crezu.co Open in urlscan Pro
35.201.243.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cru.si/nl99r
Effective URL:
https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-c...
Submission: On October 02 via manual (October 2nd 2023, 5:23:03 am UTC) from CO — Scanned from DE

Summary HTTP 91 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 13 domains to perform 91 HTTP transactions. The main IP is 35.201.243.240, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is crezu.co.
TLS certificate: Issued by R3 on August 16th 2023. Valid for: 3 months.

This is the only time crezu.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.21.60.93 104.21.60.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.241.222.91 35.241.222.91	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.90.63.227 34.90.63.227	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
32	35.201.243.240 35.201.243.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	35.201.76.189 35.201.76.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.77.94.206 34.77.94.206	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	35.240.92.105 35.240.92.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	108.177.15.155 108.177.15.155	15169 (GOOGLE) (GOOGLE)
2	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
1 6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
9	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
91	21

2 104.21.60.93 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cru.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.222.91 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.222.241.35.bc.googleusercontent.com

sl.crezu.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sl.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.63.227 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.63.90.34.bc.googleusercontent.com

track.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 35.201.243.240 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.243.201.35.bc.googleusercontent.com

crezu.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.201.76.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.76.201.35.bc.googleusercontent.com

cdn.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.77.94.206 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.94.77.34.bc.googleusercontent.com

workers.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.240.92.105 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.92.240.35.bc.googleusercontent.com

events.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	crezu.co 1 redirects sl.crezu.co crezu.co	755 KB
18	crezu.net 1 redirects track.crezu.net — Cisco Umbrella Rank: 841925 cdn.crezu.net — Cisco Umbrella Rank: 635254 workers.crezu.net — Cisco Umbrella Rank: 756469 sl.crezu.net — Cisco Umbrella Rank: 805029 events.crezu.net — Cisco Umbrella Rank: 636098	470 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	339 KB
7	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	142 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 270 www.google.com — Cisco Umbrella Rank: 11	1 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	602 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	88 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	161 KB
2	cru.si 2 redirects cru.si	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	58 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
91	13

	Domain	Requested by
32	crezu.co	crezu.co
13	cdn.crezu.net	crezu.co cdn.crezu.net
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
3	analytics.google.com	www.googletagmanager.com
2	www.googleadservices.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	crezu.co
2	events.crezu.net	cdn.crezu.net
2	connect.facebook.net	cdn.crezu.net connect.facebook.net
2	www.googletagmanager.com	cdn.crezu.net www.googletagmanager.com
2	cru.si	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	sl.crezu.net	cdn.crezu.net
1	workers.crezu.net	cdn.crezu.net
1	track.crezu.net	1 redirects
1	sl.crezu.co	1 redirects
91	23

This site contains links to these domains. Also see Links.

Domain
track.crezu.net
unsub.crezu.net
play.google.com
crezu.es
crezu.mx
crezu.pe
crezu.pl
crezu.ro
crezu.kz
crezu.ph
crezu.vn
crezu.lk

Subject Issuer	Validity	Valid
crezu.co R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
cdn.crezu.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-29` - `2023-12-30`	a year	crt.sh
workers.crezu.net R3	`2023-08-18` - `2023-11-16`	3 months	crt.sh
sl.crezu.net R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-11` - `2023-10-09`	3 months	crt.sh
events.crezu.net R3	`2023-08-27` - `2023-11-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Frame ID: C9330EC5A4EB0F481034B62FC3BA08A5
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: A558BA19742DA0FE1080D9CF5AB0D54C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=5732873755&adk=3816831865&adf=4183771420&pi=t.ma~as.5732873755&w=900&fwrn=4&fwrnh=100&lmt=1693286419&rafmt=1&format=900x280&url=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696224179260&bpp=3&bdt=2591&idt=354&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&correlator=3449489599742&frm=20&pv=2&ga_vid=815154458.1696224179&ga_sid=1696224180&ga_hid=763844163&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078142%2C31078202%2C31078258%2C44795922%2C44801993%2C31078320%2C44803790&oid=2&pvsid=4180108639442109&tmod=1074864421&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5EyxjSCx2V&p=https%3A//crezu.co&dtd=377
Frame ID: A850B3ACA7747C7C7D76F0F9B1A88D05
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&adk=1812271804&adf=3025194257&lmt=1693286419&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696224179277&bpp=1&bdt=2608&idt=371&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&prev_fmts=900x280&nras=1&correlator=3449489599742&frm=20&pv=1&ga_vid=815154458.1696224179&ga_sid=1696224180&ga_hid=763844163&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078142%2C31078202%2C31078258%2C44795922%2C44801993%2C31078320%2C44803790&oid=2&pvsid=4180108639442109&tmod=1074864421&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=382
Frame ID: 578B5DFFC6FD41861A7B3EDD20B5E329
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&adk=1812271804&adf=1573534164&lmt=1693286419&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696224179279&bpp=1&bdt=2609&idt=397&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&prev_fmts=900x280%2C0x0&nras=2&correlator=3449489599742&frm=20&pv=1&ga_vid=815154458.1696224179&ga_sid=1696224180&ga_hid=763844163&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078142%2C31078202%2C31078258%2C44795922%2C44801993%2C31078320%2C44803790&oid=2&pvsid=4180108639442109&tmod=1074864421&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=401
Frame ID: 9ABAC16365CEEFB295102C8E0924674F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: E15AFB9B0E794C1079CDFDC9BFD924B3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
Frame ID: 8757A9DA5AFF802939DC414CEDD98D70
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA94C6780883D3FB9648C029DE58B094
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 501D774DE22873B22AE891964CC98973
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tus ofertas personales de préstamos en Crezu.co

Page URL History Show full URLs

http://cru.si/nl99r HTTP 301
https://cru.si/nl99r HTTP 302
https://sl.crezu.co/crm?lead_id=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d... HTTP 302
https://track.crezu.net/click?offer_id=250&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&pid=2&sub2=co-sms-w... HTTP 302
https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-re... Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

91
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

23
Subdomains

21
IPs

6
Countries

2062 kB
Transfer

4697 kB
Size

20
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://track.crezu.net/click?offer_id=313&pid=2&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2-landing-offers&sub4=0&sub3=sl-crm&sub6=65&r=611
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=411&pid=2&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2-landing-offers&sub4=1&sub3=sl-crm&sub6=65&r=281
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=487&pid=2&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2-landing-offers&sub4=2&sub3=sl-crm&sub6=65&r=504
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=283&pid=2&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2-landing-offers&sub4=3&sub3=sl-crm&sub6=65&r=2
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=554&pid=2&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2-landing-offers&sub4=4&sub3=sl-crm&sub6=65&r=980
Title: Solicítala ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=312&pid=2&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2-landing-offers&sub4=5&sub3=sl-crm&sub6=65&r=494
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=369&pid=2&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2-landing-offers&sub4=6&sub3=sl-crm&sub6=65&r=918
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=89&pid=2&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2-landing-offers&sub4=7&sub3=sl-crm&sub6=65&r=367
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=253&pid=2&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2-landing-offers&sub4=8&sub3=sl-crm&sub6=65&r=638
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://unsub.crezu.net/gdpr?country=CO
Title: Darse de baja

