&offer_id=75&sub1=_v_wmmgrs7fbqmdqntligqr2j5m&sub2=v
Pragma: no-cache
Set-Cookie: cd145c76-9954-4467-b63f-61105ece8a5e-v4=hXbehBrtPRwPdim24FZh8E7mD_Wa2ONDR6-ei647-5Q; Max-Age=86400; Expires=Mon, 16-Jan-2023 07:57:37 GMT; Domain=thraindettery.com; Path=/; HttpOnly
cc-v4=HvdqV6MDEUw9GfMk4htqGlZQAUJ9GH0eDV5lpqYPXkYKtr9QjtEuT3BQ0KJknzxBPGgXBTZdZwMpJqHLExHrZspdmpOVqFjZBiI8gxn8Dph4IoQJSdCWohgdOUHZ8DYRXJVH%2FU4R9PQdOM46jkRspg%3D%3D; Max-Age=31536000; Expires=Mon, 15-Jan-2024 07:57:37 GMT; Domain=thraindettery.com; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6069
Expires: Sun, 15 Jan 2023 09:38:46 GMT
Date: Sun, 15 Jan 2023 07:57:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9884
Expires: Sun, 15 Jan 2023 10:42:21 GMT
Date: Sun, 15 Jan 2023 07:57:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 07:48:59 GMT
content-type: application/json
age: 518
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7bd85a261739c122eefb74ffddaec99
e2e059b0740592e8591d432249aafe5fcb8af23c
71bdd130b8d143f228542f678e91c98ab4e5844fb9f47b036e15372660be25fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71BDD130B8D143F228542F678E91C98AB4E5844FB9F47B036E15372660BE25FD"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20782
Expires: Sun, 15 Jan 2023 13:43:59 GMT
Date: Sun, 15 Jan 2023 07:57:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: weAJLd2zCdcWLxW1wXXxxu7HrC4IoGYLuZaufjg8JNFE45K7zAD47x5eRrqpOn37jy7MU6NeUt4=
x-amz-request-id: 5102SC0DPG3RK1WG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 07:44:04 GMT
age: 813
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:37 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 07:17:25 GMT
age: 2412
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d5c8b4c9e6ee5bf10c042ef2fd25f0a9
37727ee5d75961cee33fb4c9af50827d44762732
27f4c2ccdbde6f19921a983bc73aa6c4063eb1910c7bc3c00628d39b6a6a0562
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 16:22:32 GMT
Expires: Thu, 19 Jan 2023 16:22:31 GMT
Etag: "37727ee5d75961cee33fb4c9af50827d44762732"
Cache-Control: max-age=375293,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0fc6be11b523-OSL
track.leadbazaar.co/click?pid=4&offer_id=75&sub1=_v_wmmgrs7fbqmdqntligqr2j5m&sub2=v
34.90.63.227302 Found 0 B URL HTTP/2 track.leadbazaar.co/click?pid=4&offer_id=75&sub1=_v_wmmgrs7fbqmdqntligqr2j5m&sub2=v
IP 34.90.63.227:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=4&offer_id=75&sub1=_v_wmmgrs7fbqmdqntligqr2j5m&sub2=v HTTP/1.1
Host: track.leadbazaar.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 15 Jan 2023 07:57:37 GMT
content-length: 0
location: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63c3b1f19353aa0001be707c; expires=Mon, 15 Jan 2024 07:57:37 GMT; secure; SameSite=None
afoffers={"75":1673769457}; expires=Mon, 15 Jan 2024 07:57:37 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 790
Cache-Control: max-age=91339
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:38 GMT
Etag: "63c270a7-1d7"
Expires: Mon, 16 Jan 2023 09:19:57 GMT
Last-Modified: Sat, 14 Jan 2023 09:06:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.25.208.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.25.208.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SzBtExtp5GLXRmkDlpF1Nw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZyNgNrF1wik//ALe65C2tYvZKJ4=
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 94b14418ee2fdc91beec2a26dfa6ed3c
b61716a7ef2d97d92eed7e13cfa0c3a1083923c2
5c61e43c08eb7f830889a568bf044937325fcfcaaaf90edd4626eac3a9371cd0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 15:23:03 GMT
Expires: Thu, 19 Jan 2023 15:23:02 GMT
Etag: "b61716a7ef2d97d92eed7e13cfa0c3a1083923c2"
Cache-Control: max-age=371723,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0fcc8b40b523-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=588758,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0fd148d0b527-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=588758,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0fd14b1ab50f-OSL
cdn.crezu.net/wp_js/dist/common.js
35.201.76.189200 OK 49 kB URL HTTP/2 cdn.crezu.net/wp_js/dist/common.js
IP 35.201.76.189:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65324), with no line terminators
Hash 9825b8b6a336ccf1ae4ec36309be0f27
062092881f74bffffffc167e11559423b574d6e6
29368b74b236c92ed1e92f274945385e3d97c6c9f81a3537d362b6afd68cf881
GET /wp_js/dist/common.js HTTP/1.1
Host: cdn.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
content-length: 48774
date: Thu, 12 Jan 2023 18:36:42 GMT
expires: Thu, 19 Jan 2023 18:36:42 GMT
cache-control: max-age=604800,public
age: 220857
last-modified: Wed, 04 Jan 2023 15:00:28 GMT
etag: W/"63b5948c-23e60"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.crezu.net/wp_styles/dist/page-index-v2.css
35.201.76.189200 OK 5.1 kB URL HTTP/2 cdn.crezu.net/wp_styles/dist/page-index-v2.css
IP 35.201.76.189:0
File type ASCII text, with very long lines (24326)
Hash d28020c27996b89c4d00115e91a53b63
8d4b06d3fdf484a9b60e47f494abba7b2e74c3bf
2ef68a919a967578c3a7c09b54768a215c0070446c3cd26fa8dd7dad60475f47
GET /wp_styles/dist/page-index-v2.css HTTP/1.1
Host: cdn.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
content-length: 5138
date: Thu, 12 Jan 2023 23:11:38 GMT
expires: Thu, 19 Jan 2023 23:11:38 GMT
cache-control: max-age=604800,public
age: 204361
last-modified: Mon, 03 May 2021 08:11:19 GMT
etag: W/"608fb027-5f07"
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-W3J6MDZ
142.250.74.168200 OK 49 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W3J6MDZ
IP 142.250.74.168:0
File type ASCII text, with very long lines (17088)
Hash b1eab31f344a9457902c66e95c85ae28
0ea3db397299607ae16b038104d876ba1b5eaba4
3014fa7906b2baa0e203699b44ee3851abcc138214c3fc5175c65d897d617f92
GET /gtm.js?id=GTM-W3J6MDZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 15 Jan 2023 07:57:39 GMT
expires: Sun, 15 Jan 2023 07:57:39 GMT
cache-control: private, max-age=900
last-modified: Sun, 15 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 49364
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=588758,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0fd1f971b527-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13191
Expires: Sun, 15 Jan 2023 11:37:30 GMT
Date: Sun, 15 Jan 2023 07:57:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13191
Expires: Sun, 15 Jan 2023 11:37:30 GMT
Date: Sun, 15 Jan 2023 07:57:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c609c89120eef87bbdd0d8ee5ee18f9
be8e369be0ccc707b904546798aacc9afe413cfa
feaa9f41b45aaa71d87008fe3112bc09e41cf6c2c500b4bc1adc125c7c82eee1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4981
x-amzn-requestid: b6c3a2c1-b88e-4eb9-9c22-788748559fea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewISXEQ9oAMFbkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c320db-0a9f9ac1084e4f02006598cf;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a8kL20Yet_IuO2ZztlKmenTGOFa4BCYHi2B-4B1W1eq5-tCqGK3isg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:38:35 GMT
etag: "be8e369be0ccc707b904546798aacc9afe413cfa"
content-type: image/jpeg
age: 37144
