thraindettery.com/cd145c76-9954-4467-b63f-61105ece8a5e/2
35.157.49.161302 0 B URL HTTP/1.1 thraindettery.com/cd145c76-9954-4467-b63f-61105ece8a5e/2
IP 35.157.49.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /cd145c76-9954-4467-b63f-61105ece8a5e/2 HTTP/1.1
Host: thraindettery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Mon, 16 Jan 2023 13:11:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://track.leadbazaar.co/click?pid=4&offer_id=75&sub1=_v_w8d7832ac5be0luli8unsnes&sub2=v
Pragma: no-cache
Set-Cookie: cd145c76-9954-4467-b63f-61105ece8a5e-v4=4pKYxE1zH-r8qREuuE6ciwogk7UJWi4jakD4C2h2Bs4; Max-Age=86400; Expires=Tue, 17-Jan-2023 13:11:20 GMT; Domain=thraindettery.com; Path=/; HttpOnly
cc-v4=5Fxvn1zDIvAY7Z5dblJzrdPgJIWCfNfe40ofYr9Ps28pGJTtMm19Fa1CHx7YsCkl%2Bsa0hAXTzw4l1cjuw9lZi3%2Bzc0Lacbj6Nt%2FHcucOGG8VkTo2EtNtqY7P09uL4yDivwWBmnDtOIAxpIwshI%2B3bw%3D%3D; Max-Age=31536000; Expires=Tue, 16-Jan-2024 13:11:20 GMT; Domain=thraindettery.com; Path=/; HttpOnly
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19504
Expires: Mon, 16 Jan 2023 18:36:24 GMT
Date: Mon, 16 Jan 2023 13:11:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11971
Expires: Mon, 16 Jan 2023 16:30:51 GMT
Date: Mon, 16 Jan 2023 13:11:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 12:42:09 GMT
content-type: application/json
age: 1752
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18849
Expires: Mon, 16 Jan 2023 18:25:30 GMT
Date: Mon, 16 Jan 2023 13:11:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sVjT8Ftf/2K2pD4M3JMlVkYsKQeBAIYHA4PFrXexX2ajpyCrWDS02YQywJGKMXHIj2CwVhjmPyE=
x-amz-request-id: Y6RM7MB8A40DHACT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 12:55:49 GMT
age: 932
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:21 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1d56ad0623560a80157a03f8617a0206
a99fff59ff80028d7fc898988155bb5c3d86ca39
b6e336e802191b6c437b38bc12c7911c033f3edfd36c7e674092ab7c853d087d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 04:22:28 GMT
Expires: Mon, 23 Jan 2023 04:22:27 GMT
Etag: "a99fff59ff80028d7fc898988155bb5c3d86ca39"
Cache-Control: max-age=572465,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718b6ae4fb51d-OSL
track.leadbazaar.co/click?pid=4&offer_id=75&sub1=_v_w8d7832ac5be0luli8unsnes&sub2=v
34.90.63.227302 Found 0 B URL HTTP/2 track.leadbazaar.co/click?pid=4&offer_id=75&sub1=_v_w8d7832ac5be0luli8unsnes&sub2=v
IP 34.90.63.227:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=4&offer_id=75&sub1=_v_w8d7832ac5be0luli8unsnes&sub2=v HTTP/1.1
Host: track.leadbazaar.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Mon, 16 Jan 2023 13:11:21 GMT
content-length: 0
location: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63c54cf9c5c3ad0001c43d01; expires=Tue, 16 Jan 2024 13:11:21 GMT; secure; SameSite=None
afoffers={"75":1673874681}; expires=Tue, 16 Jan 2024 13:11:21 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 12:33:46 GMT
age: 2255
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6322
Cache-Control: max-age=164454
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:21 GMT
Etag: "63c513ad-1d7"
Expires: Wed, 18 Jan 2023 10:52:15 GMT
Last-Modified: Mon, 16 Jan 2023 09:06:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.166.158.207101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.158.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fhXIRwFHl1kt6md1FlwRmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZEGdlzwKQn/TebWQeoLCUyYoKo8=
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash bfc2fe729e98b2a710e1e8eb36ced798
29339d10b3961ef8492751e2dc344ed1b5c3d7a4
d00d48497d9b17fa873212ee813c1d8dd61925abc1b7ba65b55b99595bae88bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 03:23:01 GMT
Expires: Mon, 23 Jan 2023 03:23:00 GMT
Etag: "29339d10b3961ef8492751e2dc344ed1b5c3d7a4"
Cache-Control: max-age=568897,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718bb5bcfb51d-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-W3J6MDZ
142.250.74.40200 OK 73 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W3J6MDZ
IP 142.250.74.40:0
File type Unicode text, UTF-8 text, with very long lines (13773)
Hash 6d46bac102e2e939eb52093607336d53
493d9774908d328f206bbf48d8c7572b1b3291d6
30c6a16885e4d49c344017c81b90740a22476f69861be50054fefa4e68a5beba
GET /gtm.js?id=GTM-W3J6MDZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Jan 2023 13:11:23 GMT
expires: Mon, 16 Jan 2023 13:11:23 GMT
cache-control: private, max-age=900
last-modified: Mon, 16 Jan 2023 12:13:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72707
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=483534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718c218f20b49-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=483534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718c2197d0b41-OSL
cdn.crezu.net/wp_js/dist/page-index.js
35.201.76.189200 OK 78 kB URL HTTP/2 cdn.crezu.net/wp_js/dist/page-index.js
IP 35.201.76.189:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65324), with no line terminators
Hash dd060bd2bd17c172963df9ea92ffbc8e
2a55d9b9cf66f4afca375cfe16d77844a37f753a
5106b68bf4378c79fd13701af8ff7b8326845678441049f9cd32f18fe4341f3f
GET /wp_js/dist/page-index.js HTTP/1.1
Host: cdn.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
content-length: 77517
date: Mon, 16 Jan 2023 11:57:31 GMT
expires: Mon, 23 Jan 2023 11:57:31 GMT
cache-control: max-age=604800,public
age: 4432
last-modified: Wed, 11 Jan 2023 11:32:02 GMT
etag: W/"63be9e32-3dc96"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.crezu.net/wp_js/dist/common.js
35.201.76.189200 OK 49 kB URL HTTP/2 cdn.crezu.net/wp_js/dist/common.js
IP 35.201.76.189:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65324), with no line terminators
Hash 9825b8b6a336ccf1ae4ec36309be0f27
062092881f74bffffffc167e11559423b574d6e6
29368b74b236c92ed1e92f274945385e3d97c6c9f81a3537d362b6afd68cf881
GET /wp_js/dist/common.js HTTP/1.1
Host: cdn.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