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=co.crezu.app&referrer=utm_source%3D(direct)%26utm_medium%3D(none)%26utm_term%3D(none)%26utm_content%3D(none)%26utm_campaign%3D(none)%26gclid%3D

Search URL Search Domain Scan URL

URL: https://crezu.es/

Search URL Search Domain Scan URL

URL: https://crezu.mx/

Search URL Search Domain Scan URL

URL: https://crezu.pe/

Search URL Search Domain Scan URL

URL: https://crezu.pl/

Search URL Search Domain Scan URL

URL: https://crezu.ro/

Search URL Search Domain Scan URL

URL: https://crezu.kz/

Search URL Search Domain Scan URL

URL: https://crezu.ph/

Search URL Search Domain Scan URL

URL: https://crezu.vn/

Search URL Search Domain Scan URL

URL: https://crezu.lk/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cru.si/nl99r HTTP 301
https://cru.si/nl99r HTTP 302
https://sl.crezu.co/crm?lead_id=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&landing=offers HTTP 302
https://track.crezu.net/click?offer_id=250&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&pid=2&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub6=65&sub4=0 HTTP 302
https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://googleads.g.doubleclick.net/pagead/adview?ai=CL1Ies1MaZY6LKNjG7_UPuJSWuA_Et7OAc5rau6TkEKSIhZ4LEAEgz8OZc2DJBqABq-yvtgLIAQmpAuaFNZjAB4M-qAMByAPLBKoE4QJP0H5WU9H_aEEIe8lbd84z5zffLeRNlktqIBTTWabUagR0czVlkHtIZpR2ICTDuOI7dU1BjkzIHkUIUKfiYb-oywWeO23tm0kIePRseauI8oUbazHItcZaRAUATDyFoKawS4_x32ZgB4poZG6qUpYQBL_oYP9Decs39eFZQQj2bVP3xrS44DmtWPWMCFd_7iFYcfhkUvs1g5vajug149GC8L5Fd7FeEPxyJcfpFybCTows8yq6iJOK4gh6d46qz7jEmVBHRmq5OqrNxwF2HayE9HV_4x3zV9WUDw_P_cvTlIyFE_Kjs4mE2iNT9ABoBvJ1dRTON1jEn7u_SQwk2gMR89k2BbZaQrsCc8qwEKgGqlIjHgTZYU-TZAX2RGCdyswdSxjEMmR7KtsCsKUEQxumCYsvbsrE_gN7PLhcGZITfcHQse-9DerfNWr4vBO6tDQ8TqQOOFSX1abpqOVS9oeQDsAE3vTGipEEiAXk1LOoRpIFBAgEGAGSBQQIBRgEoAYugAe9k9DJAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPb6FdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgk2aHR0cHM6Ly93d3cubWV0cm9vcGluaW9uLmNvbS91cy8_cGJpZD1NVFl6T0RwdFpYUnlidz09gAoByAsB2gwQCgoQ8MiJzMXa8L1PEgIBA7gT5APYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNjM3MzcwNTkzNjkwNzI3NBgA&sigh=EePrgT8gWw4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNxDPjUhy9GE9LozfW5qK-yifeBL_8XRgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe42509e8c8a51a500000000000000000%22,%222%22:%220xa5621124ef37f3420000000000000000%22,%223%22:%220x285549dd3749bf0000000000000000%22,%224%22:%220xe5c3cdee75952e30000000000000000%22,%225%22:%220xe028ce4e24b9e0360000000000000000%22},%22debug_key%22:%2215621826217028045987%22,%22debug_reporting%22:true,%22destination%22:%22https://metroopinion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22650901035%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212725643378276852737%22}&andc=true

91 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
crezu.co/landing/offers/
Redirect Chain

http://cru.si/nl99r
https://cru.si/nl99r
https://sl.crezu.co/crm?lead_id=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&landing=offers
https://track.crezu.net/click?offer_id=250&sub1=85574f7e2eb649d18ba7c3aa5e9cd222&pid=2&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub6=65&sub4=0
https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=

50 KB
10 KB

707ms
228ms

Document
text/html

35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

240.243.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

4c43990b8d646a9f0d861e3a38a26793f38ed3f60ae6e0781e07392d35581df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 02 Oct 2023 05:22:56 GMT
etag: W/"64ed9c33-c69a"
expires: Mon, 02 Oct 2023 05:22:55 GMT
last-modified: Tue, 29 Aug 2023 07:20:19 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Mon, 02 Oct 2023 05:22:55 GMT
location: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H2 200 78ed31f.modern.js Show response
crezu.co/_nuxt/ 3 KB
2 KB 229ms
227ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/78ed31f.modern.js
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e684ccfb7c1831eac79cf74a9a5b296cd3f6f69cf7c5e39a9e2de4d9a49ad25

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Origin: https://crezu.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: W/"64ed9c28-d15"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 fd75ef8.modern.js Show response
crezu.co/_nuxt/ 253 KB
81 KB 239ms
237ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/fd75ef8.modern.js
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: de0b87194f8d482fa3de096066b21a6f4d9b506ca8ff4fd5a8bede856b554e35

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Origin: https://crezu.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: W/"64ed9c28-3f3af"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 0e8dac5.modern.js Show response
crezu.co/_nuxt/ 399 KB
122 KB 663ms
661ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/0e8dac5.modern.js
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2e874605ba7234deb81c3e78a86be201d57746f632cb59a5fcac8aec4033f3ef

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Origin: https://crezu.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: W/"64ed9c28-63b05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 0163173.modern.js Show response
crezu.co/_nuxt/ 162 KB
37 KB 663ms
661ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/0163173.modern.js
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 29923470e0a2cf223fbd782e1fc876858c9c86c1d0da27ffeec3fa44dfde6e56

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Origin: https://crezu.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: W/"64ed9c28-28930"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 db77072.modern.js Show response
crezu.co/_nuxt/ 433 B
512 B 663ms
662ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/db77072.modern.js
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: baacb9354c9828095b1bd82134fa9874ce379139d276b424695a136ce085b9a3

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Origin: https://crezu.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: W/"64ed9c28-1b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 75fdf1b.modern.js Show response
crezu.co/_nuxt/ 47 KB
10 KB 664ms
662ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/75fdf1b.modern.js
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 448ee7b893d252c24c3a8202f352729d3ef9673706b09c781b6d2ad0bb2f9dce

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Origin: https://crezu.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: W/"64ed9c28-bcff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 d7b5e70.modern.js Show response
crezu.co/_nuxt/ 30 KB
6 KB 664ms
662ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/d7b5e70.modern.js
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2946918cad4885d884f2e134ba25935c5e54c3c29e7a4a831b7c96d1f82541e8

