urlscan.io logo urlscan.io
SecurityTrails logo

crezu.co Open in urlscan Pro
35.201.243.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cru.si/Gm98V
Effective URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm...
Submission: On July 07 via manual from CO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 14 domains to perform 75 HTTP transactions. The main IP is 35.201.243.240, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is crezu.co.
TLS certificate: Issued by R11 on June 12th 2024. Valid for: 3 months.
This is the only time crezu.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.195.127 13335 (CLOUDFLAR...)
1 2 35.241.222.91 396982 (GOOGLE-CL...)
1 1 34.90.46.36 396982 (GOOGLE-CL...)
15 35.201.243.240 396982 (GOOGLE-CL...)
16 35.201.76.189 396982 (GOOGLE-CL...)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 34.77.94.206 396982 (GOOGLE-CL...)
2 216.58.206.66 15169 (GOOGLE)
7 95.211.66.35 60781 (LEASEWEB-...)
2 35.240.92.105 396982 (GOOGLE-CL...)
1 3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
2 142.250.186.34 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 216.58.206.46 15169 (GOOGLE)
75 18
1    172.67.195.127 (United States)

ASN13335 (CLOUDFLARENET, US)
cru.si
2    35.241.222.91 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.222.241.35.bc.googleusercontent.com
sl.crezu.net
1    34.90.46.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com
track.crezu.net
15    35.201.243.240 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.243.201.35.bc.googleusercontent.com
crezu.co
16    35.201.76.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.76.201.35.bc.googleusercontent.com
cdn.crezu.net
11    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    34.77.94.206 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.94.77.34.bc.googleusercontent.com
workers.crezu.net
2    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
pagead2.googlesyndication.com
7    95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
s.clickiocdn.com
up.clickiocdn.com
2    35.240.92.105 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.92.240.35.bc.googleusercontent.com
events.crezu.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.de
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
4    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
22 crezu.net
sl.crezu.net
track.crezu.net
cdn.crezu.net — Cisco Umbrella Rank: 803698
workers.crezu.net — Cisco Umbrella Rank: 967116
events.crezu.net — Cisco Umbrella Rank: 864823
198 KB
15 crezu.co
crezu.co
443 KB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 87
13 KB
7 clickiocdn.com
s.clickiocdn.com — Cisco Umbrella Rank: 43002
up.clickiocdn.com — Cisco Umbrella Rank: 44898
213 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2408
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 686
130 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
5 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 158
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 251
177 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 152
196 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 216
80 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 85
199 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7165
63 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1793
1 cru.si
cru.si
630 B
75 14
Domain Requested by
16 cdn.crezu.net crezu.co
cdn.crezu.net
15 crezu.co crezu.co
11 fonts.googleapis.com cdn.crezu.net
6 up.clickiocdn.com s.clickiocdn.com
4 www.facebook.com crezu.co
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.gstatic.com crezu.co
2 securepubads.g.doubleclick.net s.clickiocdn.com
securepubads.g.doubleclick.net
2 region1.analytics.google.com 1 redirects www.googletagmanager.com
2 events.crezu.net cdn.crezu.net
2 pagead2.googlesyndication.com www.googletagmanager.com
pagead2.googlesyndication.com
2 connect.facebook.net cdn.crezu.net
connect.facebook.net
2 www.googletagmanager.com cdn.crezu.net
www.googletagmanager.com
2 sl.crezu.net 1 redirects cdn.crezu.net
1 www.google.de crezu.co
1 region1.google-analytics.com crezu.co
1 stats.g.doubleclick.net www.googletagmanager.com
1 s.clickiocdn.com www.googletagmanager.com
1 workers.crezu.net cdn.crezu.net
1 track.crezu.net 1 redirects
1 cru.si 1 redirects
75 21
Subject Issuer Validity Valid
crezu.co
R11		 2024-06-12 -
2024-09-10		 3 months crt.sh
cdn.crezu.net
Sectigo RSA Domain Validation Secure Server CA		 2023-12-27 -
2024-12-04		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-16 -
2024-07-15		 3 months crt.sh
workers.crezu.net
R10		 2024-06-14 -
2024-09-12		 3 months crt.sh
sl.crezu.net
R11		 2024-06-27 -
2024-09-25		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
s.clickiocdn.com
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
events.crezu.net
R10		 2024-06-23 -
2024-09-21		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.clickiocdn.com
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Frame ID: 3D32103EC95F3740AD8E6318CB2EEFFA
Requests: 74 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tus ofertas personales de préstamos en Crezu.co

Page URL History Show full URLs

  1. http://cru.si/Gm98V HTTP 307
    https://cru.si/Gm98V HTTP 302
    https://sl.crezu.net/crm?lead_id=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&... HTTP 302
    https://track.crezu.net/click?offer_id=250&sub1=449df2520c5049dca9804a849ed667ce&pid=2&sub2=mx-sms-w... HTTP 302
    https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-re... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

75
Requests

99 %
HTTPS

40 %
IPv6

14
Domains

21
Subdomains

18
IPs

5
Countries

1823 kB
Transfer

5215 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cru.si/Gm98V HTTP 307
    https://cru.si/Gm98V HTTP 302
    https://sl.crezu.net/crm?lead_id=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&landing=offers HTTP 302
    https://track.crezu.net/click?offer_id=250&sub1=449df2520c5049dca9804a849ed667ce&pid=2&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub6=10&sub4=0 HTTP 302
    https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-6PKQXGNQ6L&gtm=45je4730v9102078838z8812742593za200zb812742593&_p=1720391703297&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1861972116.1720391704&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1720391703&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D449df2520c5049dca9804a849ed667ce%26sub2%3Dmx-sms-welcome-returning2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D10%26sub7%26sub8%26sub9&dt=Tus%20ofertas%20personales%20de%20pr%C3%A9stamos%20en%20Crezu.co&en=feedSubmitted&_c=1&_et=2&tfd=2788&_z=fetch HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1861972116.1720391704&dbk=2380347486038635602&dma=1&dma_cps=sypham&en=feedSubmitted&gtm=45je4730v9102078838z8812742593za200zb812742593&npa=1&tid=G-6PKQXGNQ6L&dl=https%3A%2F%2Fcrezu.co%3F