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cf5b0eb-b905-43ce-8a28-48297c75e980.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cf5b0eb-b905-43ce-8a28-48297c75e980.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a1c6332b225de08d58bb9cb44f09917
c0d28fb2b2fd6d55cb4c0831a3a08b95b3f7455c
4716dff7ee5c34d5e4ab214571a03b60026d7a69b25cb838f8b6a1fb01f44f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cf5b0eb-b905-43ce-8a28-48297c75e980.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3777
x-amzn-requestid: aee3b367-d5d1-46da-9aa3-89a6c8d4cab1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ertWFHw8oAMF76A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c15c26-2b00da01705c5717434ac1d3;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 13:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lajUfG_N7T3COcN8a94Oa8CRpKnVF4iPRI8ok9sy1hZLFM8EMwScTw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 08:55:03 GMT
age: 82956
etag: "c0d28fb2b2fd6d55cb4c0831a3a08b95b3f7455c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74ac30be02dee9dcfeee79a7dc54edff
1368d81de22ea2e4054a3e1a8f01ef337c63e35b
8abc2f276906dfb9ce75c2526d2c2cfa6aea6dbe13f4046de1040cd611cbbc1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9801
x-amzn-requestid: 39d84a20-55f7-4b7c-abc4-9ac1ff100da9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSkoGCZoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0caea-4f7a1cf676335cc83018dc51;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:07:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUFicgD94yxyZhMtQm-aYS-QpZXn07rLRBhnBLMTIQh6qHKOX_LRFg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 05:32:33 GMT
age: 8706
etag: "1368d81de22ea2e4054a3e1a8f01ef337c63e35b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 33735807-3403-41ee-a488-a3f25f9b12d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewX9XFvoIAMFzMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c339ee-65def8747314ecb63b000a4c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:25:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: D6FaDcaWbJehldBR7ASM60ey56hQS1H4ZpLlGqI-ptDupfJT-iugfw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 05:58:31 GMT
age: 7148
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927ee28f-9aec-4d89-8259-12f92fbf3721.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927ee28f-9aec-4d89-8259-12f92fbf3721.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 77932ead94678aa07bcdd5be1f650874
587748be0e1b6af22161f57c5fb2565d95765b72
c3a75f6aee8677c4c583813c04c1acbc3c8737b18497c744a95ac70b964dbcb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927ee28f-9aec-4d89-8259-12f92fbf3721.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9617
x-amzn-requestid: 9c8e3832-3900-4b51-aa9c-79cb6a2e5548
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emxYqGJboAMF2GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf629d-0030cadd5e1ea7bb43600827;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 01:30:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X8PX2Zmq1om0jyeet6Pot2rYCV2PIZaIJN2N4ejlxQ7pHjigw94n4Q==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:53:33 GMT
age: 36246
etag: "587748be0e1b6af22161f57c5fb2565d95765b72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c8e4b9f12af5bbc6b743aeae4dfc55a
97f874ba034be152dfecd90e4996c928aa268950
bfc0ef4f4d13b729a3a38efbb04d2c58e6b05bbc2bd3492611c0fc26457d1dec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6658
x-amzn-requestid: 4a356eaa-4717-410c-af86-5d3770f0cf7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniyVExqoAMFWkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb1a8-05a4e869449e4d730a5dd438;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:07:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kXpAcGM2UzmXWcbf7AJhy_J3Ssq-vWbcHErGAme2fThP9xa72SOPpA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 09:13:30 GMT
age: 81849
etag: "97f874ba034be152dfecd90e4996c928aa268950"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=588758,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0fd14f6ab523-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e804586be26c88b95d554afe0ef24d5c
6f99b1fe2330c4661608f17819a4490a92ca296c
38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=588758,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0fd15ed1b517-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=588758,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0fd15e33b4f4-OSL
crezu.ph/wp-content/uploads/2020/11/i-how_1.svg
104.199.174.226200 OK 2.2 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-how_1.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (458)
Hash bbe992081ceda3e870acabe83945a340
0a891f1a3a76352fea55337cb974656951d96890
5574592f776e6cbb5806d263e9a2bde2b647d55a1c1ed6bdf0ea9b506278589c
GET /wp-content/uploads/2020/11/i-how_1.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/svg+xml
content-length: 2195
last-modified: Wed, 18 Nov 2020 04:49:03 GMT
etag: "5fb4a7bf-893"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-steps_2.svg
104.199.174.226200 OK 1.6 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-steps_2.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (458)
Hash f7a8477518d8fd72896710dbf209262a
b55239fa703e1a299b32c20a59a499b802331c28
f25c0f7c8ec83cc5628193eaad246011c3652aa19fc63d02a2d262a43e4c82cb
GET /wp-content/uploads/2020/11/i-steps_2.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/svg+xml
content-length: 1624
last-modified: Wed, 18 Nov 2020 04:49:49 GMT
etag: "5fb4a7ed-658"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-steps_3.svg
104.199.174.226200 OK 1.8 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-steps_3.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (458)
Hash 1379159a5f6b23ad0dea0dbfb6f5a0e3
032b9a162bf67cba67713228d705483e3527ce7f
f18dc7c59350327089910d76da9566164f9bba7998d13640ee83bd944e4320db
GET /wp-content/uploads/2020/11/i-steps_3.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/svg+xml
content-length: 1783
last-modified: Wed, 18 Nov 2020 04:51:59 GMT
etag: "5fb4a86f-6f7"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-reasons_1_green-1.svg
104.199.174.226200 OK 1.5 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-reasons_1_green-1.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1538), with no line terminators
Hash 9dbaec4201c0e998c133732880dc0864
86c02e16974297cd1bd5d45c5e1ac66ddc3dee29
cb3e8e4859093e89b1d21d1576906fd4d6c6a751751bfe043b8638dc7753be14
GET /wp-content/uploads/2020/11/i-reasons_1_green-1.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/svg+xml
content-length: 1538
last-modified: Wed, 18 Nov 2020 04:57:36 GMT
etag: "5fb4a9c0-602"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-reasons_2_green-1.svg
104.199.174.226200 OK 858 B URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-reasons_2_green-1.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (858), with no line terminators
Hash 3e21a244d96816b38343c67d82fb4f05
8730cb83c944f17647a8b321e1fd78268a83b640
b6d362c23e82b593bf038cfe55f5c85d0535e15b9fc9db8aa9712bafe5e684b4
GET /wp-content/uploads/2020/11/i-reasons_2_green-1.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/svg+xml
content-length: 858