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Origin: https://crezu.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: W/"64ed9c28-7877"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 state.js Show response
crezu.co/_nuxt/static/1693293605/landing/offers/ 2 KB
1 KB 664ms
663ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/static/1693293605/landing/offers/state.js
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 39a3faa318d7f32986693e35e5e36b5b5904189a7e41d4ec6e4cfd2059e26c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:19 GMT
server: nginx
etag: W/"64ed9c33-79a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 payload.js Show response
crezu.co/_nuxt/static/1693293605/landing/offers/ 80 B
308 B 664ms
663ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/static/1693293605/landing/offers/payload.js
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a7ef29d3fc71e75ad570a2faaa78d65cf17d29c8bffc019145d1d9599e01265d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:19 GMT
server: nginx
etag: W/"64ed9c33-50"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 manifest.js Show response
crezu.co/_nuxt/static/1693293605/ 515 B
447 B 664ms
663ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/static/1693293605/manifest.js
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ad8b9da1df9f3fad52543590d6fa507d65b87ed6361266698fe671d565a61bee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:22 GMT
server: nginx
etag: W/"64ed9c36-203"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 SFProDisplay-Bold.woff2
crezu.co/fonts/SF_Pro_Display/ 96 KB
97 KB 629ms
628ms Font
application/octet-stream 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://crezu.co/fonts/SF_Pro_Display/SFProDisplay-Bold.woff2

Requested by

Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

240.243.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

32b6db04338d853de4148e775afcacadfb2d0bd3e8f10192916f6688f34c6005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Origin: https://crezu.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: "64ed9c28-18198"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 98712
x-xss-protection: 1; mode=block
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 SFProDisplay-Medium.woff2
crezu.co/fonts/SF_Pro_Display/ 97 KB
98 KB 629ms
628ms Font
application/octet-stream 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://crezu.co/fonts/SF_Pro_Display/SFProDisplay-Medium.woff2

Requested by

Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

240.243.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

b8da67821e588e3ee5516083d99f1d9907c23a24fcb52dfb3c57cd38924dcef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Origin: https://crezu.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: "64ed9c28-184f4"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 99572
x-xss-protection: 1; mode=block
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 SFProDisplay-Semibold.woff2
crezu.co/fonts/SF_Pro_Display/ 98 KB
98 KB 629ms
628ms Font
application/octet-stream 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://crezu.co/fonts/SF_Pro_Display/SFProDisplay-Semibold.woff2

Requested by

Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

240.243.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e80a61b2cbc6d6b3b3ed8b50bcd8f6a89f8f5b69460e03f47defe0554c3220d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Origin: https://crezu.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: "64ed9c28-18820"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 100384
x-xss-protection: 1; mode=block
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 financial-services.webp
crezu.co/img/ 171 KB
170 KB 615ms
611ms Image
image/webp 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crezu.co/img/financial-services.webp

Requested by

Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

240.243.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ad3475c7f4d70164e0c35e41f5e0af761328897f7a9f374759623ee496dbd65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-2acf0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 logo.svg
crezu.co/img/ 10 KB
4 KB 615ms
611ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/logo.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: be4fe1eb14331ddfa357dee65ac3e9d82400e3b185b05e3f09dbf2f9019b6a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-289f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_spain.svg
crezu.co/img/seo/ 803 B
616 B 616ms
611ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_spain.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 40f9822c8aa42d2c8a21edff1ff8f3f47e3c609819930c2d600dc6a9a68f3449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-323"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_argentina.svg
crezu.co/img/seo/ 1 KB
698 B 616ms
612ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_argentina.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e7da03dcb705259d9e3140bcca74fd52572666e3fd4ef9cd4882071962453fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-404"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_mexico.svg
crezu.co/img/seo/ 1 KB
775 B 616ms
612ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_mexico.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2a45c21b79433a9b4d6b55022af7dee5406a06a1de25875d3e9df6a0a0ff625a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-517"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_colombia.svg
crezu.co/img/seo/ 657 B
575 B 616ms
612ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_colombia.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8e2db6817343453d09b11709dc52332a605a51f24b22eed7673233ea8c7c90e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-291"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_peru.svg
crezu.co/img/seo/ 698 B
563 B 616ms
613ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_peru.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e20cf94885ec9fde4b91cfbb735ec0fbd84a9bf25a9eefa1d6ae6570ca737d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-2ba"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_poland.svg
crezu.co/img/seo/ 506 B
484 B 617ms
613ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_poland.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 56de204768600e666186737da41e893c7d3aacaea1c39fd80465f44392714d4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-1fa"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_romania.svg
crezu.co/img/seo/ 843 B
646 B 617ms
613ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_romania.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7b5795481ec5bafcc6dda4c3733dd67cd3e0de518f3a8b88b0ed4773540af566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-34b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_kazakhstan.svg
crezu.co/img/seo/ 1 KB
797 B 617ms
614ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_kazakhstan.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d0b8a0387614fa2bc4041cc1415388e91bd1c645231e778dfb7bc7d2475ad638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-503"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_philippines.svg
crezu.co/img/seo/ 2 KB
958 B 617ms
614ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_philippines.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba95cea0a3170d231a5d438b5089087b61dfbe09d8daa9140d2dcd14a6f5f922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-6bd"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_vietnam.svg
crezu.co/img/seo/ 606 B
553 B 617ms
615ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_vietnam.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1a538319189aa95195c40dd14147a90955ee910e191413c04270d842aabe0902

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-25e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 countryball_sri-lanka.svg
crezu.co/img/seo/ 2 KB
975 B 618ms
615ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/img/seo/countryball_sri-lanka.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e6375eb224adafea4e71b197cfe5408a0b0d8b26f6f68649b0fe69977e48166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:56 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:07 GMT
server: nginx
etag: W/"64ed9c27-649"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:56 GMT

GET
H2 200 dd92d21.modern.js Show response
crezu.co/_nuxt/ 25 KB
5 KB 228ms
228ms Script
application/javascript 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://crezu.co/_nuxt/dd92d21.modern.js
Requested by: Host: crezu.co
URL: https://crezu.co/_nuxt/78ed31f.modern.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b08ee3a8015b3308f8be3f7ccebc5a6df74efbc11ae4a242614ec65e11a17a97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5=&sub6=65&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:57 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:08 GMT
server: nginx
etag: W/"64ed9c28-6485"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:57 GMT

GET
H2 200 style.css
cdn.crezu.net/offers/dist/ 60 KB
11 KB 121ms
11ms Stylesheet
text/css 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/dist/style.css
Requested by: Host: crezu.co
URL: https://crezu.co/_nuxt/d7b5e70.modern.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 850fab2afc7a8fb851cfb9e7b710c087b8004caf3f6b132ce0aec5185bf7a5b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 11:18:40 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 22 Sep 2023 10:41:10 GMT
server: nginx/1.14.0 (Ubuntu)
age: 237858
etag: W/"650d6f46-f04c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11030
expires: Fri, 06 Oct 2023 11:18:40 GMT