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
crezu.co/landing/offers/
Redirect Chain
  • http://cru.si/Gm98V
  • https://cru.si/Gm98V
  • https://sl.crezu.net/crm?lead_id=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&landing=offers
  • https://track.crezu.net/click?offer_id=250&sub1=449df2520c5049dca9804a849ed667ce&pid=2&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub6=10&sub4=0
  • https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
47 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
92e2bbe1916bbbebf7f98ed74817d02f571744e0f78658bdeedcb60cea31013b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 07 Jul 2024 22:35:01 GMT
etag
W/"66057318-bc6b"
expires
Sun, 07 Jul 2024 22:35:00 GMT
last-modified
Thu, 28 Mar 2024 13:39:36 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sun, 07 Jul 2024 22:35:01 GMT
location
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
server
nginx
x-adjust-use-original-forwarded-for
1
8fa03d5.modern.js
crezu.co/_nuxt/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/8fa03d5.modern.js
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cec96507a10dec531a8e7d9f0dbb0487803f70ed936a21cca248f4904eb8f233

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Origin
https://crezu.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:32 GMT
server
nginx
etag
W/"66057314-188a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:02 GMT
app.14.1133332881d4fae741f4.js
crezu.co/_nuxt/commons/ 		244 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/commons/app.14.1133332881d4fae741f4.js
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
113fd08a3eeb8380ed202b4daa6d718c0bbe20dc142f6c44b1a5875137e2bdf5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Origin
https://crezu.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:32 GMT
server
nginx
etag
W/"66057314-3ce33"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:02 GMT
app.44.80818d358d3a0d43d390.js
crezu.co/_nuxt/vendors/ 		218 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/vendors/app.44.80818d358d3a0d43d390.js
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
34029ea1f503d58569747a868beafc921e16e63c3a471b5e64b3b27e63fbae82

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Origin
https://crezu.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:32 GMT
server
nginx
etag
W/"66057314-3686f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:02 GMT
app.13.39fb4990e70625c6f143.js
crezu.co/_nuxt/ 		145 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/app.13.39fb4990e70625c6f143.js
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c2e32670e6899b0899b4043f26d83f47be0f742984fcf20ac5a1d2e30a811668

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Origin
https://crezu.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:32 GMT
server
nginx
etag
W/"66057314-243d0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:02 GMT
offers.23.036407d9072ed1f3bb2c.js
crezu.co/_nuxt/pages/landing/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/pages/landing/offers.23.036407d9072ed1f3bb2c.js
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fabf53662815fc23f5049b05af5bd62ecf8ea160e559c20c855ea5ec2e9e2545

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Origin
https://crezu.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:32 GMT
server
nginx
etag
W/"66057314-aa5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:02 GMT
76.76.f4beef38cefcc6d7c5c7.js
crezu.co/_nuxt/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/76.76.f4beef38cefcc6d7c5c7.js
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
95b713a5b39d1a830b8aed33df8e1182d934f483ace6a99321e39c2a28c9985a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Origin
https://crezu.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:32 GMT
server
nginx
etag
W/"66057314-a5db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:02 GMT
state.js
crezu.co/_nuxt/static/1711633171/landing/offers/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/static/1711633171/landing/offers/state.js
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1ae0cac8b98ba591e3bcea3831da2502f28b4786ccfd4f0f15adc11d1920f33a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:36 GMT
server
nginx
etag
W/"66057318-f80"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:02 GMT
payload.js
crezu.co/_nuxt/static/1711633171/landing/offers/ 		80 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/static/1711633171/landing/offers/payload.js
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a7ef29d3fc71e75ad570a2faaa78d65cf17d29c8bffc019145d1d9599e01265d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:36 GMT
server
nginx
etag
W/"66057318-50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:02 GMT
manifest.js
crezu.co/_nuxt/static/1711633171/ 		547 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/static/1711633171/manifest.js
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a396ad25212fafa84dda5f1b43bf28bd1eec26af6c1655f3325ca123de01553b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:36 GMT
server
nginx
etag
W/"66057318-223"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:02 GMT
trafficback.6.cfa1b7b320db9c32ee76.js
crezu.co/_nuxt/pages/landing/offers/pages/landing/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/pages/landing/offers/pages/landing/trafficback.6.cfa1b7b320db9c32ee76.js
Requested by
Host: crezu.co
URL: https://crezu.co/_nuxt/8fa03d5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
97dc9f32f48db94b04fae1c248ca7272e4dac3e70b2ed5f4be3fae96517e7229

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:32 GMT
server
nginx
etag
W/"66057314-814f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:02 GMT
style.css
cdn.crezu.net/offers/dist/ 		150 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.crezu.net/offers/dist/style.css
Requested by
Host: crezu.co
URL: https://crezu.co/_nuxt/pages/landing/offers/pages/landing/trafficback.6.cfa1b7b320db9c32ee76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
47b9756cbd7905fd47884f5826711c78c9b2aa4af28bd4112bbc3178381e9bdc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 06:56:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 03 Jul 2024 16:33:10 GMT
server
nginx/1.14.0 (Ubuntu)
age
56297
etag
W/"66857d46-25849"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19448
expires
Sun, 14 Jul 2024 06:56:46 GMT
offers.iife.js
cdn.crezu.net/offers/dist/ 		263 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.crezu.net/offers/dist/offers.iife.js
Requested by
Host: crezu.co
URL: https://crezu.co/_nuxt/pages/landing/offers/pages/landing/trafficback.6.cfa1b7b320db9c32ee76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
eb049667ff6de4b3e87f1fcc6c0e862bdb94c1d76f59f19f2017d2b63dd17b09