last-modified: Wed, 18 Nov 2020 04:59:00 GMT
etag: "5fb4aa14-35a"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-reasons_3_green-1.svg
104.199.174.226200 OK 1.1 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-reasons_3_green-1.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1086), with no line terminators
Hash 97c4eccaa4ac732f2e2e4a6757b1bb49
13c0a3eaa54ab982be99f035568dc0572744ea5e
c0e3cfe56af7487638e4176f22570735247bbff9c3df9926838a4d3904dcfb66
GET /wp-content/uploads/2020/11/i-reasons_3_green-1.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/svg+xml
content-length: 1086
last-modified: Wed, 18 Nov 2020 05:03:00 GMT
etag: "5fb4ab04-43e"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/lang-ua-1.png
104.199.174.226200 OK 1.0 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/lang-ua-1.png
IP 104.199.174.226:0
File type PNG image data, 23 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash 61eba36d5fbe21c9939b634db02f4b10
d3b0b827db9985a26e5cef52054f646d188823bb
18c656b087026e2bda87dcd6ab2a0f28f652b2f6f717c8bc9e687ca77d578f13
GET /wp-content/uploads/2020/11/lang-ua-1.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/png
content-length: 1004
last-modified: Wed, 18 Nov 2020 12:08:37 GMT
etag: "5fb50ec5-3ec"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/lang-kz-1.png
104.199.174.226200 OK 1.2 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/lang-kz-1.png
IP 104.199.174.226:0
File type PNG image data, 23 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash a1f8ce07c5b258bcf9d3f87e97839e6a
d2dcb47e913c81a21c63e06afcf1a667c0abfa68
397e11f6a23a9ecdf1f857a1cf5ff5c50a16419b4d305710e8413facaaaf7653
GET /wp-content/uploads/2020/11/lang-kz-1.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/png
content-length: 1210
last-modified: Wed, 18 Nov 2020 12:09:16 GMT
etag: "5fb50eec-4ba"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/spain.png
104.199.174.226200 OK 1.7 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/spain.png
IP 104.199.174.226:0
File type PNG image data, 40 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash cd76bc84baf38cb0522e0a4d2963ea41
c03cc37291a5366cd84bbdb12951f1f9cf5d966f
3f29a545d56e5439a36ca91838c9e098a8cc3b362b2cbf8520dfa50055da69ac
GET /wp-content/uploads/2020/11/spain.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/png
content-length: 1701
last-modified: Wed, 18 Nov 2020 12:10:10 GMT
etag: "5fb50f22-6a5"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/argentina.png
104.199.174.226200 OK 1.5 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/argentina.png
IP 104.199.174.226:0
File type PNG image data, 40 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a57d03724b59d3ff7d901b20dd7be330
8320d08ef5f38275b1412d43bc67a7bf668a4250
afa283c3e80121f370cb92a0cc51a2ffca80ab2415c143582b5ec7d24696c199
GET /wp-content/uploads/2020/11/argentina.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/png
content-length: 1462
last-modified: Wed, 18 Nov 2020 12:10:56 GMT
etag: "5fb50f50-5b6"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/mexica.png
104.199.174.226200 OK 1.5 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/mexica.png
IP 104.199.174.226:0
File type PNG image data, 40 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 2d8d8375b7c8d0f8beb201510102191c
35135479a0f29b69742a877868371f497c7aa645
0b58413e8d4bd344766906b69ea9f2f410ac489dcbc80fa289af194a2f7f39d7
GET /wp-content/uploads/2020/11/mexica.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/png
content-length: 1472
last-modified: Wed, 18 Nov 2020 12:11:50 GMT
etag: "5fb50f86-5c0"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/columbia.png
104.199.174.226200 OK 1.1 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/columbia.png
IP 104.199.174.226:0
File type PNG image data, 40 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash f772afdd01bc7592150ebfac13889633
801eba7697305e448173884bc5c1b6106de28963
2aa27cf79d861f2f609fc1121f34deb26370e212905d12fcef5eacc824cf04f8
GET /wp-content/uploads/2020/11/columbia.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: image/png
content-length: 1080
last-modified: Wed, 18 Nov 2020 12:12:34 GMT
etag: "5fb50fb2-438"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBODDOBC77U6QAIGNJRG&lib=ttq
23.36.79.32200 OK 1.3 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBODDOBC77U6QAIGNJRG&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2657)
Hash 1dbe87bfc45a26a8bc6e8be10ca0f795
d149c89c624b9f8efe36d150e0c3ecee36d1afb2
d87fab13deb0a829c6bea891399cd5c49d1a22bb09024fae0ce7c24fe48a18e1
GET /i18n/pixel/events.js?sdkid=CBODDOBC77U6QAIGNJRG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230115075740C2A4AF505F8716987BA6
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f17f8ba5a9bab7bc1973952f95c3aba6c685d126eb6cd9da3d423d329fb8138b0b09180b18001e27bcd60c882cd67495c087117e2318bcf74373209254fa39183d6ee1bfbc2ce70984ef318084ce6bd6afb
content-encoding: gzip
content-length: 1310
x-origin-response-time: 6,104.96.220.52
x-akamai-request-id: 43d18bc.2929b428
expires: Sun, 15 Jan 2023 07:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 07:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2KM16KWH0FSmtIYcU2jQbECzIjm; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a104-96-220-52.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=6, inner; dur=3
x-parent-response-time: 107,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CD9AIL3C77U0N3GBVMHG&lib=ttq
23.36.79.32200 OK 1.3 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CD9AIL3C77U0N3GBVMHG&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2654)
Hash 6242c157a09632541e60a07fde5bc047
f2f7eeb0e8c43fdc9ea20e61a6d8cde19c7e4668
6b2718fe98fb992ce2f38776d0ffbf622eda7c52a6fd9a5f797e82acfafc7063
GET /i18n/pixel/events.js?sdkid=CD9AIL3C77U0N3GBVMHG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202301150757407BEA081569A8BC10EFB2
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebd8b3f0fccf145bbb0d905d2f37963d114dacfa612ddf86295d9f91bc97230676dd7367480dd6ebba66693f0f03e254f70d5c158feb5634efb19f7b5e0be2b0068c0f965d75689d11d8441efe7e02eab0
content-encoding: gzip
content-length: 1308
x-origin-response-time: 6,23.218.223.22
x-akamai-request-id: 15b69ee8.2929b429
expires: Sun, 15 Jan 2023 07:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 07:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2KM16FSwkMYH69PXd4yax04GjEN; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-223-22.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=6, inner; dur=3
x-parent-response-time: 105,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCBKHGRC77U7LPPFJE90&lib=ttq
23.36.79.32200 OK 1.3 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCBKHGRC77U7LPPFJE90&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2654)
Hash dc00da08b9d4f2ac2fa26dc46a4428f3
03644d4d8e314b98826cb4a78259922ac6ae00a9
e584ef97ae7b10cfddfa7228cdf8a3d60fa2665254f19fdfaeddcbfbd894ede6
GET /i18n/pixel/events.js?sdkid=CCBKHGRC77U7LPPFJE90&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202301150757402BE8CDFBABC5C534089C