GET
H2 200 offers.iife.js Show response
cdn.crezu.net/offers/dist/ 199 KB
60 KB 123ms
13ms Script
application/javascript 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Requested by: Host: crezu.co
URL: https://crezu.co/_nuxt/d7b5e70.modern.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d21402f293010583d285f7244295551849ebee3de56c5286be72c294a4984eaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 13:15:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 22 Sep 2023 10:41:10 GMT
server: nginx/1.14.0 (Ubuntu)
age: 230850
etag: W/"650d6f46-31af1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61429
expires: Fri, 06 Oct 2023 13:15:28 GMT

GET
H2 200 common.js Show response
cdn.crezu.net/common/dist/ 188 KB
55 KB 112ms
23ms Script
application/javascript 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/common/dist/common.js
Requested by: Host: crezu.co
URL: https://crezu.co/_nuxt/0e8dac5.modern.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 18a49454b27284f8a409abfe02ee82f6aca81c42481091e6710bc2d8aa2ade16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 13:28:04 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 11 Sep 2023 15:37:30 GMT
server: nginx/1.14.0 (Ubuntu)
age: 230094
etag: W/"64ff343a-2f130"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56489
expires: Fri, 06 Oct 2023 13:28:04 GMT

GET
H/1.1 200
OK / Show response
workers.crezu.net/geoip/ 53 B
521 B 101ms
23ms Fetch
application/json 34.77.94.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://workers.crezu.net/geoip/
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.77.94.206 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.94.77.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 18dc7efbbf35c8f5b68c067252948fef7a3562c01163b73cacd0202ef9a4857f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 05:22:58 GMT
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
Content-Length: 53

GET
H/1.1 200
OK sl-feed Show response
sl.crezu.net/ 51 B
534 B 142ms
54ms XHR
application/json 35.241.222.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sl.crezu.net/sl-feed?lead_id=85574f7e2eb649d18ba7c3aa5e9cd222&page=landing-offers&direction=swap
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.222.91 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.222.241.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3aa9db77c3faef7b08a5973b028736291dd75e782def0d4186513d6d7361e9b6

Request headers

Accept: application/json, text/plain, */*
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 05:22:58 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
Content-Length: 51

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
70 KB 359ms
27ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2L3S7P

Requested by

Host: cdn.crezu.net
URL: https://cdn.crezu.net/common/dist/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

298061b6485d501a620524df1008bbd2b70668d268b144c1714795a6fe8cbd73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71015
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Oct 2023 05:22:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 333ms
9ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.crezu.net
URL: https://cdn.crezu.net/common/dist/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Oct 2023 05:22:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53277
x-xss-protection: 0
pragma: public
x-fb-debug: IP1i/ty7B56Yia9smsHJzCI1GWYJYgblT6HMWy/c428eI9z9+2c7vGY/j8eTUgWy56IDEcD2NOQli/c25ZB71w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 google-play-badge.svg
crezu.co/svg/ 8 KB
3 KB 227ms
226ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/svg/google-play-badge.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff93bde29a517354bff84cdb622cd420f370026d74babb9a61a04f0d4b796d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:58 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:06 GMT
server: nginx
etag: W/"64ed9c26-1f38"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:22:58 GMT

GET
H2 200 co_feed.json Show response
cdn.crezu.net/offers_data/configs/ 34 KB
4 KB 48ms
21ms XHR
application/json 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers_data/configs/co_feed.json
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 906dc44f440b886d8a4395dc6c7b40f7f3aa0a9e216a5cf84bb3a258be04bb0c

Request headers

Accept: application/json, text/plain, */*
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:58 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 28 Sep 2023 22:04:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6515f861-89b6"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H/1.1 204
No Content event
events.crezu.net/api/ Frame 0
0 90ms
20ms Preflight
text/plain 35.240.92.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://events.crezu.net/api/event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.240.92.105 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.92.240.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://crezu.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,X-API-KEY,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 02 Oct 2023 05:22:58 GMT
Server: nginx/1.18.0 (Ubuntu)

POST
H/1.1 201
Created event Show response
events.crezu.net/api/ 0
402 B 27ms
27ms Fetch 35.240.92.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://events.crezu.net/api/event
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.240.92.105 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.92.240.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 02 Oct 2023 05:22:58 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-API-KEY,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H2 200 wadana.svg
cdn.crezu.net/offers_data/images/ 4 KB
5 KB 27ms
23ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/wadana.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 78d51eb7ffd10c4fbc0925d82deb6a2e5380a365723dd0dba6b8aee83d740201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:58 GMT
via: 1.1 google
last-modified: Tue, 05 Sep 2023 13:15:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64f729fc-11c2"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4546
expires: Mon, 09 Oct 2023 05:22:58 GMT

GET
H2 200 rayo.svg
cdn.crezu.net/offers_data/images/ 27 KB
27 KB 28ms
24ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/rayo.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 16a688ce02e20635d5a86ce51ebc4bc91d51088412498a45b45100436d2c8c3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:58 GMT
via: 1.1 google
last-modified: Tue, 05 Sep 2023 13:15:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64f729fc-6c20"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27680
expires: Mon, 09 Oct 2023 05:22:58 GMT

GET
H2 200 dr-peso_logo_1.svg
cdn.crezu.net/offers_data/images/ 3 KB
4 KB 25ms
21ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/dr-peso_logo_1.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e255273ab58ef2026608b575f0c3a90c4b6ed5b47efeac22b2036c03c0aaf31b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 01:47:57 GMT
via: 1.1 google
last-modified: Wed, 14 Sep 2022 13:37:35 GMT
server: nginx/1.14.0 (Ubuntu)
age: 12901
etag: "6321d91f-d94"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3476
expires: Mon, 09 Oct 2023 01:47:57 GMT

GET
H2 200 presta-en-linea.svg
cdn.crezu.net/offers_data/images/ 13 KB
13 KB 27ms
23ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/presta-en-linea.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6eb40ce5abb2c8d309e59854fffaf57b87ee2a4a3e5bfd5d5a1919498e8c8067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:58 GMT
via: 1.1 google
last-modified: Tue, 05 Sep 2023 13:15:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64f729fc-3463"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13411
expires: Mon, 09 Oct 2023 05:22:58 GMT

GET
H2 200 bbva_card.png
cdn.crezu.net/offers_data/images/ 103 KB
103 KB 17ms
14ms Image
image/png 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/bbva_card.png
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c3c34de642bb96fa96f4bdc2406ddd5fed47f1e4ffa5a73d8eb0d53092483b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 00:25:06 GMT
via: 1.1 google
last-modified: Tue, 05 Apr 2022 11:30:53 GMT
server: nginx/1.14.0 (Ubuntu)
age: 104272
etag: "624c286d-19ad2"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105170
expires: Sun, 08 Oct 2023 00:25:06 GMT

GET
H2 200 holacredy.svg
cdn.crezu.net/offers_data/images/ 4 KB
4 KB 26ms
23ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/holacredy.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3764419f41844eb644d48b3445f3a81370088a4dbeced4314af67a84c404cc75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:58 GMT
via: 1.1 google
last-modified: Tue, 05 Sep 2023 13:15:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64f729fc-f6d"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3949
expires: Mon, 09 Oct 2023 05:22:58 GMT