date: Mon, 16 Jan 2023 11:56:36 GMT
expires: Mon, 23 Jan 2023 11:56:36 GMT
cache-control: max-age=604800,public
last-modified: Wed, 04 Jan 2023 15:00:28 GMT
etag: W/"63b5948c-23e60"
content-type: application/javascript
content-length: 48774
age: 4487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=483534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718c2e9c20b49-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5368
Expires: Mon, 16 Jan 2023 14:40:51 GMT
Date: Mon, 16 Jan 2023 13:11:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5368
Expires: Mon, 16 Jan 2023 14:40:51 GMT
Date: Mon, 16 Jan 2023 13:11:23 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=483534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718c21884b521-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7917592de9f2ddbe7d3a7fa7f3d4d62
866b04ce93a30369d7cb0a6d2155a8b10292507f
da58e1798bf0fcbfe771420a66bbf671cc84e0ca429e076fdc70bb8d73cddb18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6273
x-amzn-requestid: f5d21802-91ea-44cc-aeb2-8ec9af07e1a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOyFwNIAMFZsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725e-3028350e72b2ee7b6ae44f2c;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8ggqVFvybykQ-MJzU9H_L6JS9YqmLGsuaMJ34Qy7o6yoMOJOmvYsMA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:53:09 GMT
age: 55094
etag: "866b04ce93a30369d7cb0a6d2155a8b10292507f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=483534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718c21e1eb51d-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad1a79b09348c4959a8ac05513efcb78
10c0a66add63c868ff332022f588e65f4ac1ec15
8a123746389e6b480669b8d6882f7edce290f1c226cd6744e23bac94b8de6d32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9176
x-amzn-requestid: 1d5746ff-7de6-4a54-87d2-d15330d1bb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlL8HiPoAMFrIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21be5-044d012445cf23c01cb07a89;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:05:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pfjURj_jUMCbuxIL46hNNw6BeY4YX4TDo-9Ch6R5y3CuWTyt1r3ttw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 03:52:01 GMT
age: 33562
etag: "10c0a66add63c868ff332022f588e65f4ac1ec15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c1d929710bbf5d3a500cff064fa28e5
f76fade4eba5e5740d1261a2bce7776719ee477f
bb0b45ede28406534c236881abe011a1b8162a1bcb4cbe61320c613fec5d0010
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7986
x-amzn-requestid: 366be46e-97f4-4bdc-8341-5bf87438ad86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbPvEezoAMF6ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47264-7eef208b3ec703b82d792537;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _cMoPRYYqsc6B6TWFkmrfDMCleAW2jWn5FXGmjay279Bf3tppH60hQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:04:21 GMT
age: 54422
etag: "f76fade4eba5e5740d1261a2bce7776719ee477f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cff4cbad17919648f62b3582f49c404b
65b8056061916928e309bb983129353a577c2b89
f6ba13b6fd5a6a39f0a34b406b39471f02c6f5fd72813db64585a8e795ec44a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: c14aa47a-3e94-491a-95ab-beae1f5bdb9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbKtFrIoAMFt5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47244-3a6b3c4b4b35ba8f57aa449a;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: quy8cULp0c0o6cHatiXz8R9t9hvQyus52_hOWSReahePmcxb6hOT4A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:26 GMT
age: 55017
etag: "65b8056061916928e309bb983129353a577c2b89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74ac30be02dee9dcfeee79a7dc54edff
1368d81de22ea2e4054a3e1a8f01ef337c63e35b
8abc2f276906dfb9ce75c2526d2c2cfa6aea6dbe13f4046de1040cd611cbbc1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9801
x-amzn-requestid: 39d84a20-55f7-4b7c-abc4-9ac1ff100da9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSkoGCZoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0caea-4f7a1cf676335cc83018dc51;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:07:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n-uzZFYeVcR7YP4lVhGVKFmINHUwd3kNcJIAJiRJW5maf_MqufqU8g==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 05:42:23 GMT
age: 26940
etag: "1368d81de22ea2e4054a3e1a8f01ef337c63e35b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 542f87ebb35e170451b610e4b700bcb1
2259cdebacc4c9f07aad838eec494863d4273ad1
85001f2cf33f3fc98d4cdcc7aef38611e34aea3a791d8acb0a5946c4619398eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5766
x-amzn-requestid: b6a8d7ee-ff35-4720-8d2e-ba2b8db6edfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbP4GDQIAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47265-6022a62f69d8f938458d18a0;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YcIDYSEtEIIfGauNxD9V1tuSCAPDq9OaaAATRTOC3Sjlb-72IA0ScQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:06:50 GMT
age: 54273
etag: "2259cdebacc4c9f07aad838eec494863d4273ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-how_1.svg
104.199.174.226200 OK 2.2 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-how_1.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (458)
Hash bbe992081ceda3e870acabe83945a340
0a891f1a3a76352fea55337cb974656951d96890
5574592f776e6cbb5806d263e9a2bde2b647d55a1c1ed6bdf0ea9b506278589c
GET /wp-content/uploads/2020/11/i-how_1.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/svg+xml
content-length: 2195
last-modified: Wed, 18 Nov 2020 04:49:03 GMT
etag: "5fb4a7bf-893"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-steps_2.svg
104.199.174.226200 OK 1.6 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-steps_2.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (458)
Hash f7a8477518d8fd72896710dbf209262a
b55239fa703e1a299b32c20a59a499b802331c28
f25c0f7c8ec83cc5628193eaad246011c3652aa19fc63d02a2d262a43e4c82cb
GET /wp-content/uploads/2020/11/i-steps_2.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/svg+xml