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f17f8ba5a9bab7bc1973952f95c3aba6c689d853bb587cb85a0c6f965a2164a3a452d857ae86db8839cf77d96556b1e9a1ac7f47619d577d9c58a5a6e04ee1b9e8b9ae66813714d3335d4185f153ec085ff
content-encoding: gzip
content-length: 1309
x-origin-response-time: 6,104.96.220.52
x-akamai-request-id: 43d18c1.2929b423
expires: Sun, 15 Jan 2023 07:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 07:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2KM16DPyJnPS35QGEPntiOQtLBq; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a104-96-220-52.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=6, inner; dur=3
x-parent-response-time: 116,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCBK8KJC77U03NFK8T40&lib=ttq
23.36.79.32200 OK 1.3 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCBK8KJC77U03NFK8T40&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2655)
Hash c27e9a5874c838a320eb6e8fc9cbcd73
36b5f2841dbb6b722c79f837840abcdb06a906b3
408e4dbc51cd46c01adb0c163f4749777a39d00ca0adf462f8443eea3957ad0a
GET /i18n/pixel/events.js?sdkid=CCBK8KJC77U03NFK8T40&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230115075740D6F8987CC23AE612C48F
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb86143da50443cf93f7e3a1fdded256a085e655551e976ed29d4300d7e36b583c87a6b928ace0fa1d3717ba37c27d8d5b82fa2ffd3fc3828a79ce9bdc267c5ed0351993be6a3771c08ee210e696032875
content-encoding: gzip
content-length: 1309
x-origin-response-time: 6,23.218.223.23
x-akamai-request-id: a9abc15.2929b431
expires: Sun, 15 Jan 2023 07:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 07:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2KM16IjS1eyoTWOHE5LRKhsLzSO; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-223-23.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=6, inner; dur=3
x-parent-response-time: 109,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
23.36.79.32200 OK 69 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 09e9bdc02bd94387901641c0b3a1f8f0
7bf30498ae27e11f7fc60b438b090f15b67ca113
d8f79f755ae4e42d98623589e5e6420342ce199553a3b7b7713caaaec65117e9
GET /i18n/pixel/static/main.MWE2YWY2YTgzMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Cookie: _ttp=2KM16DPyJnPS35QGEPntiOQtLBq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023011217582238FCAA3D419588756972
x-tt-trace-host: 01e57b2566233939c0b7a614d728f3c137bda4b6e8ffed077a25e96861feda11fa551f058721a274fc4605886b55ca626730a56b385a942b4129028dfc561d0b618d751524aad0a4ae27ef533e55d2e8e40a3ad2aaa7ba995375ace641e8e6ae3a
content-encoding: gzip
date: Sun, 15 Jan 2023 07:57:40 GMT
content-length: 68605
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
x-akamai-request-id: 2929b4ab
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/main-bg-1.jpg
104.199.174.226200 OK 78 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/main-bg-1.jpg
IP 104.199.174.226:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1059, components 3\012- data
Hash 63e47dec6ec30bbb7b60fdd2f7a4a072
a5a83dbf7cd9ff7702b6a917857df5c34357dabd
efedacc636328d2abf34a81397bd7479678c36c4fd81d561b7bd1874d4d2a394
GET /wp-content/uploads/2020/11/main-bg-1.jpg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Cookie: _gcl_au=1.1.2125327925.1673769460; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-15%2007%3A57%3A40%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-15%2007%3A57%3A40%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c3b1f19353aa0001be707c%7C%7C%7Ctrm%3D4; sbjs_first=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c3b1f19353aa0001be707c%7C%7C%7Ctrm%3D4; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:40 GMT
content-type: image/jpeg
content-length: 78316
last-modified: Wed, 18 Nov 2020 04:43:58 GMT
etag: "5fb4a68e-131ec"
expires: Mon, 15 Jan 2024 07:57:40 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/reasons-bg-1.jpg
104.199.174.226200 OK 26 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/reasons-bg-1.jpg
IP 104.199.174.226:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1059, components 3\012- data
Hash 02e092c5f202def3e9eac031f95eb48c
3b4237e861aa593c0ee3aa82fbf8e4288cdf5d20
f09ef1cc5d6a8adf77b56ca0eaecabf79f203c54adc4b819dfcb80da9b3f66c1
GET /wp-content/uploads/2020/11/reasons-bg-1.jpg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Cookie: _gcl_au=1.1.2125327925.1673769460; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-15%2007%3A57%3A40%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-15%2007%3A57%3A40%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c3b1f19353aa0001be707c%7C%7C%7Ctrm%3D4; sbjs_first=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c3b1f19353aa0001be707c%7C%7C%7Ctrm%3D4; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:40 GMT
content-type: image/jpeg
content-length: 25669
last-modified: Wed, 18 Nov 2020 04:56:01 GMT
etag: "5fb4a961-6445"
expires: Mon, 15 Jan 2024 07:57:40 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/p-testimonials-1.png
104.199.174.226200 OK 44 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/p-testimonials-1.png
IP 104.199.174.226:0
File type PNG image data, 515 x 515, 4-bit colormap, non-interlaced\012- data
Hash 5129082012a1cdc5ece89f3e6188f836
20d34ebc2acd372d68666fa593734f6ddaaa0dc7
787a65143a1dce74ed95f22008c82c03c5a85ad6f70ab2383b1911adacbb4f58
GET /wp-content/uploads/2020/11/p-testimonials-1.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Cookie: _gcl_au=1.1.2125327925.1673769460; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-15%2007%3A57%3A40%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-15%2007%3A57%3A40%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c3b1f19353aa0001be707c%7C%7C%7Ctrm%3D4; sbjs_first=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c3b1f19353aa0001be707c%7C%7C%7Ctrm%3D4; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:40 GMT
content-type: image/png
content-length: 44384
last-modified: Wed, 18 Nov 2020 05:04:04 GMT
etag: "5fb4ab44-ad60"
expires: Mon, 15 Jan 2024 07:57:40 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/cta-bg-1.jpg
104.199.174.226200 OK 46 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/cta-bg-1.jpg
IP 104.199.174.226:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x769, components 3\012- data
Hash 2aecb34c19abfc82857e24a295304c34
be5c553d479b94d326d289586a059d2c44cd2927
172e470842d47668241da11a8e495b5fa3e5a3cb4c62b8cc9b794b3f52d3828b
GET /wp-content/uploads/2020/11/cta-bg-1.jpg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Cookie: _gcl_au=1.1.2125327925.1673769460; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-15%2007%3A57%3A40%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-15%2007%3A57%3A40%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c3b1f19353aa0001be707c%7C%7C%7Ctrm%3D4; sbjs_first=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c3b1f19353aa0001be707c%7C%7C%7Ctrm%3D4; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:40 GMT
content-type: image/jpeg
content-length: 46358
last-modified: Wed, 18 Nov 2020 05:58:11 GMT
etag: "5fb4b7f3-b516"
expires: Mon, 15 Jan 2024 07:57:40 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
23.36.79.32200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85bd96a56a6a7f09e3e7dadc7980152e