GET
H2 200 desvarum.svg
cdn.crezu.net/offers_data/images/ 5 KB
5 KB 30ms
28ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/desvarum.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c85b00c781c8067679b3b36492384671e921acb2f912bae134e3744dcdd06220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:58 GMT
via: 1.1 google
last-modified: Tue, 05 Sep 2023 13:15:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64f729fc-1511"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5393
expires: Mon, 09 Oct 2023 05:22:58 GMT

GET
H2 200 rapicredit.svg
cdn.crezu.net/offers_data/images/ 12 KB
12 KB 24ms
21ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/rapicredit.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 495038404ebdc4f45b1611643205b038f26238781b06a804ae5a460d3124ce76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 21:52:33 GMT
via: 1.1 google
last-modified: Tue, 05 Sep 2023 13:15:40 GMT
server: nginx/1.14.0 (Ubuntu)
age: 27025
etag: "64f729fc-2fdb"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12251
expires: Sun, 08 Oct 2023 21:52:33 GMT

GET
H2 200 Dinero_2.svg
cdn.crezu.net/offers_data/images/ 165 KB
165 KB 30ms
28ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/Dinero_2.svg
Requested by: Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 61468f8f9d7a457b03dbef98d6f51ba7da537e73d567ececcb959252ccea7b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:58 GMT
via: 1.1 google
last-modified: Thu, 25 Aug 2022 10:57:02 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6307557e-293e9"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168937
expires: Mon, 09 Oct 2023 05:22:58 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70e4f06afb616e6a1f73c494f05d0c4615729cdc4570efd6c41f6eef607425e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1094441194305104 Show response
connect.facebook.net/signals/config/ 131 KB
35 KB 204ms
204ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1094441194305104?v=2.9.131&r=stable&domain=crezu.co

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

b39d354e33d0f0291d80a99bf27457ed8171759813d524e5bc3fe26d3152c5b2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Oct 2023 05:22:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: w+wgzdJRxW2QCRCbqBl0tn3qsDwpGZsN1VmttAWSUHS/iZtoKJDb+2Q/CiM7e5u9zommdWMszmjTLv9431NdnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 445ms
104ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2L3S7P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

4ad37591caad98e38034f270e41ff344450e7c504f6330a8ea29b90b1ee8250a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50777
x-xss-protection: 0
server: cafe
etag: 15580180420020652211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 05:22:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 29ms
28ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6PKQXGNQ6L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2L3S7P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b87ce3ad9bcd1db6926077e2fe133d047f197ba00e922b110f0e8d576fd84461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Oct 2023 05:22:58 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
249 B 368ms
16ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6PKQXGNQ6L&gtm=45je39r0&_p=763844163&_gaz=1&cid=815154458.1696224179&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696224178&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&dt=Tus%20ofertas%20personales%20de%20pr%C3%A9stamos%20en%20Crezu.co&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PKQXGNQ6L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 05:22:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crezu.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 374ms
21ms Ping
text/plain 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6PKQXGNQ6L&cid=815154458.1696224179&gtm=45je39r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PKQXGNQ6L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 05:22:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crezu.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 364ms
17ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6PKQXGNQ6L&gtm=45je39r0&_p=763844163&cid=815154458.1696224179&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696224178&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&dt=Tus%20ofertas%20personales%20de%20pr%C3%A9stamos%20en%20Crezu.co&en=feedSubmitted&_c=1&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PKQXGNQ6L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 05:22:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crezu.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 335ms
9ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1094441194305104&ev=PageView&dl=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&rl=&if=false&ts=1696224178968&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=30&fbp=fb.1.1696224178966.554793944&ler=empty&it=1696224178743&coo=false&exp=a1&rqm=GET

Requested by

Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Oct 2023 05:22:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 335ms
10ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1094441194305104&ev=feedSubmitted&dl=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&rl=&if=false&ts=1696224178969&cd[positions]=9&cd[source]=co-sms-welcome-returning5d2&cd[wall]=new-landing-offers&cd[withBrokers]=false&sw=1600&sh=1200&v=2.9.131&r=stable&ec=1&o=30&fbp=fb.1.1696224178966.554793944&ler=empty&it=1696224178743&coo=false&exp=a1&rqm=GET

Requested by

Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Oct 2023 05:22:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/ 380 KB
129 KB 231ms
230ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a73adb4a8b9282eb02b937beba8e600c8c5c4f09b95a829f6711e9588d7514cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131810
x-xss-protection: 0
server: cafe
etag: 18165917502637958843
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 05:22:59 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame A558 9 KB
4 KB 337ms
9ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 19:22:01 GMT
etag: 6119613530591461916
expires: Sun, 15 Oct 2023 19:22:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
602 B 358ms
20ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=crezu.co&callback=_gfp_s_&client=ca-pub-6373705936907274

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

3900e7430738a95782f587fc11f5fab5099a324f1d79d169e435d021999f8458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A850 113 KB
39 KB 572ms
571ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=5732873755&adk=3816831865&adf=4183771420&pi=t.ma~as.5732873755&w=900&fwrn=4&fwrnh=100&lmt=1693286419&rafmt=1&format=900x280&url=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696224179260&bpp=3&bdt=2591&idt=354&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&correlator=3449489599742&frm=20&pv=2&ga_vid=815154458.1696224179&ga_sid=1696224180&ga_hid=763844163&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078142%2C31078202%2C31078258%2C44795922%2C44801993%2C31078320%2C44803790&oid=2&pvsid=4180108639442109&tmod=1074864421&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5EyxjSCx2V&p=https%3A//crezu.co&dtd=377

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

3049973054cd161d50be350f386e600310c655a00d9dfc3ac0468160724e6b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39719
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 05:23:00 GMT
expires: Mon, 02 Oct 2023 05:23:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 578B 185 KB
48 KB 1046ms
1045ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&adk=1812271804&adf=3025194257&lmt=1693286419&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696224179277&bpp=1&bdt=2608&idt=371&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&prev_fmts=900x280&nras=1&correlator=3449489599742&frm=20&pv=1&ga_vid=815154458.1696224179&ga_sid=1696224180&ga_hid=763844163&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078142%2C31078202%2C31078258%2C44795922%2C44801993%2C31078320%2C44803790&oid=2&pvsid=4180108639442109&tmod=1074864421&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=382

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

acdd91922d83587f2ceaddb264f626726cce0eca525f8c796a920b8669fd918f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48641
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 05:23:00 GMT
expires: Mon, 02 Oct 2023 05:23:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9ABA 162 KB
46 KB 908ms
908ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&adk=1812271804&adf=1573534164&lmt=1693286419&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696224179279&bpp=1&bdt=2609&idt=397&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&prev_fmts=900x280%2C0x0&nras=2&correlator=3449489599742&frm=20&pv=1&ga_vid=815154458.1696224179&ga_sid=1696224180&ga_hid=763844163&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078142%2C31078202%2C31078258%2C44795922%2C44801993%2C31078320%2C44803790&oid=2&pvsid=4180108639442109&tmod=1074864421&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=401