content-length: 1624
last-modified: Wed, 18 Nov 2020 04:49:49 GMT
etag: "5fb4a7ed-658"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-steps_3.svg
104.199.174.226200 OK 1.8 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-steps_3.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (458)
Hash 1379159a5f6b23ad0dea0dbfb6f5a0e3
032b9a162bf67cba67713228d705483e3527ce7f
f18dc7c59350327089910d76da9566164f9bba7998d13640ee83bd944e4320db
GET /wp-content/uploads/2020/11/i-steps_3.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/svg+xml
content-length: 1783
last-modified: Wed, 18 Nov 2020 04:51:59 GMT
etag: "5fb4a86f-6f7"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-reasons_1_green-1.svg
104.199.174.226200 OK 1.5 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-reasons_1_green-1.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1538), with no line terminators
Hash 9dbaec4201c0e998c133732880dc0864
86c02e16974297cd1bd5d45c5e1ac66ddc3dee29
cb3e8e4859093e89b1d21d1576906fd4d6c6a751751bfe043b8638dc7753be14
GET /wp-content/uploads/2020/11/i-reasons_1_green-1.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/svg+xml
content-length: 1538
last-modified: Wed, 18 Nov 2020 04:57:36 GMT
etag: "5fb4a9c0-602"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-reasons_2_green-1.svg
104.199.174.226200 OK 858 B URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-reasons_2_green-1.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (858), with no line terminators
Hash 3e21a244d96816b38343c67d82fb4f05
8730cb83c944f17647a8b321e1fd78268a83b640
b6d362c23e82b593bf038cfe55f5c85d0535e15b9fc9db8aa9712bafe5e684b4
GET /wp-content/uploads/2020/11/i-reasons_2_green-1.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/svg+xml
content-length: 858
last-modified: Wed, 18 Nov 2020 04:59:00 GMT
etag: "5fb4aa14-35a"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/i-reasons_3_green-1.svg
104.199.174.226200 OK 1.1 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/i-reasons_3_green-1.svg
IP 104.199.174.226:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1086), with no line terminators
Hash 97c4eccaa4ac732f2e2e4a6757b1bb49
13c0a3eaa54ab982be99f035568dc0572744ea5e
c0e3cfe56af7487638e4176f22570735247bbff9c3df9926838a4d3904dcfb66
GET /wp-content/uploads/2020/11/i-reasons_3_green-1.svg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/svg+xml
content-length: 1086
last-modified: Wed, 18 Nov 2020 05:03:00 GMT
etag: "5fb4ab04-43e"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/lang-ua-1.png
104.199.174.226200 OK 1.0 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/lang-ua-1.png
IP 104.199.174.226:0
File type PNG image data, 23 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash 61eba36d5fbe21c9939b634db02f4b10
d3b0b827db9985a26e5cef52054f646d188823bb
18c656b087026e2bda87dcd6ab2a0f28f652b2f6f717c8bc9e687ca77d578f13
GET /wp-content/uploads/2020/11/lang-ua-1.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/png
content-length: 1004
last-modified: Wed, 18 Nov 2020 12:08:37 GMT
etag: "5fb50ec5-3ec"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/lang-kz-1.png
104.199.174.226200 OK 1.2 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/lang-kz-1.png
IP 104.199.174.226:0
File type PNG image data, 23 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash a1f8ce07c5b258bcf9d3f87e97839e6a
d2dcb47e913c81a21c63e06afcf1a667c0abfa68
397e11f6a23a9ecdf1f857a1cf5ff5c50a16419b4d305710e8413facaaaf7653
GET /wp-content/uploads/2020/11/lang-kz-1.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/png
content-length: 1210
last-modified: Wed, 18 Nov 2020 12:09:16 GMT
etag: "5fb50eec-4ba"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/spain.png
104.199.174.226200 OK 1.7 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/spain.png
IP 104.199.174.226:0
File type PNG image data, 40 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash cd76bc84baf38cb0522e0a4d2963ea41
c03cc37291a5366cd84bbdb12951f1f9cf5d966f
3f29a545d56e5439a36ca91838c9e098a8cc3b362b2cbf8520dfa50055da69ac
GET /wp-content/uploads/2020/11/spain.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/png
content-length: 1701
last-modified: Wed, 18 Nov 2020 12:10:10 GMT
etag: "5fb50f22-6a5"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/argentina.png
104.199.174.226200 OK 1.5 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/argentina.png
IP 104.199.174.226:0
File type PNG image data, 40 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a57d03724b59d3ff7d901b20dd7be330
8320d08ef5f38275b1412d43bc67a7bf668a4250
afa283c3e80121f370cb92a0cc51a2ffca80ab2415c143582b5ec7d24696c199
GET /wp-content/uploads/2020/11/argentina.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/png
content-length: 1462
last-modified: Wed, 18 Nov 2020 12:10:56 GMT
etag: "5fb50f50-5b6"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/mexica.png
104.199.174.226200 OK 1.5 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/mexica.png
IP 104.199.174.226:0
File type PNG image data, 40 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 2d8d8375b7c8d0f8beb201510102191c
35135479a0f29b69742a877868371f497c7aa645
0b58413e8d4bd344766906b69ea9f2f410ac489dcbc80fa289af194a2f7f39d7
GET /wp-content/uploads/2020/11/mexica.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/png
content-length: 1472
last-modified: Wed, 18 Nov 2020 12:11:50 GMT
etag: "5fb50f86-5c0"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/columbia.png
104.199.174.226200 OK 1.1 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/columbia.png
IP 104.199.174.226:0
File type PNG image data, 40 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash f772afdd01bc7592150ebfac13889633
801eba7697305e448173884bc5c1b6106de28963
2aa27cf79d861f2f609fc1121f34deb26370e212905d12fcef5eacc824cf04f8
GET /wp-content/uploads/2020/11/columbia.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: image/png
content-length: 1080
last-modified: Wed, 18 Nov 2020 12:12:34 GMT