37590c595abeb315046a293a9e53632ae2128ac4
c27be18eef006f48310fb2b0c456d6bcb1f3b0298dcb6e580724923323cb48a7
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Cookie: _ttp=2KM16IjS1eyoTWOHE5LRKhsLzSO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825D19F86481431D6BBCCFF
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f827e6bc0806bd5a24cf0439744099e1e4bba0637571d8edb56c6009f69fe5018b8e38bd5b93708ee64c377fa97874d18ceefbea8a477a7fa2bec40c3b56c69b1
content-encoding: gzip
date: Sun, 15 Jan 2023 07:57:40 GMT
content-length: 30917
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 2929b555
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fc38856297a28cd362a2b0421acf8e7
6f83afbac6052fe285eacd2b69e92fd5b81ed7d9
710ed74bf69a62793e46c7a8557a3a133ad240beadfa3ecc6061b815f24fe9c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6222
Cache-Control: max-age=136352
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:40 GMT
Etag: "63c30b46-1d7"
Expires: Mon, 16 Jan 2023 21:50:12 GMT
Last-Modified: Sat, 14 Jan 2023 20:06:30 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 15 Jan 2023 06:21:54 GMT
expires: Sun, 15 Jan 2023 08:21:54 GMT
cache-control: public, max-age=7200
age: 5746
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2f8ae4ab9ee17e2598e9299bdc0f44c0
ab4c7d1750edf513359218ab6d0b81cdd4dcb90c
75e680ab62ee77f0811fdb770d1c913dd41a911e7efb4ca99bc4cfe7fcb432c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: gtimJHCVeJKqBawzgmhf5eJmiT8lcATu+St7wW+XnRVEukXeAvS6iVSrcQfymo3VoUrzSdDlbQqU/3b5PBONNQ==
content-length: 27815
x-fb-trip-id: 1904183273
date: Sun, 15 Jan 2023 07:57:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fc38856297a28cd362a2b0421acf8e7
6f83afbac6052fe285eacd2b69e92fd5b81ed7d9
710ed74bf69a62793e46c7a8557a3a133ad240beadfa3ecc6061b815f24fe9c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6222
Cache-Control: max-age=136352
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:40 GMT
Etag: "63c30b46-1d7"
Expires: Mon, 16 Jan 2023 21:50:12 GMT
Last-Modified: Sat, 14 Jan 2023 20:06:30 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6373705936907274
142.250.74.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6373705936907274
IP 142.250.74.162:0
File type ASCII text, with very long lines (4885)
Hash e9944388c36608f43b52d8707524ed19
8324a330559b0e126ba0a54f036188bb6f0e7d00
5ed85a7578364717855149114720323faf9708d838e1b9a50c71e17a4776fafc
GET /pagead/js/adsbygoogle.js?client=ca-pub-6373705936907274 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Jan 2023 07:57:40 GMT
expires: Sun, 15 Jan 2023 07:57:40 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17166051519266998019
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2f8ae4ab9ee17e2598e9299bdc0f44c0
ab4c7d1750edf513359218ab6d0b81cdd4dcb90c
75e680ab62ee77f0811fdb770d1c913dd41a911e7efb4ca99bc4cfe7fcb432c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 868
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Cookie: _ttp=2KM16IjS1eyoTWOHE5LRKhsLzSO
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023011507574031FE89B800BE5412F25A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f17d1a2ae18ab618cd3eadb8d92a3e3779f16ec05d34dcbfd3fe823a37148d8e9f4cff38420a65a003f9eea7282de8fd84bd0e8b903eeb59cd0dca523f84ee4bf64789d8fe799257597bc819b6ffe55939b
x-origin-response-time: 19,104.96.220.87
x-akamai-request-id: 1d46658c.2929b573
expires: Sun, 15 Jan 2023 07:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 07:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a104-96-220-87.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=19, inner; dur=15
x-parent-response-time: 119,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 868
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Cookie: _ttp=2KM16IjS1eyoTWOHE5LRKhsLzSO
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202301150757407F8F7AC716540A81C83B
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f17d1a2ae18ab618cd3eadb8d92a3e3779fbbab93ac73f339b07577e2e7cb6187dd8c8c035eb8d29bba8fc632fd23af0561c97f0208ec4028336dace6f9e1ef1d8861cf580f5de6d3974943d81745990a42
x-origin-response-time: 24,104.96.220.87
x-akamai-request-id: 1d46659c.2929b571
expires: Sun, 15 Jan 2023 07:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 07:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a104-96-220-87.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=24, inner; dur=21
x-parent-response-time: 125,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 868
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Cookie: _ttp=2KM16IjS1eyoTWOHE5LRKhsLzSO
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230115075740EC7A92AF306D8105B6F9
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f17aa686e79813a11ab167aef45aa4434dd08d1068767d59962cebedb7ccd40d0dcad14e74bb87a7529615476ba352f82d948e1d9782a0a58231fe1a0701e9047850ece55b322d9e192f43d0b6512ed41a0
x-origin-response-time: 17,104.96.220.13
x-akamai-request-id: 6632beb.2929b579
expires: Sun, 15 Jan 2023 07:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 07:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a104-96-220-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=17, inner; dur=14
x-parent-response-time: 117,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 868
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Cookie: _ttp=2KM16IjS1eyoTWOHE5LRKhsLzSO
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230115075740CF3274C9D21355AEACA6
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f17aa686e79813a11ab167aef45aa4434dd6c15995b974586033138c433b7eb963080a001b237c7da5f3c043aced907474d01f36050b8f528e10fd2c3e4d7743881db20f8be48496ac7da44737f6d8013d8
x-origin-response-time: 20,104.96.220.13
x-akamai-request-id: 6632c0f.2929b578
expires: Sun, 15 Jan 2023 07:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 07:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a104-96-220-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=20, inner; dur=15
x-parent-response-time: 122,23.36.79.28
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2f8ae4ab9ee17e2598e9299bdc0f44c0
ab4c7d1750edf513359218ab6d0b81cdd4dcb90c
75e680ab62ee77f0811fdb770d1c913dd41a911e7efb4ca99bc4cfe7fcb432c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4dc72ba06ace9ad5795c9de974b66afa
d56fbd77e052b69ce1eaf5e43d24596d162c45fa
f8986ca3bd2b5c850b42dc287b7ea42b02eb8dee4943344ade7a03946d6f7325
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6c8f8a0e3ef850c66d344a842dfa3c3
c8475fa1d4d3d8ca3394272ade4c97c6bab3a286
58226f2841670d93086aa4dc60373f7770bfbcc11760cacd7691299b6c403efa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/790050544/?random=1673769460215&cv=11&fst=1673766000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2028097823&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/790050544/?random=1673769460215&cv=11&fst=1673766000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2028097823&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/790050544/?random=1673769460215&cv=11&fst=1673766000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2028097823&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 07:57:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/790050544/?random=1673769460215&cv=11&fst=1673766000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2028097823&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/790050544/?random=1673769460215&cv=11&fst=1673766000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2028097823&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/790050544/?random=1673769460215&cv=11&fst=1673766000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2028097823&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 07:57:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6c8f8a0e3ef850c66d344a842dfa3c3