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 06:55:49 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sun, 07 Jul 2024 06:51:15 GMT
server
nginx/1.14.0 (Ubuntu)
age
56354
etag
W/"668a3ae3-41b09"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83546
expires
Sun, 14 Jul 2024 06:55:49 GMT
74.74.b11a4ff1a95277878d6f.js
crezu.co/_nuxt/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crezu.co/_nuxt/74.74.b11a4ff1a95277878d6f.js
Requested by
Host: crezu.co
URL: https://crezu.co/_nuxt/8fa03d5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dfb53632e77e80d8978b888dc374925ef7448628f507ca7dad75724b01028f39

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:32 GMT
server
nginx
etag
W/"66057314-316f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:03 GMT
common.js
cdn.crezu.net/common/dist/ 		206 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.crezu.net/common/dist/common.js?ver=1
Requested by
Host: crezu.co
URL: https://crezu.co/_nuxt/vendors/app.44.80818d358d3a0d43d390.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
df3441e4b7d86d84098fa9e2e6b12700308df977d1e5a323eebfdf8c53ce12c9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 06:55:39 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 05 Jun 2024 12:24:49 GMT
server
nginx/1.14.0 (Ubuntu)
age
56364
etag
W/"66605911-33615"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64037
expires
Sun, 14 Jul 2024 06:55:39 GMT
css2
fonts.googleapis.com/ 		6 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Manrope:wght@600;700;800&display=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
412238f13c146aa1cf896a5c4ff3ded3b36557304159c7c0fbde0c4223fa3a55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:35:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
css2
fonts.googleapis.com/ 		3 KB
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@600;700&display=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e9f4a07773d7565c8ddb3a06a6b6053ef0e55a9787bc760ca55ff4a3facf16c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:35:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
css2
fonts.googleapis.com/ 		3 KB
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Raleway:wght@500;700&display=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db29a6ee4ab550b07b1dc5985f4bd04443d670421069ab6ba8d82e2b6e723ddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 21:46:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
css2
fonts.googleapis.com/ 		7 KB
876 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400;600;700&display=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b2dff9f012f6e3ea179f9d8eb13971a5e6b047320fd1cc82f0d7c39c80b5c97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:35:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
css2
fonts.googleapis.com/ 		7 KB
783 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@500;600;700&display=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a78993e0a66057d523122f4fcecbb681c566e5281ef2897a3d9939498705566e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:08:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
css2
fonts.googleapis.com/ 		3 KB
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@600;700&display=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf0042bfd4ea33fcc68e1a1a1524bc81a3ff8f5f485ef7f75e24b8f5781cdc2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:35:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
css2
fonts.googleapis.com/ 		2 KB
686 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa:wght@700&display=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
795e9296127f8af8539628cdeb99fa3914e14723b66ae6406e47f694b35b8c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:18:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
css2
fonts.googleapis.com/ 		1 KB
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Golos+Text:wght@500&display=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78411d780b71236e4aa7279351b4928101c30d8046252bc4d47c230b751fe9a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:35:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
css2
fonts.googleapis.com/ 		4 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Overpass:wght@500;700&display=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c5765d6e2e88d3c7fafa9ceaa8a7625cc57fb5439a8588fc88182606aebd090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:35:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
css2
fonts.googleapis.com/ 		3 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Jost:wght@400;500;600&display=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b3bfb6b13177d20562f631e4706922f315cbcee77cf14007acfaafd972dc9d28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:21:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
gtm.js
www.googletagmanager.com/ 		267 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2L3S7P
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/common/dist/common.js?ver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d37e384f67828f7c4a81baf644db2a01e75abcae84b3c3f07e50a320ea9ee08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95379
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jul 2024 22:35:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/common/dist/common.js?ver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jul 2024 22:35:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=12, mss=1297, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
4LLlcG9f5VeEzE7DdREpzw4SwcW5sE2q3I40RYN5ELq1GKLrQyadHsyrYYZ5T8Jk53q3/OcI4uE3OjjaKTzKRQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
workers.crezu.net/geoip/ 		74 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://workers.crezu.net/geoip/
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.77.94.206 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.94.77.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
571ed023479fe949f6ae02c7d968d6ed8f56a47a6a69924c3224ce7cb6e36d8c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 22:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
Content-Length
74
sl-feed
sl.crezu.net/ 		47 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sl.crezu.net/sl-feed?lead_id=449df2520c5049dca9804a849ed667ce&page=landing-offers&direction=swap
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.241.222.91 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
91.222.241.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bfbd21cbaa8f08778b0258014c39580b1642f725a3817237a6f7f2bd925b84eb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 22:35:03 GMT
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
Content-Length
47
1094441194305104
connect.facebook.net/signals/config/ 		101 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1094441194305104?v=2.9.160&r=stable&domain=crezu.co&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be9e8b9da82aeba33d69082e5cff466defef2519a2ddb42f35e95602b34da1bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jul 2024 22:35:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=64, mss=1297, tbw=63829, tp=-1, tpl=-1, uplat=350, ullat=0
pragma
public
x-fb-debug
EZBZmomTwQKcLzNz43ikNSmtuYcqlcTTyebr+bWBeSHC78OJ1aMjJSgnZxmjJWDZCL2em6mNasBgKPRboqvl0g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
co_feed.json
cdn.crezu.net/offers_data/configs/ 		52 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.crezu.net/offers_data/configs/co_feed.json
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
52cac7af4a964ce7e5233c4877496d933a13cb01ccfb9a912968b0ce2bf9da38