etag: "5fb50fb2-438"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-P0PQP531VF>m=2oe1a1&_p=1344404347&cid=1242986659.1673874684&ul=en-us&sr=1280x1024&_s=1&sid=1673874684&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&dt=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-P0PQP531VF>m=2oe1a1&_p=1344404347&cid=1242986659.1673874684&ul=en-us&sr=1280x1024&_s=1&sid=1673874684&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&dt=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-P0PQP531VF>m=2oe1a1&_p=1344404347&cid=1242986659.1673874684&ul=en-us&sr=1280x1024&_s=1&sid=1673874684&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&dt=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://crezu.ph
date: Mon, 16 Jan 2023 13:11:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 16a5db1410dc1b8eff1761eb5e9b205f
f296c5f71e2ec50aa1f1e19fabb8d78a302c3109
89d174e397468e990e8f98bd7d67d5500b33da6814de2ea2327f85d616800ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:40:19 GMT
Expires: Sun, 22 Jan 2023 03:40:18 GMT
Etag: "f296c5f71e2ec50aa1f1e19fabb8d78a302c3109"
Cache-Control: max-age=483533,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718c21bd30b69-OSL
crezu.ph/wp-content/uploads/2020/11/main-bg-1.jpg
104.199.174.226200 OK 78 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/main-bg-1.jpg
IP 104.199.174.226:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1059, components 3\012- data
Hash 63e47dec6ec30bbb7b60fdd2f7a4a072
a5a83dbf7cd9ff7702b6a917857df5c34357dabd
efedacc636328d2abf34a81397bd7479678c36c4fd81d561b7bd1874d4d2a394
GET /wp-content/uploads/2020/11/main-bg-1.jpg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Cookie: _gcl_au=1.1.1032702148.1673874684; _ga_P0PQP531VF=GS1.1.1673874684.1.0.1673874684.0.0.0; _ga=GA1.1.1242986659.1673874684; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-16%2013%3A11%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-16%2013%3A11%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Ctrm%3D4; sbjs_first=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Ctrm%3D4; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:24 GMT
content-type: image/jpeg
content-length: 78316
last-modified: Wed, 18 Nov 2020 04:43:58 GMT
etag: "5fb4a68e-131ec"
expires: Tue, 16 Jan 2024 13:11:24 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 16 Jan 2023 12:41:07 GMT
expires: Mon, 16 Jan 2023 14:41:07 GMT
cache-control: public, max-age=7200
age: 1817
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b5f0190d8fe5de30dace39e0050f6176
daf68b3b076b739ee0e668188b23e32c344f76db
8c760c2f726a661095ce9c9d744ae8206fe86f9aba5450d55d98e727a38f7e37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6481
Cache-Control: max-age=126436
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:24 GMT
Etag: "63c47e8f-1d7"
Expires: Wed, 18 Jan 2023 00:18:40 GMT
Last-Modified: Sun, 15 Jan 2023 22:30:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ce8d00c5fdc36c7feb7318020711d6c6
56b42148698741cd32886b0e8c8c164c1afa77f5
249817acd224df79d872906a1e7d1e63c08553520701a06106cce166421a2759
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ce8d00c5fdc36c7feb7318020711d6c6
56b42148698741cd32886b0e8c8c164c1afa77f5
249817acd224df79d872906a1e7d1e63c08553520701a06106cce166421a2759
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: QdisGVAT0AdS40dtOGo6Y6uY5vE0rYNdcU+hL77yb+FDyrDVmTSqS2eZOH5uqHUxZ+7j+1v6bRIgNz+J4G6azw==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Mon, 16 Jan 2023 13:11:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b5f0190d8fe5de30dace39e0050f6176
daf68b3b076b739ee0e668188b23e32c344f76db
8c760c2f726a661095ce9c9d744ae8206fe86f9aba5450d55d98e727a38f7e37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6481
Cache-Control: max-age=126436
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:24 GMT
Etag: "63c47e8f-1d7"
Expires: Wed, 18 Jan 2023 00:18:40 GMT
Last-Modified: Sun, 15 Jan 2023 22:30:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6373705936907274
142.250.74.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6373705936907274
IP 142.250.74.162:0
File type ASCII text, with very long lines (4885)
Hash 2ec8b161bac778a4fb567bf3e961d9d3
59338be71794647d08e289db119bfc4116d9e7bf
940b49af13a93deb4aa9252692e02b80fe77818e731077227305ffc062828f06
GET /pagead/js/adsbygoogle.js?client=ca-pub-6373705936907274 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 16 Jan 2023 13:11:24 GMT
expires: Mon, 16 Jan 2023 13:11:24 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4865411369177391688
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49570
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ce8d00c5fdc36c7feb7318020711d6c6
56b42148698741cd32886b0e8c8c164c1afa77f5
249817acd224df79d872906a1e7d1e63c08553520701a06106cce166421a2759
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/790050544/?random=1673874684085&cv=11&fst=1673874684085&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&auid=1032702148.1673874684&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.66200 OK 993 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/790050544/?random=1673874684085&cv=11&fst=1673874684085&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&auid=1032702148.1673874684&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2213), with no line terminators
Hash e3aea032d62e286ef4e813972a28b854
cc5b1512996bfe5701f0e1aeedcaccb49e1a0924
d2b4e18e62438bb7e5ef26fde7fd218637c180462b1dc0c15483b3a97b50f10d
GET /pagead/viewthroughconversion/790050544/?random=1673874684085&cv=11&fst=1673874684085&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&auid=1032702148.1673874684&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 13:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 993
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Jan-2023 13:26:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230111/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 15 Jan 2023 22:41:44 GMT
expires: Sun, 29 Jan 2023 22:41:44 GMT
cache-control: public, max-age=1209600
age: 52181
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/reasons-bg-1.jpg