c8475fa1d4d3d8ca3394272ade4c97c6bab3a286
58226f2841670d93086aa4dc60373f7770bfbcc11760cacd7691299b6c403efa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-146365158-1&cid=1491519565.1673769461&jid=487032502&gjid=920250405&_gid=643610316.1673769461&_u=YEBAAEAAAAAAACAEK~&z=2132422482
173.194.222.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-146365158-1&cid=1491519565.1673769461&jid=487032502&gjid=920250405&_gid=643610316.1673769461&_u=YEBAAEAAAAAAACAEK~&z=2132422482
IP 173.194.222.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-146365158-1&cid=1491519565.1673769461&jid=487032502&gjid=920250405&_gid=643610316.1673769461&_u=YEBAAEAAAAAAACAEK~&z=2132422482 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://crezu.ph
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 15 Jan 2023 07:57:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2589070887780218&ev=PageView&dl=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c&rl=&if=false&ts=1673769461459&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673769461456.1659401625&it=1673769461237&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2589070887780218&ev=PageView&dl=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c&rl=&if=false&ts=1673769461459&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673769461456.1659401625&it=1673769461237&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2589070887780218&ev=PageView&dl=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c&rl=&if=false&ts=1673769461459&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673769461456.1659401625&it=1673769461237&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 15 Jan 2023 07:57:41 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c2ef9670464991d62cc84885ed91393f
677c7fc5e7aafe8f96671f0457d338c7579c1743
5a8a89041320c685adad960bc61e5d4ab4623a448788eeddafcf9df098414366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=crezu.ph
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=crezu.ph
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=crezu.ph HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 15 Jan 2023 07:57:41 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=crezu.ph&callback=_gfp_s_&client=ca-pub-6373705936907274&gpid_exp=1
216.58.207.194200 OK 247 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=crezu.ph&callback=_gfp_s_&client=ca-pub-6373705936907274&gpid_exp=1
IP 216.58.207.194:0
File type ASCII text, with very long lines (383), with no line terminators
Hash 8b6cd322bcf8120e57b3e7802923a8f1
77823ce45815754264bdf3dccad59098e086149c
f5ce06e14582be5d313b8488196e1d3a88920fb3744ffad8e9e0282307e563b8
GET /gampad/cookie.js?domain=crezu.ph&callback=_gfp_s_&client=ca-pub-6373705936907274&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 15 Jan 2023 07:57:41 GMT
server: cafe
cache-control: private
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=crezu.ph
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=crezu.ph
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=crezu.ph HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 15 Jan 2023 07:57:41 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c2ef9670464991d62cc84885ed91393f
677c7fc5e7aafe8f96671f0457d338c7579c1743
5a8a89041320c685adad960bc61e5d4ab4623a448788eeddafcf9df098414366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019
142.250.74.3200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019
IP 142.250.74.3:0
File type ASCII text, with very long lines (2630)
Hash 07d9fc34dd6c802cd322fbf6610fd6e6
2ae9051b3d1d380e364c287f4d40dbd7dc3ac776
1ae14752e0fd53b7eab881df1cfeae4ac5c7279b2a7988e6502c9e33841bfdff
GET /mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4234
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 01:56:00 GMT
expires: Tue, 11 Apr 2023 01:56:00 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
content-type: text/javascript
age: 367301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 91c8e08b8aebb21636749787f171e608
153bfed51979364855083bc8123f00901cd514bb
3afbe409f16cd32f4c97afface18084747bac7dbafce5b6832996435b1f58259
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 91c8e08b8aebb21636749787f171e608
153bfed51979364855083bc8123f00901cd514bb
3afbe409f16cd32f4c97afface18084747bac7dbafce5b6832996435b1f58259
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/1361b6196af0d1e07082d1e4b1fa3dae.js?tag=text/vanilla_highlight
142.250.74.3200 OK 4.5 kB URL HTTP/2 www.gstatic.com/mysidia/1361b6196af0d1e07082d1e4b1fa3dae.js?tag=text/vanilla_highlight
IP 142.250.74.3:0
File type C++ source, ASCII text, with very long lines (1812)
Hash 27a508710464f863df3ded1a2fe0d268
3cc34753fe3e8a093f3041a40d10c2287f02d87b
22faed1b7b02490bc8c70376d433791bd078cdefa93895c6bbb54d797b5a0cc0
GET /mysidia/1361b6196af0d1e07082d1e4b1fa3dae.js?tag=text/vanilla_highlight HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 01:56:35 GMT
expires: Tue, 11 Apr 2023 01:56:35 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
content-type: text/javascript
age: 367266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
172.217.21.161200 OK 8.9 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1569)
Hash 405113cd450d20a7a8794680fe6d9085
aa285e8e9e3a07ea817e5bbc81d36c40f3edfe40
884ddf0329fcc7c276fd337734c4454c42c4e9c8ca3ed4371d544c8c3acbdfd9
GET /pagead/js/r20230111/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8889
x-xss-protection: 0
date: Sat, 14 Jan 2023 19:08:53 GMT
expires: Sat, 28 Jan 2023 19:08:53 GMT
cache-control: public, max-age=1209600
age: 46128
etag: 3049769697470197148
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
172.217.21.161200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1506)
Hash 5b7f8f3b88683f1be8c3cd38c6eac34c
40ac969c50aa9e810c739114f36da64b9c0032c6
b058db00e166a46363182af58e3b632f131aa773e6721f14808c400ead7943a8
GET /pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7538
x-xss-protection: 0
date: Sat, 14 Jan 2023 19:13:19 GMT
expires: Sat, 28 Jan 2023 19:13:19 GMT
cache-control: public, max-age=1209600
age: 45862
etag: 18140588555649875417
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.106200 OK 15 kB URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.106:0
File type ASCII text, with very long lines (1715)
Hash 6d8ce27e1f6b09d3fa84303552a695bd
ff43f677164149997ec5db38b8e4df2af7e1b2be
0e79577629146e75a6b25bd3186ba965a4ca94192ad57e28016e41948792ec78
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 07:57:41 GMT
date: Sun, 15 Jan 2023 07:57:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 15:21:36 GMT