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 04 Jul 2024 18:50:24 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6686eef0-cf28"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.googletagmanager.com/gtag/ 		318 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6PKQXGNQ6L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2L3S7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14aa535cd0e09c90fa57d980795fe26f1c51e6b2ff6cc35602215c3752bb9cb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107516
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jul 2024 22:35:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2L3S7P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
340a8da2eb5ff096a98629ba58a12e2410d3e02de9cd28f0e9aee200616c6b0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53449
x-xss-protection
0
server
cafe
etag
2119623767712329717
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 07 Jul 2024 22:35:03 GMT
360_light.js
s.clickiocdn.com/t/230045/ 		554 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.clickiocdn.com/t/230045/360_light.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2L3S7P
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ed91f48e55c5074e1e2579f9bc425876fb6c1a55288a6a1c25870db90aa8eddf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
server
nginx/1.20.1
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
iseu
eu
cache-control
max-age=60
expires
Sun, 07 Jul 2024 22:36:03 GMT
event
events.crezu.net/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.crezu.net/api/event
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.240.92.105 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
105.92.240.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://crezu.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,X-API-KEY,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Sun, 07 Jul 2024 22:35:03 GMT
Server
nginx/1.18.0 (Ubuntu)
event
events.crezu.net/api/ 		0
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.crezu.net/api/event
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.240.92.105 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
105.92.240.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Jul 2024 22:35:03 GMT
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-API-KEY,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
Rayo.co-icon_20240416140752.svg
cdn.crezu.net/offers_data/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers_data/images/Rayo.co-icon_20240416140752.svg
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
becbc360fea8ef973bb32aa2a160d8c64ed6cb5063977a753b1978260d54f48a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Tue, 16 Apr 2024 14:07:53 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"661e8639-40a"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1034
expires
Sun, 14 Jul 2024 22:35:03 GMT
av-villas-logo_1.svg
cdn.crezu.net/offers_data/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers_data/images/av-villas-logo_1.svg
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
573296ed09fbf0460be6a537377ed7496a46b1db9866dca98e4193f8fadb4497

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Tue, 05 Sep 2023 13:15:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"64f729fc-28c6"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10438
expires
Sun, 14 Jul 2024 22:35:03 GMT
Yadinero-icon_20240416140610.svg
cdn.crezu.net/offers_data/images/ 		470 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers_data/images/Yadinero-icon_20240416140610.svg
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
41d7e51c56b85860203a48a9a6520ab76f7e31b17234f13e246bc7cd6638da24

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Tue, 16 Apr 2024 14:06:11 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"661e85d3-1d6"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
470
expires
Sun, 14 Jul 2024 22:35:03 GMT
DonLucash-icon_20240416141018.svg
cdn.crezu.net/offers_data/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers_data/images/DonLucash-icon_20240416141018.svg
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f6bea67163ff3b8cd138a3f036050cab807709d88b22cb45f0467c99217bab97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Tue, 16 Apr 2024 14:10:19 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"661e86cb-66e"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1646
expires
Sun, 14 Jul 2024 22:35:03 GMT
Credy-icon_202405031303321_20240531101334.svg
cdn.crezu.net/offers_data/images/ 		785 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers_data/images/Credy-icon_202405031303321_20240531101334.svg
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c4f2c1c0b7a65aa1941a12c6659554c6c795c4e04d858559aecab497bda0ffd9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Fri, 31 May 2024 10:13:35 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"6659a2cf-311"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
785
expires
Sun, 14 Jul 2024 22:35:03 GMT
DoctorPeso-icon_20240416140800.svg
cdn.crezu.net/offers_data/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers_data/images/DoctorPeso-icon_20240416140800.svg
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c7ecf5bdab9a0bf138e0d6b416f1096d52a32fb31b398f7d208e07ee306aefb1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Tue, 16 Apr 2024 14:08:01 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"661e8641-5ef"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1519
expires
Sun, 14 Jul 2024 22:35:03 GMT
Wadana-icon_20240416140713.svg
cdn.crezu.net/offers_data/images/ 		789 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers_data/images/Wadana-icon_20240416140713.svg
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
91026b89d5de375a872deb6ba9f600d2936ed20d386ed5c0057faf9ce1c2bb7f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 21:14:03 GMT
via
1.1 google
last-modified
Tue, 16 Apr 2024 14:07:14 GMT
server
nginx/1.14.0 (Ubuntu)
age
4860
etag
"661e8612-315"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
789
expires
Sun, 14 Jul 2024 21:14:03 GMT
anticipo-icon_20240624114418.svg
cdn.crezu.net/offers_data/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers_data/images/anticipo-icon_20240624114418.svg
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8da9f9b4db8b3fa334f01447a4ec6d48f74ce0d177edeecdfb19cf01cab81dc4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Mon, 24 Jun 2024 11:44:19 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"66795c13-419"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
expires
Sun, 14 Jul 2024 22:35:03 GMT
d5-icon-badge1.webp
cdn.crezu.net/offers/src/assets/img/designs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers/src/assets/img/designs/d5-icon-badge1.webp
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
86e66d26f90dda8f96a37ca48d6ee3f42f2cb78cdf187a316b2a9b46a61dd346

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Tue, 10 Oct 2023 11:00:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"65252edf-412"
content-type
image/webp
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1042
d5-icon-counter.webp
cdn.crezu.net/offers/src/assets/img/designs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers/src/assets/img/designs/d5-icon-counter.webp
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bfc7a1da5c2714823dee19b0fd62f3f693842f77605e4db715378399c7efe0ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Tue, 10 Oct 2023 11:00:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"65252edf-dc8"
content-type
image/webp
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3528
d5-icon-badge2.webp
cdn.crezu.net/offers/src/assets/img/designs/ 		724 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers/src/assets/img/designs/d5-icon-badge2.webp
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6ee7daaefe466454ccb3c20a7840ac8dcda7e9b85e08622e43d60f37975ab5ab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Tue, 10 Oct 2023 11:00:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"65252edf-2d4"
content-type
image/webp
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
724
d5-icon-badge3.webp
cdn.crezu.net/offers/src/assets/img/designs/ 		920 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.crezu.net/offers/src/assets/img/designs/d5-icon-badge3.webp
Requested by
Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.76.201.35.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fbc0b494d27e5eba4ada41f333549bc92f621e6cda76586416a0fcb1ec802900