104.199.174.226200 OK 26 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/reasons-bg-1.jpg
IP 104.199.174.226:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1059, components 3\012- data
Hash 02e092c5f202def3e9eac031f95eb48c
3b4237e861aa593c0ee3aa82fbf8e4288cdf5d20
f09ef1cc5d6a8adf77b56ca0eaecabf79f203c54adc4b819dfcb80da9b3f66c1
GET /wp-content/uploads/2020/11/reasons-bg-1.jpg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Cookie: _gcl_au=1.1.1032702148.1673874684; _ga_P0PQP531VF=GS1.1.1673874684.1.0.1673874684.0.0.0; _ga=GA1.1.1242986659.1673874684; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-16%2013%3A11%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-16%2013%3A11%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Ctrm%3D4; sbjs_first=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Ctrm%3D4; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:24 GMT
content-type: image/jpeg
content-length: 25669
last-modified: Wed, 18 Nov 2020 04:56:01 GMT
etag: "5fb4a961-6445"
expires: Tue, 16 Jan 2024 13:11:24 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/p-testimonials-1.png
104.199.174.226200 OK 44 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/p-testimonials-1.png
IP 104.199.174.226:0
File type PNG image data, 515 x 515, 4-bit colormap, non-interlaced\012- data
Hash 5129082012a1cdc5ece89f3e6188f836
20d34ebc2acd372d68666fa593734f6ddaaa0dc7
787a65143a1dce74ed95f22008c82c03c5a85ad6f70ab2383b1911adacbb4f58
GET /wp-content/uploads/2020/11/p-testimonials-1.png HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Cookie: _gcl_au=1.1.1032702148.1673874684; _ga_P0PQP531VF=GS1.1.1673874684.1.0.1673874684.0.0.0; _ga=GA1.1.1242986659.1673874684; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-16%2013%3A11%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-16%2013%3A11%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Ctrm%3D4; sbjs_first=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Ctrm%3D4; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:24 GMT
content-type: image/png
content-length: 44384
last-modified: Wed, 18 Nov 2020 05:04:04 GMT
etag: "5fb4ab44-ad60"
expires: Tue, 16 Jan 2024 13:11:24 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/11/cta-bg-1.jpg
104.199.174.226200 OK 46 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/11/cta-bg-1.jpg
IP 104.199.174.226:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x769, components 3\012- data
Hash 2aecb34c19abfc82857e24a295304c34
be5c553d479b94d326d289586a059d2c44cd2927
172e470842d47668241da11a8e495b5fa3e5a3cb4c62b8cc9b794b3f52d3828b
GET /wp-content/uploads/2020/11/cta-bg-1.jpg HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Cookie: _gcl_au=1.1.1032702148.1673874684; _ga_P0PQP531VF=GS1.1.1673874684.1.0.1673874684.0.0.0; _ga=GA1.1.1242986659.1673874684; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-16%2013%3A11%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-16%2013%3A11%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Ctrm%3D4; sbjs_first=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Ctrm%3D4; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:24 GMT
content-type: image/jpeg
content-length: 46358
last-modified: Wed, 18 Nov 2020 05:58:11 GMT
etag: "5fb4b7f3-b516"
expires: Tue, 16 Jan 2024 13:11:24 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.ph/wp-content/uploads/2020/12/favicon.ico
104.199.174.226200 OK 1.2 kB URL HTTP/2 crezu.ph/wp-content/uploads/2020/12/favicon.ico
IP 104.199.174.226:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3c8ab0dad807a7a2e7b8222c08070f94
c7123a2cd64c91d5542b920d5abb3ddb0aa12402
7ab970a4b7b0d077f91ec990046d5610af466b333c6a8ee5a72018b2f79011c0
GET /wp-content/uploads/2020/12/favicon.ico HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Cookie: _gcl_au=1.1.1032702148.1673874684; _ga_P0PQP531VF=GS1.1.1673874684.1.0.1673874684.0.0.0; _ga=GA1.1.1242986659.1673874684; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-16%2013%3A11%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-16%2013%3A11%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Ctrm%3D4; sbjs_first=typ%3Dutm%7C%7C%7Csrc%3Daffiliation%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3Dleadbazaar%7C%7C%7Ccnt%3D63c54cf9c5c3ad0001c43d01%7C%7C%7Ctrm%3D4; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01; rsns_cnt_1=800231; rsns_cnt_2=1326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:24 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Sun, 06 Dec 2020 19:42:04 GMT
etag: "5fcd340c-47e"
expires: Tue, 16 Jan 2024 13:11:24 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6db0ab20925a64068987b60dd6f72f9a
38d0bea36fbf16ec63bec71cb3bbe743541458b1
74082ea963e7afe8094d2e187e40309b5848948822467c62f1ef0852ae688564
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4b5649f5553a4164fe8f5d6a7861657
2f22cc9acb845ca7a81a104463ebf94d3059ccf1
06ac062617836f62efe6321ef5a013c24d2a04160670a7f6f2e04c78aaf7ca4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/790050544/?random=1673874684085&cv=11&fst=1673874000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3348511530&rmt_tld=0&ipr=y
216.58.211.4200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/790050544/?random=1673874684085&cv=11&fst=1673874000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3348511530&rmt_tld=0&ipr=y
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/790050544/?random=1673874684085&cv=11&fst=1673874000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3348511530&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 13:11:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/790050544/?random=1673874684085&cv=11&fst=1673874000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3348511530&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/790050544/?random=1673874684085&cv=11&fst=1673874000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3348511530&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/790050544/?random=1673874684085&cv=11&fst=1673874000000&bg=ffffff&guid=ON&async=1>m=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&tiba=Fast%20Online%20Loans%20in%20Philippines%3A%201st%20Credit%20with%200%25%20-%20CREZU&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3348511530&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 13:11:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