expires: Thu, 11 Jan 2024 15:21:36 GMT
cache-control: public, max-age=31536000
age: 318965
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
142.250.74.162200 OK 16 kB URL HTTP/2 pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (36069)
Hash f39072f78771cb7df1b9755f5a8b038d
c1837bc15137dd0527b68dcd178ab8331021ec08
81b62b3f30b05986d35f5bc3b4c0ce138d7b29edefb96993dd3f39bbedee0450
GET /bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 16089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 13:18:34 GMT
expires: Sun, 14 Jan 2024 13:18:34 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
content-type: text/javascript
age: 67148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14570), with no line terminators
Hash f029cbfd109dbb06ecfab706f6679ad9
1e10dfee49c30381fd6ffa695ac0fd8ff4867636
18ce696c7a66213bf6e44638901b9b1e12b1b809ab342f64efe4df9797f0c644
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 15 Jan 2023 07:57:42 GMT
server: cafe
content-length: 10997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=4491285658201556&rc=
142.250.74.162204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=4491285658201556&rc=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=4491285658201556&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 15 Jan 2023 07:57:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=4491285658201556&bg=!VFelVxPNAAYDMoyoIzI7ACkAdvg8WnQHTCZ5icQ7WGxFv7U7JamT-zsY5q9VdGCklsmlYvodwLb5GAIAAACMUgAAAAloAQcKABQmiGnPfvVIgYmHdsAUExocGk704JkCfUbYC6Y40-6YwW-dQ8sWKyMU0mn0vDPvhQQi0BmURNs3-YWNTTV3J6pxpLt_r5wO-Y6-lARuVeRRepbW89ZPKOkl-O78suJ1__JKVBmmCQkUju8fmrW2bqfo29Qt7JMG15hCVIu7cOTJM4n016BZh5Ym5JZzswenv3vZ06ih1xDVdt4YXui6pPrxCbSuzDX8oc0FNCg-PQ1irV5Twr6WI20ihKHeYfUkdJKSUS5gzZKr5byJlgRz1OqYXe-noW-EyFdz-cLbEZXUCBVQXdlAbRTC-tjbskNsjrXUZnk0zrOgM5O5Ra8ykX1d9ZnQ7r9D1XQDpLghphTxJX5uLRHf8LbRz7k3oNLzXBI5dgxu2vWcS8Xsu0RgDczDafETOMhQ6N2nzSvSt38I4ek9XwMbBZAK45qbJWaRKhtflHieoYcTCYGYb6YHJOqs5T8NlxD6Yb-xKrFGBRJm1U0l8FqigNmkcDBvhEmHF1uYfQ5OsA4OZ58Ng2wJwCNcnJ2ufvdnafqcm_KX1dHpB-PsaewCbgHnDbEa0GKHtuschQFsXGcirUEwVjJrYpgIqvWzNCZoTffUyAjvLxvmhLfN6JrK99qUXSLxV3g3fj5gtQHBS19DXNf7PNi-on--D2D24gKwUL-xT4PMqsVb_rXBdxO3CgxTidgGK9-TaPPmaaj2dfbvFHMLJo7Bi_uzIhBU32qah6PMNUYYOZOXwUkBWfQvLnXIajmf_QhFkf7MQx0QlylOWaHUmQFzUYxoj6dTIEuDiMMhMvKFxrDu9EgR1y1frlyFTXqWbtX9ufEiWVF2WNkrawJsQrWX85Gx5DSpFEOxspuWdBnnCF8hMdlhNuc
142.250.74.162204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=4491285658201556&bg=!VFelVxPNAAYDMoyoIzI7ACkAdvg8WnQHTCZ5icQ7WGxFv7U7JamT-zsY5q9VdGCklsmlYvodwLb5GAIAAACMUgAAAAloAQcKABQmiGnPfvVIgYmHdsAUExocGk704JkCfUbYC6Y40-6YwW-dQ8sWKyMU0mn0vDPvhQQi0BmURNs3-YWNTTV3J6pxpLt_r5wO-Y6-lARuVeRRepbW89ZPKOkl-O78suJ1__JKVBmmCQkUju8fmrW2bqfo29Qt7JMG15hCVIu7cOTJM4n016BZh5Ym5JZzswenv3vZ06ih1xDVdt4YXui6pPrxCbSuzDX8oc0FNCg-PQ1irV5Twr6WI20ihKHeYfUkdJKSUS5gzZKr5byJlgRz1OqYXe-noW-EyFdz-cLbEZXUCBVQXdlAbRTC-tjbskNsjrXUZnk0zrOgM5O5Ra8ykX1d9ZnQ7r9D1XQDpLghphTxJX5uLRHf8LbRz7k3oNLzXBI5dgxu2vWcS8Xsu0RgDczDafETOMhQ6N2nzSvSt38I4ek9XwMbBZAK45qbJWaRKhtflHieoYcTCYGYb6YHJOqs5T8NlxD6Yb-xKrFGBRJm1U0l8FqigNmkcDBvhEmHF1uYfQ5OsA4OZ58Ng2wJwCNcnJ2ufvdnafqcm_KX1dHpB-PsaewCbgHnDbEa0GKHtuschQFsXGcirUEwVjJrYpgIqvWzNCZoTffUyAjvLxvmhLfN6JrK99qUXSLxV3g3fj5gtQHBS19DXNf7PNi-on--D2D24gKwUL-xT4PMqsVb_rXBdxO3CgxTidgGK9-TaPPmaaj2dfbvFHMLJo7Bi_uzIhBU32qah6PMNUYYOZOXwUkBWfQvLnXIajmf_QhFkf7MQx0QlylOWaHUmQFzUYxoj6dTIEuDiMMhMvKFxrDu9EgR1y1frlyFTXqWbtX9ufEiWVF2WNkrawJsQrWX85Gx5DSpFEOxspuWdBnnCF8hMdlhNuc
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=4491285658201556&bg=!VFelVxPNAAYDMoyoIzI7ACkAdvg8WnQHTCZ5icQ7WGxFv7U7JamT-zsY5q9VdGCklsmlYvodwLb5GAIAAACMUgAAAAloAQcKABQmiGnPfvVIgYmHdsAUExocGk704JkCfUbYC6Y40-6YwW-dQ8sWKyMU0mn0vDPvhQQi0BmURNs3-YWNTTV3J6pxpLt_r5wO-Y6-lARuVeRRepbW89ZPKOkl-O78suJ1__JKVBmmCQkUju8fmrW2bqfo29Qt7JMG15hCVIu7cOTJM4n016BZh5Ym5JZzswenv3vZ06ih1xDVdt4YXui6pPrxCbSuzDX8oc0FNCg-PQ1irV5Twr6WI20ihKHeYfUkdJKSUS5gzZKr5byJlgRz1OqYXe-noW-EyFdz-cLbEZXUCBVQXdlAbRTC-tjbskNsjrXUZnk0zrOgM5O5Ra8ykX1d9ZnQ7r9D1XQDpLghphTxJX5uLRHf8LbRz7k3oNLzXBI5dgxu2vWcS8Xsu0RgDczDafETOMhQ6N2nzSvSt38I4ek9XwMbBZAK45qbJWaRKhtflHieoYcTCYGYb6YHJOqs5T8NlxD6Yb-xKrFGBRJm1U0l8FqigNmkcDBvhEmHF1uYfQ5OsA4OZ58Ng2wJwCNcnJ2ufvdnafqcm_KX1dHpB-PsaewCbgHnDbEa0GKHtuschQFsXGcirUEwVjJrYpgIqvWzNCZoTffUyAjvLxvmhLfN6JrK99qUXSLxV3g3fj5gtQHBS19DXNf7PNi-on--D2D24gKwUL-xT4PMqsVb_rXBdxO3CgxTidgGK9-TaPPmaaj2dfbvFHMLJo7Bi_uzIhBU32qah6PMNUYYOZOXwUkBWfQvLnXIajmf_QhFkf7MQx0QlylOWaHUmQFzUYxoj6dTIEuDiMMhMvKFxrDu9EgR1y1frlyFTXqWbtX9ufEiWVF2WNkrawJsQrWX85Gx5DSpFEOxspuWdBnnCF8hMdlhNuc HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 15 Jan 2023 07:57:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 27 kB IP 93.184.220.29:0
File type gzip compressed data, from Unix\012- data
Hash 586c1dbe355ba841e0c999a8a1114abc
20aeaa50f570735b88bd1c34d7779e0693bbdac7
369a16dc496d4ee3eae8a024c32362d747ab7a567c31567be99302ee6e727395
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4473
Cache-Control: max-age=135318
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:43 GMT
Etag: "63c30e14-117"
Expires: Mon, 16 Jan 2023 21:33:01 GMT
Last-Modified: Sat, 14 Jan 2023 20:18:28 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b906bc7d9ae14aea297c922bc202333
ce5ba55add1045d4f1772ee921cf705598ebfc49
bc7ad79d6003f93018fe1f5cd4390f8af3c1eb899c58b2421cda0d53a5ed3fc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC7AD79D6003F93018FE1F5CD4390F8AF3C1EB899C58B2421CDA0D53A5ED3FC9"
Last-Modified: Fri, 13 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4230
Expires: Sun, 15 Jan 2023 09:08:13 GMT
Date: Sun, 15 Jan 2023 07:57:43 GMT
Connection: keep-alive
events.crezu.net/api/event
35.240.92.105204 No Content 0 B URL HTTP/1.1 events.crezu.net/api/event
IP 35.240.92.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/event HTTP/1.1
Host: events.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://crezu.ph/
Origin: https://crezu.ph
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 15 Jan 2023 07:57:43 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,X-API-KEY,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
events.crezu.net/api/event
35.240.92.105201 Created 0 B URL HTTP/1.1 events.crezu.net/api/event
IP 35.240.92.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/event HTTP/1.1
Host: events.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.ph/
Content-Type: application/json
Origin: https://crezu.ph
Content-Length: 246
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 15 Jan 2023 07:57:43 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-API-KEY,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4d8b0c309c13144b0e105137133778b
f95544003778c87b48bae364474eff9c63722daa
88055eb913ebd9fbf0105eeadc69bb30bac68c9b76f830bbdea810c1db1229fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4473
Cache-Control: max-age=135318
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 07:57:43 GMT
Etag: "63c30e14-117"
Expires: Mon, 16 Jan 2023 21:33:01 GMT
Last-Modified: Sat, 14 Jan 2023 20:18:28 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
clicfin.com/?gp=1
104.21.39.23200 OK 1.6 kB IP 104.21.39.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (386)
Hash 390b36f4eb3edec03ea22e691809e0f6
2ae1c56cc5fb64a7bcf9fe273a93c0ddc04eeb0c