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.crezu.net/offers/dist/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
via
1.1 google
last-modified
Tue, 10 Oct 2023 11:00:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"65252edf-398"
content-type
image/webp
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
920
offers-hero-bg-pc.7788bab.webp
crezu.co/_nuxt/img/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crezu.co/_nuxt/img/offers-hero-bg-pc.7788bab.webp
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
680d93c88ad7d4496cba8aaf054c82c32292a2381d09f5f5bcc311f66a338c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Mar 2024 13:39:32 GMT
server
nginx
etag
W/"66057314-bad8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Mon, 07 Jul 2025 22:35:03 GMT
financial-services.webp
crezu.co/img/ 		171 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crezu.co/img/financial-services.webp
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ad3475c7f4d70164e0c35e41f5e0af761328897f7a9f374759623ee496dbd65d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5=&sub6=10&sub7=&sub8=&sub9=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Mar 2024 13:39:31 GMT
server
nginx
etag
W/"66057313-2acf0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Mon, 07 Jul 2025 22:35:03 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/ 		424 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6373705936907274&plah=crezu.co&aplac=true&bust=31085085
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
51f5137764d05d9d9f27a561d18fedf0f7f62655ca8f6e89979a64c8bae43c15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146735
x-xss-protection
0
server
cafe
etag
11847641689210291197
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Jul 2024 22:35:03 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6PKQXGNQ6L&gtm=45je4730v9102078838z8812742593za200zb812742593&_p=1720391703297&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1861972116.1720391704&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720391703&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D449df2520c5049dca9804a849ed667ce%26sub2%3Dmx-sms-welcome-returning2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D10%26sub7%26sub8%26sub9&dt=Tus%20ofertas%20personales%20de%20pr%C3%A9stamos%20en%20Crezu.co&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2785&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PKQXGNQ6L&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 22:35:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crezu.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6PKQXGNQ6L&cid=1861972116.1720391704&gtm=45je4730v9102078838z8812742593za200zb812742593&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PKQXGNQ6L&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 22:35:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crezu.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-6PKQXGNQ6L&gtm=45je4730v9102078838z8812742593za200zb812742593&_p=1720391703297&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=18619...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1861972116.1720391704&dbk=2380347486038635602&dma=1&dma_cps=sypham&en=feedSubmitted&gtm=45je4730v9102078838z8812742...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1861972116.1720391704&dbk=2380347486038635602&dma=1&dma_cps=sypham&en=feedSubmitted&gtm=45je4730v9102078838z8812742593za200zb812742593&npa=1&tid=G-6PKQXGNQ6L&dl=https%3A%2F%2Fcrezu.co%3F
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0xee32595921f3f250","source_keys":["1"]},{"key_piece":"0xaef15cc42a1af58d","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"2380347486038635602","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["528015211"],"5":["07-07","07-06","07-05"]}}
date
Sun, 07 Jul 2024 22:35:03 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Jul 2024 22:35:03 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1861972116.1720391704&dbk=2380347486038635602&dma=1&dma_cps=sypham&en=feedSubmitted&gtm=45je4730v9102078838z8812742593za200zb812742593&npa=1&tid=G-6PKQXGNQ6L&dl=https%3A%2F%2Fcrezu.co%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6PKQXGNQ6L&cid=1861972116.1720391704&gtm=45je4730v9102078838z8812742593za200zb812742593&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=400375435
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 22:35:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230045/360_light.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
97647db9d93ccfbf11aa203efe27970a765b194fd7e3ea471a0c16bdd81efd97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31784
x-xss-protection
0
server
cafe
etag
619 / 19911 / m202407020101 / config-hash: 10288659473878011519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Jul 2024 22:35:03 GMT
/
up.clickiocdn.com/hbadx/ 		46 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_ex9ygdob68xl6do3&rt=170358045&site_id=230045&title=Tus%20ofertas%20personales%20de%20pr%C3%A9stamos%20en%20Crezu.co&l=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D449df2520c5049dca9804a849ed667ce%26sub2%3Dmx-sms-welcome-returning2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D10%26sub7%26sub8%26sub9
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230045/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
9114c9e72dcc0a0ae389b8726e48398805876c2004493c4b40ba2b65064108b1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 07 Jul 2024 22:35:03 GMT
cache-control
no-cache
content-encoding
gzip
iseu
eu
server
nginx/1.20.1
content-type
application/x-javascript; charset=utf-8
/
up.clickiocdn.com/clickiotag_log/ 		83 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/clickiotag_log/?step=0&ses_id=98xgtg0crkd3zfz170357597&area_id=705385&type=base&f=__lxG__.tmp.rot_vwmmwvtd0gkt0db6&rt=170358611
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230045/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
417b3b97c7ed473e6acc366b59732c163aa72cb607b268a0f52bee42a0cf9ecc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 07 Jul 2024 22:35:03 GMT
cache-control
no-cache
content-encoding
gzip
iseu
eu
server
nginx/1.20.1
content-type
application/x-javascript; charset=utf-8
/
up.clickiocdn.com/clickiotag_log/ 		83 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/clickiotag_log/?step=1&ses_id=98xgtg0crkd3zfz170357597&area_id=707660&type=dfp&f=__lxG__.tmp.rot_vwmmwvtd0gkt0db6&rt=170358607
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230045/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
d73c593b6ec4c7acd8f215c99596131f72563365acff92a56030617e2df42b35