crezu.ph/wp-includes/js/jquery/jquery-migrate.min.js
104.199.174.226200 OK 4.6 kB URL HTTP/2 crezu.ph/wp-includes/js/jquery/jquery-migrate.min.js
IP 104.199.174.226:0
Hash 19787351066fb2b07442961ccd61cdb2
5a831b973d68cd2d9c38ba41488df9365f4b4b60
3a10f58d38af628d6be1bfd5bd0eaa6db52ff60b7af983f0f85196ddda1f287e
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: application/javascript
last-modified: Fri, 22 Oct 2021 04:41:02 GMT
vary: Accept-Encoding
etag: W/"617240de-2bd8"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 63931ff97eb1381a053be3c3e3e15109
936c6ff2f38aa0533a06f3e86a83fda70fb55082
190074a5719a32e42ef57a8a5a2f68c70f0f67204e0fc18bf77afad64a7d418f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-146365158-1&cid=1242986659.1673874684&jid=1582344257&gjid=2061841338&_gid=262608569.1673874686&_u=YADAAEAAAAAAACAEK~&z=1085461700
74.125.131.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-146365158-1&cid=1242986659.1673874684&jid=1582344257&gjid=2061841338&_gid=262608569.1673874686&_u=YADAAEAAAAAAACAEK~&z=1085461700
IP 74.125.131.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-146365158-1&cid=1242986659.1673874684&jid=1582344257&gjid=2061841338&_gid=262608569.1673874686&_u=YADAAEAAAAAAACAEK~&z=1085461700 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://crezu.ph
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 16 Jan 2023 13:11:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9fce534630aa72d8eed86f47d054e241
b03d1933fe2a63c4e983992905e2145d187047e4
c5f23f70521f9fdea1d4b9180293c30d04e6476bad539415a073db4dc46334ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=crezu.ph
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=crezu.ph
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=crezu.ph HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 16 Jan 2023 13:11:25 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 63931ff97eb1381a053be3c3e3e15109
936c6ff2f38aa0533a06f3e86a83fda70fb55082
190074a5719a32e42ef57a8a5a2f68c70f0f67204e0fc18bf77afad64a7d418f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=crezu.ph&callback=_gfp_s_&client=ca-pub-6373705936907274&gpid_exp=1
142.250.74.34200 OK 247 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=crezu.ph&callback=_gfp_s_&client=ca-pub-6373705936907274&gpid_exp=1
IP 142.250.74.34:0
File type ASCII text, with very long lines (383), with no line terminators
Hash 2588c3857a38cf062797bb41426986eb
0db63e3623df0c549e1e936fc113209a55f09899
a9c04791f535771938f5fe08fb7a9a340fd97f4f49374adcb6ee0375c2429796
GET /gampad/cookie.js?domain=crezu.ph&callback=_gfp_s_&client=ca-pub-6373705936907274&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 16 Jan 2023 13:11:25 GMT
server: cafe
cache-control: private
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=crezu.ph
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=crezu.ph
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=crezu.ph HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 16 Jan 2023 13:11:25 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9fce534630aa72d8eed86f47d054e241
b03d1933fe2a63c4e983992905e2145d187047e4
c5f23f70521f9fdea1d4b9180293c30d04e6476bad539415a073db4dc46334ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=2589070887780218&ev=PageView&dl=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&rl=&if=false&ts=1673874686313&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673874686313.1899762065&it=1673874685819&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2589070887780218&ev=PageView&dl=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&rl=&if=false&ts=1673874686313&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673874686313.1899762065&it=1673874685819&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2589070887780218&ev=PageView&dl=https%3A%2F%2Fcrezu.ph%2F%3Futm_source%3Daffiliation%26utm_medium%3Dcpa%26utm_campaign%3Dleadbazaar%26utm_term%3D4%26utm_content%3D63c54cf9c5c3ad0001c43d01&rl=&if=false&ts=1673874686313&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673874686313.1899762065&it=1673874685819&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Jan 2023 13:11:25 GMT
X-Firefox-Spdy: h2
crezu.ph/wp-includes/js/jquery/jquery.min.js
104.199.174.226200 OK 32 kB URL HTTP/2 crezu.ph/wp-includes/js/jquery/jquery.min.js
IP 104.199.174.226:0
Hash c8f2d6ec91c5228c1d7a281f6e805235
a918fedb6eab0b62a10b95a3c11a67e020c521a5
7b76c60c14c7cafc39b28da35c01c3df14b258165a0986d2e32dfa6a1876bb49
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:23 GMT
content-type: application/javascript
last-modified: Fri, 22 Oct 2021 04:41:02 GMT
vary: Accept-Encoding
etag: W/"617240de-15db1"
expires: Tue, 16 Jan 2024 13:11:23 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019
216.58.211.3200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019
IP 216.58.211.3:0
File type ASCII text, with very long lines (2630)
Hash 07d9fc34dd6c802cd322fbf6610fd6e6
2ae9051b3d1d380e364c287f4d40dbd7dc3ac776
1ae14752e0fd53b7eab881df1cfeae4ac5c7279b2a7988e6502c9e33841bfdff
GET /mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4234
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 01:56:00 GMT
expires: Tue, 11 Apr 2023 01:56:00 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
content-type: text/javascript
age: 472525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ed6f1fcdd88bc8a644e866bcfa98fb62
b9943a1ea29959b43676aa014bf4fa31189f39c2
41fb30ab2a1a938ac81703724dc912c96dd82e3caebea9f6f262e8471312124a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ed6f1fcdd88bc8a644e866bcfa98fb62
b9943a1ea29959b43676aa014bf4fa31189f39c2