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c34c950d8d318c2aa56a682f5f13a7f612540e53c090e6a805202a15654cc325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46716
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 05:23:00 GMT
expires: Mon, 02 Oct 2023 05:23:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame A850 4 KB
1 KB 360ms
21ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=5732873755&adk=3816831865&adf=4183771420&pi=t.ma~as.5732873755&w=900&fwrn=4&fwrnh=100&lmt=1693286419&rafmt=1&format=900x280&url=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696224179260&bpp=3&bdt=2591&idt=354&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&correlator=3449489599742&frm=20&pv=2&ga_vid=815154458.1696224179&ga_sid=1696224180&ga_hid=763844163&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078142%2C31078202%2C31078258%2C44795922%2C44801993%2C31078320%2C44803790&oid=2&pvsid=4180108639442109&tmod=1074864421&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5EyxjSCx2V&p=https%3A//crezu.co&dtd=377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Oct 2023 05:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:56:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Oct 2023 05:23:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame A850 2 KB
973 B 371ms
13ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 16:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 16:48:49 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6443514453317359013/ Frame A850 29 KB
29 KB 374ms
20ms Image
image/jpeg 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6443514453317359013/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

571cd9873a50f3347c655ec05f6ca2fb92d13a9daf9bae3398b86807a976509c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 18:06:24 GMT
x-content-type-options: nosniff
age: 213396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29912
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 11:45:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Sep 2024 18:06:24 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13975521445603965153/ Frame A850 6 KB
6 KB 373ms
19ms Image
image/png 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13975521445603965153/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

c5c83b5b2ae1d82b7f42d8ab691fce886653a4cb7347a5ce227da2cacc01ad6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 10:16:16 GMT
x-content-type-options: nosniff
age: 500804
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6108
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 11:45:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Sep 2024 10:16:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame A850 23 KB
9 KB 361ms
15ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 10:18:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 10:18:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame A850 3 KB
1 KB 363ms
18ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 18:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 18:28:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame A850 20 KB
8 KB 356ms
11ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 10:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 10:18:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A850 182 KB
58 KB 378ms
26ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 05:23:00 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame A850 36 KB
15 KB 375ms
10ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 10:18:01 GMT

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/ 153 KB
52 KB 73ms
73ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/reactive_library_fy2021.js?bust=31078320

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d13be08bf7e7dbae2c6ba789500c1db9fc7f2bc4660da6d80f72e36a344f1983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53257
x-xss-protection: 0
server: cafe
etag: 8603192373289363294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 05:23:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 17ms
16ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6PKQXGNQ6L&gtm=45je39r0&_p=763844163&cid=815154458.1696224179&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1696224178&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9&dt=Tus%20ofertas%20personales%20de%20pr%C3%A9stamos%20en%20Crezu.co&en=gtag_get_api_event&_et=10&up.client_id=815154458.1696224179.
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PKQXGNQ6L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 05:23:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crezu.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A850 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: def1d78025f5e0969e14195f6b2982edb39b9e0683a57f954e59cac61462f199

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A850 16 KB
16 KB 361ms
24ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 475007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Sep 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A850 15 KB
15 KB 368ms
31ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:50:19 GMT
x-content-type-options: nosniff
age: 390762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Sep 2024 16:50:19 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame E15A 9 KB
4 KB 10ms
9ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 19:22:36 GMT
etag: 6119613530591461916
expires: Sun, 15 Oct 2023 19:22:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A850
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CL1Ies1MaZY6LKNjG7_UPuJSWuA_Et7OAc5rau6TkEKSIhZ4LEAEgz8OZc2DJBqABq-yvtgLIAQmpAuaFNZjAB4M-qAMByAPLBKoE4QJP0H5WU9H_aEEIe8lbd84z5zffLeRNlktqIBTTWab...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe42509e8c8a51a500000000000000000%22,%222%22:%220xa5621124ef37f3420000000000000000%22,%223%22:%220x285549...

0
0

69ms
43ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe42509e8c8a51a500000000000000000%22,%222%22:%220xa5621124ef37f3420000000000000000%22,%223%22:%220x285549dd3749bf0000000000000000%22,%224%22:%220xe5c3cdee75952e30000000000000000%22,%225%22:%220xe028ce4e24b9e0360000000000000000%22},%22debug_key%22:%2215621826217028045987%22,%22debug_reporting%22:true,%22destination%22:%22https://metroopinion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22650901035%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212725643378276852737%22}&andc=true

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:23:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe42509e8c8a51a500000000000000000","2":"0xa5621124ef37f3420000000000000000","3":"0x285549dd3749bf0000000000000000","4":"0xe5c3cdee75952e30000000000000000","5":"0xe028ce4e24b9e0360000000000000000"},"debug_key":"15621826217028045987","debug_reporting":true,"destination":"https://metroopinion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["650901035"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"12725643378276852737"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 02 Oct 2023 05:23:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Oct 2023 05:23:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe42509e8c8a51a500000000000000000","2":"0xa5621124ef37f3420000000000000000","3":"0x285549dd3749bf0000000000000000","4":"0xe5c3cdee75952e30000000000000000","5":"0xe028ce4e24b9e0360000000000000000"},"debug_key":"15621826217028045987","debug_reporting":true,"destination":"https://metroopinion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["650901035"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"12725643378276852737"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 396ms
64ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a152695efa3a1dd491845fbdfb416ebbf2acc05b0de39ea1bbb0a9a412720446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:23:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12136
x-xss-protection: 0

GET
H2 200 f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 8757 37 KB
15 KB 9ms
8ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 467099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14693
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:02 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 92ms
45ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 02 Oct 2023 05:23:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 25ms
24ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 05:23:01 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA94 13 KB
5 KB 15ms
10ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 12:08:02 GMT
expires: Mon, 30 Sep 2024 12:08:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 501D 829 B
1 KB 406ms
69ms Document
text/html 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f4.1e100.net