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 07 Jul 2024 22:35:03 GMT
cache-control
no-cache
content-encoding
gzip
iseu
eu
server
nginx/1.20.1
content-type
application/x-javascript; charset=utf-8
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/ 		467 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 12:43:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
35498
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148860
x-xss-protection
0
server
cafe
etag
3071004405367439963
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 07 Jul 2025 12:43:25 GMT
ca-pub-6373705936907274
fundingchoicesmessages.google.com/i/ 		199 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-6373705936907274?href=https%3A%2F%2Fcrezu.co%2Flanding%2Foffers&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6373705936907274&plah=crezu.co&aplac=true&bust=31085085
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c0d9b7cc5a9606713b45c417a6d4e64af28f676e800ed6c0485847a8199e11a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Ymg4RizevTIqPzIUQNYUEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Ymg4RizevTIqPzIUQNYUEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmJw1ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgFuLhmL5hzRY2gQtnPzYxK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBsY6hmYxxcYAAD0lznn"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1094441194305104&ev=PageView&dl=https%3A%2F%2Fcrezu.co&rl=&if=false&ts=1720391703755&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4124&fbp=fb.1.1720391703754.31949112403791309&pm=1&hrl=728854&ler=empty&cdl=API_unavailable&it=1720391703364&coo=false&cs_cc=1&cas=7810658012315004%2C8282816528414874%2C7661662460554331%2C8081787731853282%2C25919337031014155%2C7943914905672909%2C7692410454174053%2C26422400584025851%2C7214378968664036%2C25454830624132030%2C7484918531624594%2C7570727389710193%2C7314154942027183%2C8038290612870361%2C7327916017327523%2C7861500880549915%2C8165228846841271%2C7569780309749595%2C6648565451912694%2C8096983470316271%2C25276339902010377%2C8153829864645508%2C7490844100939018%2C7420689261353759%2C7749838811701734%2C7595499400472254%2C7495936953830675%2C25310286351950549%2C25444258515187595%2C7334666433255969%2C7628657737215923%2C8345293348830485%2C7366102466776563%2C7773880642630281%2C7475131082579557%2C7746297202076058%2C8257667460926263%2C7774018995966266%2C7452698438157363%2C6874455692594486%2C3977903438969885%2C5283925088314314%2C3908545219208375%2C5768870616461321%2C3925232114155101%2C3535800326498631&rqm=GET
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=3145, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 07 Jul 2024 22:35:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1094441194305104&ev=PageView&dl=https%3A%2F%2Fcrezu.co&rl=&if=false&ts=1720391703755&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4124&fbp=fb.1.1720391703754.31949112403791309&pm=1&hrl=728854&ler=empty&cdl=API_unavailable&it=1720391703364&coo=false&cs_cc=1&cas=7810658012315004%2C8282816528414874%2C7661662460554331%2C8081787731853282%2C25919337031014155%2C7943914905672909%2C7692410454174053%2C26422400584025851%2C7214378968664036%2C25454830624132030%2C7484918531624594%2C7570727389710193%2C7314154942027183%2C8038290612870361%2C7327916017327523%2C7861500880549915%2C8165228846841271%2C7569780309749595%2C6648565451912694%2C8096983470316271%2C25276339902010377%2C8153829864645508%2C7490844100939018%2C7420689261353759%2C7749838811701734%2C7595499400472254%2C7495936953830675%2C25310286351950549%2C25444258515187595%2C7334666433255969%2C7628657737215923%2C8345293348830485%2C7366102466776563%2C7773880642630281%2C7475131082579557%2C7746297202076058%2C8257667460926263%2C7774018995966266%2C7452698438157363%2C6874455692594486%2C3977903438969885%2C5283925088314314%2C3908545219208375%2C5768870616461321%2C3925232114155101%2C3535800326498631&rqm=FGET
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x705fae683ffb2bba","source_keys":["1","2"]},{"key_piece":"0x15ca3694b6e2ac17","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 07 Jul 2024 22:35:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389026101866559808", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=17, mss=1297, tbw=3301, tp=-1, tpl=-1, uplat=173, ullat=0
pragma
no-cache
x-fb-debug
71IwiPSr68KTrslzomDKGliB9s9HaFPMPpeDhBLSLPFvn3WzhI4ShtY4uGU+lIAtCwTpI0Cll5mk+HeHd4KFAQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389026101866559808"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1094441194305104&ev=feedSubmitted&dl=https%3A%2F%2Fcrezu.co&rl=&if=false&ts=1720391703757&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4124&fbp=fb.1.1720391703754.31949112403791309&pm=1&hrl=75f5d2&ler=empty&cdl=API_unavailable&it=1720391703364&coo=false&cs_cc=1&cas=6874455692594486%2C3977903438969885%2C3908545219208375%2C5768870616461321%2C3925232114155101%2C3535800326498631&rqm=GET
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=2858, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 07 Jul 2024 22:35:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1094441194305104&ev=feedSubmitted&dl=https%3A%2F%2Fcrezu.co&rl=&if=false&ts=1720391703757&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4124&fbp=fb.1.1720391703754.31949112403791309&pm=1&hrl=75f5d2&ler=empty&cdl=API_unavailable&it=1720391703364&coo=false&cs_cc=1&cas=6874455692594486%2C3977903438969885%2C3908545219208375%2C5768870616461321%2C3925232114155101%2C3535800326498631&rqm=FGET
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x257beeacc0e4daa1","source_keys":["1","2"]},{"key_piece":"0x142070ae66f7128e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 07 Jul 2024 22:35:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389026101354651275", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=17, mss=1297, tbw=3301, tp=-1, tpl=-1, uplat=173, ullat=0
pragma
no-cache
x-fb-debug
9H+hzfsVY6ovRSa0cEnFI2HdXM9fy4sIUcIIQ1ruDNWdN8gtKpTp2bktswaEpEbk4kOSTWsNiBe+qBnYH9sp6A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389026101354651275"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
AGSKWxWl886rbN08Xon7VBdq-KCo7AM6IXx5DeJN19Kttjym85Nd3N0eynEwJA9qbuRDyKiP0CZ93Gly0S6YgNUY5vTmlQvkeH-pkswmmIzN2rYGBW2OulvOGPReNUP-m10GPwwq-UDlag==
fundingchoicesmessages.google.com/f/ 		414 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWl886rbN08Xon7VBdq-KCo7AM6IXx5DeJN19Kttjym85Nd3N0eynEwJA9qbuRDyKiP0CZ93Gly0S6YgNUY5vTmlQvkeH-pkswmmIzN2rYGBW2OulvOGPReNUP-m10GPwwq-UDlag==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwMzkxNzAzLDg2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jcmV6dS5jby9sYW5kaW5nL29mZmVycy8iLG51bGwsW1s4LCJLcHdXOEJUNXhDSSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsyMiwiZmFsc2UiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyrnTC3hXUIb3fvi6z2pjrkFxZp4Q/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73159deb9408bfa9cbddc3cb52fafa0e27ef39194188ca12113fddf75b7ca9ef
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-X2cGp52LMNamXj3bwGu5kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-X2cGp52LMNamXj3bwGu5kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgFuLhmL5hzRY2gQ1_Wo8zK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBsY6hmYxxcYAADvATnN"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.KpwW8BT5xCI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyEaRdbKr0jWeawhCGDFz9sw2N29g/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26b9e3e98b9415b99775a736fa1a3af32402746c2bf7746411bea496c44e4b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jul 2024 22:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jul 2024 22:35:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jul 2024 22:35:04 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/
Origin
https://crezu.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:09:26 GMT
x-content-type-options
nosniff
age
260738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 22:09:26 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: crezu.co
URL: https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/
Origin
https://crezu.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 18:40:54 GMT
x-content-type-options
nosniff
age
273250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 18:40:54 GMT
AGSKWxXKasDIDDrre-W2aX_wijA3JeL7rE6ab3FkKEh456L8papwlZuvIbkh3Bk4Oc2Y-YMk5HQ_KXnqCj6kN6-qtfbIfQW2c4WizuRyKpAeI5CEvb3exZeUsgCNdM9buymuZlTBRLwxmw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXKasDIDDrre-W2aX_wijA3JeL7rE6ab3FkKEh456L8papwlZuvIbkh3Bk4Oc2Y-YMk5HQ_KXnqCj6kN6-qtfbIfQW2c4WizuRyKpAeI5CEvb3exZeUsgCNdM9buymuZlTBRLwxmw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyrnTC3hXUIb3fvi6z2pjrkFxZp4Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Rz_shqaTzOP0FKkDsF0k8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 07 Jul 2024 22:35:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Rz_shqaTzOP0FKkDsF0k8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzTFjw5otbAIvni1RVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBuYGhnoG5vEFBgAiKitd"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://crezu.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXKasDIDDrre-W2aX_wijA3JeL7rE6ab3FkKEh456L8papwlZuvIbkh3Bk4Oc2Y-YMk5HQ_KXnqCj6kN6-qtfbIfQW2c4WizuRyKpAeI5CEvb3exZeUsgCNdM9buymuZlTBRLwxmw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXKasDIDDrre-W2aX_wijA3JeL7rE6ab3FkKEh456L8papwlZuvIbkh3Bk4Oc2Y-YMk5HQ_KXnqCj6kN6-qtfbIfQW2c4WizuRyKpAeI5CEvb3exZeUsgCNdM9buymuZlTBRLwxmw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyrnTC3hXUIb3fvi6z2pjrkFxZp4Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Uljz448VfM6Zw1wb1hfB1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 07 Jul 2024 22:35:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-Uljz448VfM6Zw1wb1hfB1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzTFjw5otbAINW9YYKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTA3MDQz0D8_gCAwD86Crc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://crezu.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.svg
crezu.co/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://crezu.co/favicon.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.243.240 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.243.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
43fc1d979121cfcf568156ceec4833949c7131a238fb8b2d43a461aeac8f6328