41fb30ab2a1a938ac81703724dc912c96dd82e3caebea9f6f262e8471312124a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/1361b6196af0d1e07082d1e4b1fa3dae.js?tag=text/vanilla_highlight
216.58.211.3200 OK 4.5 kB URL HTTP/2 www.gstatic.com/mysidia/1361b6196af0d1e07082d1e4b1fa3dae.js?tag=text/vanilla_highlight
IP 216.58.211.3:0
File type C++ source, ASCII text, with very long lines (1812)
Hash 27a508710464f863df3ded1a2fe0d268
3cc34753fe3e8a093f3041a40d10c2287f02d87b
22faed1b7b02490bc8c70376d433791bd078cdefa93895c6bbb54d797b5a0cc0
GET /mysidia/1361b6196af0d1e07082d1e4b1fa3dae.js?tag=text/vanilla_highlight HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 01:56:35 GMT
expires: Tue, 11 Apr 2023 01:56:35 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
content-type: text/javascript
age: 472490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f3ee298482e8025b16b90899b84c98d1
ce5050ce27200b3408a8e5113adcc7a8d14b4796
4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
172.217.21.161200 OK 8.9 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1569)
Hash 405113cd450d20a7a8794680fe6d9085
aa285e8e9e3a07ea817e5bbc81d36c40f3edfe40
884ddf0329fcc7c276fd337734c4454c42c4e9c8ca3ed4371d544c8c3acbdfd9
GET /pagead/js/r20230111/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8889
x-xss-protection: 0
date: Sun, 15 Jan 2023 19:08:53 GMT
expires: Sun, 29 Jan 2023 19:08:53 GMT
cache-control: public, max-age=1209600
age: 64952
etag: 3049769697470197148
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
172.217.21.161200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1506)
Hash 5b7f8f3b88683f1be8c3cd38c6eac34c
40ac969c50aa9e810c739114f36da64b9c0032c6
b058db00e166a46363182af58e3b632f131aa773e6721f14808c400ead7943a8
GET /pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7538
x-xss-protection: 0
date: Sun, 15 Jan 2023 19:13:19 GMT
expires: Sun, 29 Jan 2023 19:13:19 GMT
cache-control: public, max-age=1209600
age: 64686
etag: 18140588555649875417
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f3ee298482e8025b16b90899b84c98d1
ce5050ce27200b3408a8e5113adcc7a8d14b4796
4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 14:34:21 GMT
expires: Fri, 12 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
age: 340625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14563), with no line terminators
Hash 2c9aa1799a2e62367d7849f86404c3bd
a71b0fbc9b95865532fac2fc73c63c66644e1c5c
0dc236413af4575920846bccd97d4bb05ca58f1a8925161e62d785e7f84e8b34
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crezu.ph
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Mon, 16 Jan 2023 13:11:26 GMT
server: cafe
content-length: 10993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 00f7b7f85d9a3613966bbbfc30c86b3d
1c57b244c679d04425632265b8f93c95fe4bed4b
51f1c7a7ea904095a8ae3f6a7dd565445bdb17a6be638aac2e69b651a41164e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3767
Cache-Control: max-age=115790
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:27 GMT
Etag: "63c45f96-116"
Expires: Tue, 17 Jan 2023 21:21:17 GMT
Last-Modified: Sun, 15 Jan 2023 20:18:30 GMT
Server: ECS (amb/6BA2)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 00f7b7f85d9a3613966bbbfc30c86b3d
1c57b244c679d04425632265b8f93c95fe4bed4b
51f1c7a7ea904095a8ae3f6a7dd565445bdb17a6be638aac2e69b651a41164e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3767
Cache-Control: max-age=115790
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:11:27 GMT
Etag: "63c45f96-116"
Expires: Tue, 17 Jan 2023 21:21:17 GMT
Last-Modified: Sun, 15 Jan 2023 20:18:30 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9e620a90141f9ea77cc52b507002f08
4e57b352fec9a38214bf79c57acd0f2f57186af5
faf6f9c8e63039fff0d14175c85c0bbcc9258e0ff074076d65d7beb7d931e52a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAF6F9C8E63039FFF0D14175C85C0BBCC9258E0FF074076D65D7BEB7D931E52A"
Last-Modified: Sun, 15 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6461
Expires: Mon, 16 Jan 2023 14:59:08 GMT
Date: Mon, 16 Jan 2023 13:11:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9e620a90141f9ea77cc52b507002f08
4e57b352fec9a38214bf79c57acd0f2f57186af5
faf6f9c8e63039fff0d14175c85c0bbcc9258e0ff074076d65d7beb7d931e52a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAF6F9C8E63039FFF0D14175C85C0BBCC9258E0FF074076D65D7BEB7D931E52A"
Last-Modified: Sun, 15 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6431
Expires: Mon, 16 Jan 2023 14:58:38 GMT
Date: Mon, 16 Jan 2023 13:11:27 GMT
Connection: keep-alive
events.crezu.net/api/event
35.240.92.105204 No Content 0 B URL HTTP/1.1 events.crezu.net/api/event
IP 35.240.92.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/event HTTP/1.1
Host: events.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://crezu.ph/
Origin: https://crezu.ph
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 16 Jan 2023 13:11:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,X-API-KEY,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
events.crezu.net/api/event
35.240.92.105201 Created 0 B URL HTTP/1.1 events.crezu.net/api/event
IP 35.240.92.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/event HTTP/1.1
Host: events.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.ph/
Content-Type: application/json
Origin: https://crezu.ph
Content-Length: 246
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 16 Jan 2023 13:11:27 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-API-KEY,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
google.com/
142.250.74.14301 Moved Permanently 220 B IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 276bbb20c29087e88db63899fd8f9129
b52854d1f79de5ebeebf0160447a09c7a8c2cde4
5b61b0c2032b4aa9519d65cc98c6416c12415e02c7fbbaa1be5121dc75162edb
GET / HTTP/1.1
Host: google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clicfin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.google.com/
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Mon, 16 Jan 2023 13:11:27 GMT
expires: Mon, 16 Jan 2023 13:11:27 GMT
cache-control: private, max-age=2592000
server: gws
content-length: 220