d6a60736ae4c3e01ba58dbcad5850d3bae7f0642ca492adf762f72ba1e05cbb3
GET /?gp=1 HTTP/1.1
Host: clicfin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 07:57:43 GMT
content-type: text/html
last-modified: Mon, 02 Aug 2021 09:33:17 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjTkb791jDMIJTOvLaGpjcCS8HjkQyYhAAp2K3C%2FWY%2BXw%2F%2BO6YIcv3CCc6VVBeSbPWCVNq3pedio9WuTaBNnSJj3D7wN2Zr1hvquR66u0wvETJASOuIf%2FrVnKeDycg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789d0fea09e21c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d5a7d78a934e019572bffd8309c2e124
b8d6135f60ab93aa65301180136ad2d610a0925c
dd573f87e29550db1b2482578c878195e42182e0d2e275bab15583f918a18841
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 16:24:42 GMT
Expires: Sat, 21 Jan 2023 16:24:41 GMT
Etag: "b8d6135f60ab93aa65301180136ad2d610a0925c"
Cache-Control: max-age=548216,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0ff04ccfb527-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d5a7d78a934e019572bffd8309c2e124
b8d6135f60ab93aa65301180136ad2d610a0925c
dd573f87e29550db1b2482578c878195e42182e0d2e275bab15583f918a18841
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 16:24:42 GMT
Expires: Sat, 21 Jan 2023 16:24:41 GMT
Etag: "b8d6135f60ab93aa65301180136ad2d610a0925c"
Cache-Control: max-age=548216,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0ff04b12b517-OSL
cdn.morecashpls.com/landings/img/i-push-close.svg
34.107.249.96200 OK 639 B URL HTTP/2 cdn.morecashpls.com/landings/img/i-push-close.svg
IP 34.107.249.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash a942d9fd63a2eebe28676f7c9c463596
06cb2b6fbc48a08c06dd5396b647e7d64d2d0c46
5e0440d1f014655b2a7c9a0ce23aa09e79d49d7afce588d3f7d54a89e92ceb6f
GET /landings/img/i-push-close.svg HTTP/1.1
Host: cdn.morecashpls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
content-length: 639
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google
date: Fri, 13 Jan 2023 06:12:31 GMT
expires: Fri, 20 Jan 2023 06:12:31 GMT
cache-control: max-age=604800,public
age: 179113
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
etag: "5e4d5e4b-27f"
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.morecashpls.com/landings/img/img-push-arrow.png
34.107.249.96200 OK 21 kB URL HTTP/2 cdn.morecashpls.com/landings/img/img-push-arrow.png
IP 34.107.249.96:0
File type PNG image data, 680 x 231, 8-bit/color RGBA, non-interlaced\012- data
Hash bf9cb4b97700e1d2e3f7e9ce7bd575ff
ce87fbfff8bea8017a94fe748e3fadcd930457e3
194d53b4483d0fc25f7ccf7f5431893376d633324170f6366d4de0eb102fe25e
GET /landings/img/img-push-arrow.png HTTP/1.1
Host: cdn.morecashpls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
content-length: 20616
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google
date: Fri, 13 Jan 2023 22:15:09 GMT
expires: Fri, 20 Jan 2023 22:15:09 GMT
cache-control: max-age=604800,public
age: 121355
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
etag: "5e4d5e4b-5088"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.morecashpls.com/landings/img/i-push-01.svg
34.107.249.96200 OK 7.6 kB URL HTTP/2 cdn.morecashpls.com/landings/img/i-push-01.svg
IP 34.107.249.96:0
Hash 09795302302a2e5ef2820ee4fcbe9ac1
1b8f0bb6e0027cb10bfae8edebaf30c9dc6bc9d0
c9007260966284b7cd2cb6330785ab3a1bce08edd53c28912d2dbe2112a4739f
GET /landings/img/i-push-01.svg HTTP/1.1
Host: cdn.morecashpls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
content-length: 1391
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google
date: Fri, 13 Jan 2023 20:40:33 GMT
expires: Fri, 20 Jan 2023 20:40:33 GMT
cache-control: max-age=604800,public
age: 127031
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
etag: "5e4d5e4b-56f"
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d5a7d78a934e019572bffd8309c2e124
b8d6135f60ab93aa65301180136ad2d610a0925c
dd573f87e29550db1b2482578c878195e42182e0d2e275bab15583f918a18841
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 16:24:42 GMT
Expires: Sat, 21 Jan 2023 16:24:41 GMT
Etag: "b8d6135f60ab93aa65301180136ad2d610a0925c"
Cache-Control: max-age=548216,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0ff0dd51b4f4-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d5a7d78a934e019572bffd8309c2e124
b8d6135f60ab93aa65301180136ad2d610a0925c
dd573f87e29550db1b2482578c878195e42182e0d2e275bab15583f918a18841
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 16:24:42 GMT
Expires: Sat, 21 Jan 2023 16:24:41 GMT
Etag: "b8d6135f60ab93aa65301180136ad2d610a0925c"
Cache-Control: max-age=548216,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0ff04f2eb523-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d5a7d78a934e019572bffd8309c2e124
b8d6135f60ab93aa65301180136ad2d610a0925c
dd573f87e29550db1b2482578c878195e42182e0d2e275bab15583f918a18841
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 07:57:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 16:24:42 GMT
Expires: Sat, 21 Jan 2023 16:24:41 GMT
Etag: "b8d6135f60ab93aa65301180136ad2d610a0925c"
Cache-Control: max-age=548216,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d0ff04f90b50f-OSL
crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
104.199.174.226200 OK 0 B URL HTTP/2 crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
IP 104.199.174.226:0
GET /?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://crezu.ph/>; rel=shortlink
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
crezu.ph/wp-includes/js/jquery/jquery.min.js
104.199.174.226200 OK 0 B URL HTTP/2 crezu.ph/wp-includes/js/jquery/jquery.min.js
IP 104.199.174.226:0
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: application/javascript
last-modified: Fri, 22 Oct 2021 04:41:02 GMT
vary: Accept-Encoding
etag: W/"617240de-15db1"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
crezu.ph/wp-includes/js/jquery/jquery-migrate.min.js
104.199.174.226200 OK 0 B URL HTTP/2 crezu.ph/wp-includes/js/jquery/jquery-migrate.min.js
IP 104.199.174.226:0
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:39 GMT
content-type: application/javascript
last-modified: Fri, 22 Oct 2021 04:41:02 GMT
vary: Accept-Encoding
etag: W/"617240de-2bd8"
expires: Mon, 15 Jan 2024 07:57:39 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/12/favicon.ico
104.199.174.226200 OK 0 B URL HTTP/2 crezu.ph/wp-content/uploads/2020/12/favicon.ico
IP 104.199.174.226:0
GET /wp-content/uploads/2020/12/favicon.ico HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c3b1f19353aa0001be707c
Cookie: _gcl_au=1.1.2125327925.1673769460; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-15%2007%3A57%3A40%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-15%2007%3A57%3A40%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c3b1f19353aa0001be707c%7C%7C%7Ctrm%3D4; sbjs_first=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c3b1f19353aa0001be707c%7C%7C%7Ctrm%3D4; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c3b1f19353aa0001be707c; rsns_cnt_1=800070; rsns_cnt_2=732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 07:57:40 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Sun, 06 Dec 2020 19:42:04 GMT
etag: "5fcd340c-47e"
expires: Mon, 15 Jan 2024 07:57:40 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2