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 22:35:04 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 13:39:31 GMT
server
nginx
etag
W/"66057313-629"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
expires
Mon, 07 Jul 2025 22:35:04 GMT
/
up.clickiocdn.com/utr/logst_st/c2lkPX4yMzAwNDUmYWN0PTM2MGx+Y21uMzYwfnB2fnNfY2RuXzEmdXJsPX5jcmV6dS5jbyZ2Y250PTQmX2Y9X19seEdfXy50bXAubG9nc3RfMnVicmFkeXFsY3NlYjUwMg/ 		38 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/utr/logst_st/c2lkPX4yMzAwNDUmYWN0PTM2MGx+Y21uMzYwfnB2fnNfY2RuXzEmdXJsPX5jcmV6dS5jbyZ2Y250PTQmX2Y9X19seEdfXy50bXAubG9nc3RfMnVicmFkeXFsY3NlYjUwMg/
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230045/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
d51f9a946ae648aa7f2ab9be76d48d6d16fa434916e58866e3a1faaf08e9870f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 07 Jul 2024 22:35:05 GMT
cache-control
no-cache
content-encoding
gzip
iseu
eu
server
nginx/1.20.1
content-type
application/javascript; charset=utf-8
/
up.clickiocdn.com/utr/logst_sa/c2FpZD03MDUzNzl+NzA1Mzc4fjcwNTM3N343MDUzNzZ+NzA1MzgzfjcwNTM4Mn43MDUzODF+NzA1MzgwfjcwNTM4N343MDUzODZ+NzE0ODYxfjcxNDg2MH43MTQ4Njd+NzE0ODY2fjcwNzY2MH4tfjcwNTM5MH43MDUzOD... 		38 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/utr/logst_sa/c2FpZD03MDUzNzl+NzA1Mzc4fjcwNTM3N343MDUzNzZ+NzA1MzgzfjcwNTM4Mn43MDUzODF+NzA1MzgwfjcwNTM4N343MDUzODZ+NzE0ODYxfjcxNDg2MH43MTQ4Njd+NzE0ODY2fjcwNzY2MH4tfjcwNTM5MH43MDUzODh+NzA3NjYwfi1+NzA1Mzg1fjcwNzY2MCZzc2lkPX4xJmFjdD1kZXZfdGFyZ19yZW1+LX4tfi1+LX4tfi1+LX4tfi1+LX4tfi1+LX5oc19jYl9oZG5+cnRyX3Zhcl9jaHNufi1+LX5ydHJfdmFyX2luc3RhbGx+c2xvdF9pbl9wZ350Z2xfc18wfnRnbF9zXzFfZGZwJnBsdGY9fjAmdXJsPX5jcmV6dS5jbyZ2Y250PTIyJl9mPV9fbHhHX18udG1wLmxvZ3N0X3Z2c3R0bTN3ZzAxMTZnczQ/
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230045/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
0d512ddcb052ac08447d959f427eee128770628c7a4a585300194e2c73ea9be5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 07 Jul 2024 22:35:05 GMT
cache-control
no-cache
content-encoding
gzip
iseu
eu
server
nginx/1.20.1
content-type
application/javascript; charset=utf-8
/
up.clickiocdn.com/utr/scmps2/ 		42 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://up.clickiocdn.com/utr/scmps2/?rt=170658095&cmp=300&api=2&tcfv=4&tcfvlv=-1&sid=230045&req=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://crezu.co/landing/offers/?sub1=449df2520c5049dca9804a849ed667ce&sub2=mx-sms-welcome-returning2&sub3=sl-crm&sub4=0&sub5&sub6=10&sub7&sub8&sub9
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 07 Jul 2024 22:35:06 GMT
cache-control
no-cache
iseu
eu
server
nginx/1.20.1
content-length
42
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage object| __NUXT__ object| webpackJsonp function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| __NUXT_JSONP__ object| __NUXT_JSONP_CACHE__ function| __NUXT_IMPORT__ object| $nuxt object| globalVariables string| customFeedVersion object| CrezuCommon object| webpackChunkCrezuCommon object| sbjs object| dataLayer function| fbq function| _fbq object| globalConfig object| adsbygoogle boolean| __VUE__ object| google_tag_manager object| google_tag_data function| gtag object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_rum_task_id_counter object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| __lxG__ object| __lxGr__ object| __ClickioDataInsights__ object| __lxGc__ object| __lxGp__ object| __lxG230045__ object| pbjs object| lxpbjsdfp function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| N2QyYmIyZmZkNWNlZDE1M2xvYWRlcl9qcw== string| N2QyYmIyZmZkNWNlZDE1M2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