Software

GSE /

Resource Hash

220de56c73b6988e838c0654cb16e6e600f8a195ccf53c4c0ff55e92f18a08c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_o9yEH4ffpyl-pD-3fk0UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_o9yEH4ffpyl-pD-3fk0UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 05:23:02 GMT
expires: Mon, 02 Oct 2023 05:23:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame FA94 37 KB
14 KB 10ms
9ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Sep 2024 12:07:56 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame FA94 0
40 B 8ms
8ms Image
text/plain 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2LveIg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:23:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 501D 0
0 44ms
44ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=4180108639442109&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
47ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=4180108639442109&bg=!6uml6abNAAYEJRtnJCU7ADQBe5WfOFDN5sflwU6_xEx3s-kIZYqS-CckfIYa72djyIPNvCa65usfnmZp4iFlO1rxUlcMAgAAAEVSAAAAB2gBB5kCphXxH6SY8JRsdXWVIzZIXZh1VQkujwfP3JA1dxA4mL3ytVtLKi1JmrPOCArH55shs05z0eddny6NMPIIc8irPKyZGOD1TIniaiqTmlK0ktNXE-EpPBQyWu-W_mwJal_iVHtvu89u4KbmFwybiGrIvU3kjPE7_z9fhlKWh36qrLfad44diL6VNDGz8BucPLekJpxiWchiXLffTTlV1_f1vxuPiZvbdZ-hmFunPx0gD_BEUvOGyzfjf25NXeAqSsh-O4suHuIWZV1U4gYVYv8cDabHfQIgt7m-lZuh3opEGGv19RFF_oHQOx5joqcf78LLWljbyQ-A3b7xxdnp_8CKD3cBNEb98RzI7abCCgP22XiRYyAje3J-yztvsmZJunW9ZXsuMf0OGsHcYvusqZliekon7Oa2KXAiClQHf0AkXJgAN1uIjQeRoJKc5mJhULVloZjz2K0Fh5AkMN1pCk3KNfmiCiWWSa4z7dbUg50V7Lc-8OcHIPIP-E94_mEPq-Vb_xRR0s0IOVgr1ITcLnmqqGaCWh_FnhPWl9_dBxNwp45GIjdqRMqE26nETiioNajOesP0pRPOOpLtt3rssH5hI-yKeWEIpAygD1yyZjanJWgTt7xfa-e6sT0f57usvVV-kRfcV79oBm_dduhLEDeXQqlUJu2D4XjYvkrBpfKaQJWobadmz1K_aYdb72AhWYft-op6SdK697g8NYyYyPTndnK0JwiYWyO1KG7vVAV-WvotLF6vN8EXxatXQ_lpzV7sDmvHmzaYrfgTF1Tdo7Y79uFM2NtmElM_r53wr7NG-OgsRln-KAoHYs5Z6ojx9b8fE_35UIC839gbA7fvfJ4-jmg8Gc7Yz3Zil9uv9DdBqi0DLCoi3hwiu_5Bv1ratb5ehAQbi8QnQQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 done.svg
crezu.co/svg/ 235 B
393 B 243ms
243ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/svg/done.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fc52eb0bdcab53c8cdd4e4a03c6958c2c10a179d91eeb601435b1a668b20c735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:23:03 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:06 GMT
server: nginx
etag: W/"64ed9c26-eb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:23:03 GMT

GET
H2 200 close-green.svg
crezu.co/svg/ 235 B
386 B 243ms
243ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/svg/close-green.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 35388c215dad3ef4ce5523aea6900f5c434b4dbee600a9cf35ceea6012507fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:23:03 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:06 GMT
server: nginx
etag: W/"64ed9c26-eb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:23:03 GMT

GET
H2 200 polygon-push.svg
crezu.co/svg/ 308 B
436 B 243ms
243ms Image
image/svg+xml 35.201.243.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crezu.co/svg/polygon-push.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.243.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5b0270cfaec64a3f0b274938da05903c44076025308fff5ed8fefe70b5771362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crezu.co/landing/offers/?sub1=85574f7e2eb649d18ba7c3aa5e9cd222&sub2=co-sms-welcome-returning5d2&sub3=sl-crm&sub4=0&sub5&sub6=65&sub7&sub8&sub9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 05:23:03 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 07:20:06 GMT
server: nginx
etag: W/"64ed9c26-134"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public
expires: Tue, 01 Oct 2024 05:23:03 GMT

GET push-image.webp
crezu.co/img/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: crezu.co
URL: https://crezu.co/img/push-image.webp