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+839; expires=Wed, 15-Jan-2025 13:11:27 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d5a7d78a934e019572bffd8309c2e124
b8d6135f60ab93aa65301180136ad2d610a0925c
dd573f87e29550db1b2482578c878195e42182e0d2e275bab15583f918a18841
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 16:24:42 GMT
Expires: Sat, 21 Jan 2023 16:24:41 GMT
Etag: "b8d6135f60ab93aa65301180136ad2d610a0925c"
Cache-Control: max-age=442992,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718e3b9130b41-OSL
cdn.morecashpls.com/landings/css/push-v3.css
34.107.249.96200 OK 7.3 kB URL HTTP/2 cdn.morecashpls.com/landings/css/push-v3.css
IP 34.107.249.96:0
Hash 6fea55cbf2154e880da7c3ee70235618
6b40bce15a9d0937e152c600958ee9a15367d727
4be0b820715f7790c83bae5c2c632688039a7875d577c0813c3f139a386793aa
GET /landings/css/push-v3.css HTTP/1.1
Host: cdn.morecashpls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
content-length: 1254
date: Wed, 11 Jan 2023 10:08:06 GMT
expires: Wed, 18 Jan 2023 10:08:06 GMT
cache-control: max-age=604800,public
age: 443002
last-modified: Tue, 19 Jul 2022 08:15:29 GMT
etag: W/"62d66821-14e0"
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.morecashpls.com/landings/img/i-push-01.svg
34.107.249.96200 OK 1.4 kB URL HTTP/2 cdn.morecashpls.com/landings/img/i-push-01.svg
IP 34.107.249.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 050c4f432d5c68e5d8efc4afbda71930
635f6e484ce444e6f237899b553596f504722a41
5bacac65cd03f5724f8e242261b6cd170831f4783c2f46c5885a9c32fdf84850
GET /landings/img/i-push-01.svg HTTP/1.1
Host: cdn.morecashpls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
content-length: 1391
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google
date: Fri, 13 Jan 2023 20:40:33 GMT
expires: Fri, 20 Jan 2023 20:40:33 GMT
cache-control: max-age=604800,public
age: 232255
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
etag: "5e4d5e4b-56f"
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
clicfin.com/?gp=1
104.21.39.23200 OK 21 kB IP 104.21.39.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (386)
Hash 346f072d4f91e785bcb9009e8ed29960
5a9fc2b745a602a225ac2768f5a854be4210075e
a5de70e909fe6859b987fd44f2e969c33a0967f50b5b29bfb9ec298c66accce2
GET /?gp=1 HTTP/1.1
Host: clicfin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:11:27 GMT
content-type: text/html
last-modified: Mon, 02 Aug 2021 09:33:17 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTo10aOWwyE8kgM4EfzCz74QoBHjC%2F2jvMl2xQC9Mw6WAx%2FaAXr%2BZ%2FbPjI%2B3WmSwzY3jC%2BM6RszMEgldtGMVO%2BjOo4CuGJV5vVF5QgQ6PIFvGkEdtNWCaNRVEmJtag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a718dd3cf50b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.morecashpls.com/landings/img/i-push-close.svg
34.107.249.96200 OK 639 B URL HTTP/2 cdn.morecashpls.com/landings/img/i-push-close.svg
IP 34.107.249.96:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash a942d9fd63a2eebe28676f7c9c463596
06cb2b6fbc48a08c06dd5396b647e7d64d2d0c46
5e0440d1f014655b2a7c9a0ce23aa09e79d49d7afce588d3f7d54a89e92ceb6f
GET /landings/img/i-push-close.svg HTTP/1.1
Host: cdn.morecashpls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.ph/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
content-length: 639
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google
date: Sun, 15 Jan 2023 21:22:35 GMT
expires: Sun, 22 Jan 2023 21:22:35 GMT
cache-control: max-age=604800,public
age: 56933
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
etag: "5e4d5e4b-27f"
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d5a7d78a934e019572bffd8309c2e124
b8d6135f60ab93aa65301180136ad2d610a0925c
dd573f87e29550db1b2482578c878195e42182e0d2e275bab15583f918a18841
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 16:24:42 GMT
Expires: Sat, 21 Jan 2023 16:24:41 GMT
Etag: "b8d6135f60ab93aa65301180136ad2d610a0925c"
Cache-Control: max-age=442992,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718e45de70b69-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d5a7d78a934e019572bffd8309c2e124
b8d6135f60ab93aa65301180136ad2d610a0925c
dd573f87e29550db1b2482578c878195e42182e0d2e275bab15583f918a18841
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 16:24:42 GMT
Expires: Sat, 21 Jan 2023 16:24:41 GMT
Etag: "b8d6135f60ab93aa65301180136ad2d610a0925c"
Cache-Control: max-age=442992,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718e3cf24b521-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d5a7d78a934e019572bffd8309c2e124
b8d6135f60ab93aa65301180136ad2d610a0925c
dd573f87e29550db1b2482578c878195e42182e0d2e275bab15583f918a18841
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 16:24:42 GMT
Expires: Sat, 21 Jan 2023 16:24:41 GMT
Etag: "b8d6135f60ab93aa65301180136ad2d610a0925c"
Cache-Control: max-age=442992,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718e3cf1c0b49-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d5a7d78a934e019572bffd8309c2e124
b8d6135f60ab93aa65301180136ad2d610a0925c
dd573f87e29550db1b2482578c878195e42182e0d2e275bab15583f918a18841
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:11:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 16:24:42 GMT
Expires: Sat, 21 Jan 2023 16:24:41 GMT
Etag: "b8d6135f60ab93aa65301180136ad2d610a0925c"
Cache-Control: max-age=442991,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a718e3ccb0b51d-OSL
crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
104.199.174.226200 OK 0 B URL HTTP/2 crezu.ph/?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01
IP 104.199.174.226:0
GET /?utm_source=affiliation&utm_medium=cpa&utm_campaign=leadbazaar&utm_term=4&utm_content=63c54cf9c5c3ad0001c43d01 HTTP/1.1
Host: crezu.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:11:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://crezu.ph/>; rel=shortlink
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.106:0
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 16 Jan 2023 13:11:26 GMT
date: Mon, 16 Jan 2023 13:11:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2