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
track.crezu.net/	1970-01-20 23:56:00	Name: afclick Value: 651a53af15334a0001474ae6
track.crezu.net/	1970-01-20 23:56:00	Name: afoffers Value: {"250":1696224175}
crezu.co/	1970-01-20 23:56:00	Name: i18n_redirected Value: CO
crezu.co/	1970-01-20 15:10:25	Name: landingOffersVisit Value: {"sub1":"85574f7e2eb649d18ba7c3aa5e9cd222","sub2":"co-sms-welcome-returning5d2"}
.crezu.co/	1970-01-20 19:29:36	Name: sbjs_migrations Value: 1418474375998%3D1
.crezu.co/	1970-01-20 19:29:36	Name: sbjs_current_add Value: fd%3D2023-10-02%2007%3A22%3A58%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29
.crezu.co/	1970-01-20 19:29:36	Name: sbjs_first_add Value: fd%3D2023-10-02%2007%3A22%3A58%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29
.crezu.co/	1970-01-20 19:29:36	Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.crezu.co/	1970-01-20 19:29:36	Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.crezu.co/	1970-01-20 19:29:36	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F117.0.5938.132%20Safari%2F537.36
.crezu.co/	1970-01-20 15:10:25	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D85574f7e2eb649d18ba7c3aa5e9cd222%26sub2%3Dco-sms-welcome-returning5d2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D65%26sub7%26sub8%26sub9
crezu.co/	1970-01-20 15:10:25	Name: uuidv4 Value: c98d64bc-d43b-4487-bb0b-4128b5391fd0
.crezu.co/	1970-01-20 17:20:00	Name: _gcl_au Value: 1.1.1318216566.1696224179
.crezu.co/	1970-01-21 00:46:24	Name: _ga Value: GA1.1.815154458.1696224179
.crezu.co/	1970-01-20 17:20:00	Name: _fbp Value: fb.1.1696224178966.554793944
.crezu.co/	1970-01-21 00:32:00	Name: __gads Value: ID=62033fafcb24a303-2274de6e24df0045:T=1696224179:RT=1696224179:S=ALNI_MZv0ZC19izsWNhJQBECC2saoitR1g
.crezu.co/	1970-01-21 00:32:00	Name: __gpi Value: UID=00000c8a396ca35b:T=1696224179:RT=1696224179:S=ALNI_MYJnFvOyMCNvP7Sj9X27LNEzVhuUQ
.crezu.co/	1970-01-21 00:46:24	Name: _ga_6PKQXGNQ6L Value: GS1.1.1696224178.1.0.1696224180.58.0.0
.doubleclick.net/	1970-01-21 00:46:24	Name: IDE Value: AHWqTUl5PNd_hCJNBUf9al3BkBEWMLAz_0sdLtKV98RWoNHCmSItFKhKk7JLLqjSHzs
.googleadservices.com/	1970-01-20 17:20:00	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.crezu.net
connect.facebook.net
crezu.co
cru.si
events.crezu.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
sl.crezu.co
sl.crezu.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.crezu.net
workers.crezu.net
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
crezu.co
104.21.60.93
108.177.15.155
142.250.184.200
142.250.185.162
142.250.185.174
142.250.185.65
142.250.186.138
142.250.186.162
142.250.186.66
142.250.186.99
157.240.251.35
157.240.251.9
172.217.16.130
172.217.18.2
172.217.18.3
172.217.23.100
34.77.94.206
34.90.63.227
35.201.243.240
35.201.76.189
35.240.92.105
35.241.222.91
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
16a688ce02e20635d5a86ce51ebc4bc91d51088412498a45b45100436d2c8c3d
18a49454b27284f8a409abfe02ee82f6aca81c42481091e6710bc2d8aa2ade16
18dc7efbbf35c8f5b68c067252948fef7a3562c01163b73cacd0202ef9a4857f
1a538319189aa95195c40dd14147a90955ee910e191413c04270d842aabe0902
220de56c73b6988e838c0654cb16e6e600f8a195ccf53c4c0ff55e92f18a08c5
275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637
2946918cad4885d884f2e134ba25935c5e54c3c29e7a4a831b7c96d1f82541e8
298061b6485d501a620524df1008bbd2b70668d268b144c1714795a6fe8cbd73
29923470e0a2cf223fbd782e1fc876858c9c86c1d0da27ffeec3fa44dfde6e56
2a45c21b79433a9b4d6b55022af7dee5406a06a1de25875d3e9df6a0a0ff625a
2e874605ba7234deb81c3e78a86be201d57746f632cb59a5fcac8aec4033f3ef
3049973054cd161d50be350f386e600310c655a00d9dfc3ac0468160724e6b6b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32b6db04338d853de4148e775afcacadfb2d0bd3e8f10192916f6688f34c6005
35388c215dad3ef4ce5523aea6900f5c434b4dbee600a9cf35ceea6012507fa3
3764419f41844eb644d48b3445f3a81370088a4dbeced4314af67a84c404cc75
3900e7430738a95782f587fc11f5fab5099a324f1d79d169e435d021999f8458
39a3faa318d7f32986693e35e5e36b5b5904189a7e41d4ec6e4cfd2059e26c3c
3aa9db77c3faef7b08a5973b028736291dd75e782def0d4186513d6d7361e9b6
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e20cf94885ec9fde4b91cfbb735ec0fbd84a9bf25a9eefa1d6ae6570ca737d2
3e6375eb224adafea4e71b197cfe5408a0b0d8b26f6f68649b0fe69977e48166
40f9822c8aa42d2c8a21edff1ff8f3f47e3c609819930c2d600dc6a9a68f3449
448ee7b893d252c24c3a8202f352729d3ef9673706b09c781b6d2ad0bb2f9dce
495038404ebdc4f45b1611643205b038f26238781b06a804ae5a460d3124ce76
4ad37591caad98e38034f270e41ff344450e7c504f6330a8ea29b90b1ee8250a
4c43990b8d646a9f0d861e3a38a26793f38ed3f60ae6e0781e07392d35581df7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56de204768600e666186737da41e893c7d3aacaea1c39fd80465f44392714d4a
571cd9873a50f3347c655ec05f6ca2fb92d13a9daf9bae3398b86807a976509c
5b0270cfaec64a3f0b274938da05903c44076025308fff5ed8fefe70b5771362
61468f8f9d7a457b03dbef98d6f51ba7da537e73d567ececcb959252ccea7b52
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6eb40ce5abb2c8d309e59854fffaf57b87ee2a4a3e5bfd5d5a1919498e8c8067
70e4f06afb616e6a1f73c494f05d0c4615729cdc4570efd6c41f6eef607425e3
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
78d51eb7ffd10c4fbc0925d82deb6a2e5380a365723dd0dba6b8aee83d740201
7b5795481ec5bafcc6dda4c3733dd67cd3e0de518f3a8b88b0ed4773540af566
7e684ccfb7c1831eac79cf74a9a5b296cd3f6f69cf7c5e39a9e2de4d9a49ad25
7e7da03dcb705259d9e3140bcca74fd52572666e3fd4ef9cd4882071962453fa
7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4
850fab2afc7a8fb851cfb9e7b710c087b8004caf3f6b132ce0aec5185bf7a5b8
8e2db6817343453d09b11709dc52332a605a51f24b22eed7673233ea8c7c90e8
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
906dc44f440b886d8a4395dc6c7b40f7f3aa0a9e216a5cf84bb3a258be04bb0c
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
a152695efa3a1dd491845fbdfb416ebbf2acc05b0de39ea1bbb0a9a412720446
a73adb4a8b9282eb02b937beba8e600c8c5c4f09b95a829f6711e9588d7514cc
a7ef29d3fc71e75ad570a2faaa78d65cf17d29c8bffc019145d1d9599e01265d
acdd91922d83587f2ceaddb264f626726cce0eca525f8c796a920b8669fd918f
acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e
ad3475c7f4d70164e0c35e41f5e0af761328897f7a9f374759623ee496dbd65d
ad8b9da1df9f3fad52543590d6fa507d65b87ed6361266698fe671d565a61bee
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b08ee3a8015b3308f8be3f7ccebc5a6df74efbc11ae4a242614ec65e11a17a97
b39d354e33d0f0291d80a99bf27457ed8171759813d524e5bc3fe26d3152c5b2
b87ce3ad9bcd1db6926077e2fe133d047f197ba00e922b110f0e8d576fd84461
b8da67821e588e3ee5516083d99f1d9907c23a24fcb52dfb3c57cd38924dcef7
ba95cea0a3170d231a5d438b5089087b61dfbe09d8daa9140d2dcd14a6f5f922
baacb9354c9828095b1bd82134fa9874ce379139d276b424695a136ce085b9a3
be4fe1eb14331ddfa357dee65ac3e9d82400e3b185b05e3f09dbf2f9019b6a12
c34c950d8d318c2aa56a682f5f13a7f612540e53c090e6a805202a15654cc325
c3c34de642bb96fa96f4bdc2406ddd5fed47f1e4ffa5a73d8eb0d53092483b6a
c5c83b5b2ae1d82b7f42d8ab691fce886653a4cb7347a5ce227da2cacc01ad6d
c85b00c781c8067679b3b36492384671e921acb2f912bae134e3744dcdd06220
d0b8a0387614fa2bc4041cc1415388e91bd1c645231e778dfb7bc7d2475ad638
d13be08bf7e7dbae2c6ba789500c1db9fc7f2bc4660da6d80f72e36a344f1983
d21402f293010583d285f7244295551849ebee3de56c5286be72c294a4984eaf
de0b87194f8d482fa3de096066b21a6f4d9b506ca8ff4fd5a8bede856b554e35
def1d78025f5e0969e14195f6b2982edb39b9e0683a57f954e59cac61462f199
e255273ab58ef2026608b575f0c3a90c4b6ed5b47efeac22b2036c03c0aaf31b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80a61b2cbc6d6b3b3ed8b50bcd8f6a89f8f5b69460e03f47defe0554c3220d2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fc52eb0bdcab53c8cdd4e4a03c6958c2c10a179d91eeb601435b1a668b20c735
ff93bde29a517354bff84cdb622cd420f370026d74babb9a61a04f0d4b796d76

crezu.co Open in urlscan Pro 35.201.243.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

98 %HTTPS

0 %IPv6

13 Domains

23 Subdomains

21 IPs

6 Countries

2062 kBTransfer

4697 kBSize

20 Cookies

20 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

crezu.co Open in urlscan Pro
35.201.243.240 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

23
Subdomains

21
IPs

6
Countries

2062 kB
Transfer

4697 kB
Size

20
Cookies

91 HTTP transactions
2 data transactions