17 Cookies

Domain/Path Name / Value
track.crezu.net/ Name: afclick
Value: 668b1815f859e700013545e0
track.crezu.net/ Name: afoffers
Value: {"250":1720391701}
crezu.co/ Name: i18n_redirected
Value: CO
.crezu.co/ Name: sbjs_migrations
Value: 1418474375998%3D1
.crezu.co/ Name: sbjs_current_add
Value: fd%3D2024-07-08%2000%3A35%3A03%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D449df2520c5049dca9804a849ed667ce%26sub2%3Dmx-sms-welcome-returning2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D10%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29
.crezu.co/ Name: sbjs_first_add
Value: fd%3D2024-07-08%2000%3A35%3A03%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D449df2520c5049dca9804a849ed667ce%26sub2%3Dmx-sms-welcome-returning2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D10%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29
.crezu.co/ Name: sbjs_current
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.crezu.co/ Name: sbjs_first
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.crezu.co/ Name: sbjs_udata
Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F126.0.0.0%20Safari%2F537.36
.crezu.co/ Name: sbjs_session
Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.co%2Flanding%2Foffers%2F%3Fsub1%3D449df2520c5049dca9804a849ed667ce%26sub2%3Dmx-sms-welcome-returning2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D10%26sub7%26sub8%26sub9
crezu.co/ Name: landingOffersVisit
Value: {"sub1":"449df2520c5049dca9804a849ed667ce","sub2":"mx-sms-welcome-returning2"}
.crezu.co/ Name: _gcl_au
Value: 1.1.1541635461.1720391703
crezu.co/ Name: uuidv4
Value: d744c3e1-49e9-4256-a283-4153e1ddbbe3
.crezu.co/ Name: _ga
Value: GA1.1.1861972116.1720391704
.crezu.co/ Name: _ga_6PKQXGNQ6L
Value: GS1.1.1720391703.1.0.1720391703.60.0.0
.region1.google-analytics.com/ Name: ar_debug
Value: 1
.crezu.co/ Name: _fbp
Value: fb.1.1720391703754.31949112403791309

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.crezu.net
connect.facebook.net
crezu.co
cru.si
events.crezu.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
s.clickiocdn.com
securepubads.g.doubleclick.net
sl.crezu.net
stats.g.doubleclick.net
track.crezu.net
up.clickiocdn.com
workers.crezu.net
www.facebook.com
www.google.de
www.googletagmanager.com
142.250.186.34
142.250.186.67
172.67.195.127
2001:4860:4802:34::36
216.58.206.46
216.58.206.66
2a00:1450:4001:81c::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.77.94.206
34.90.46.36
35.201.243.240
35.201.76.189
35.240.92.105
35.241.222.91
95.211.66.35
0c5765d6e2e88d3c7fafa9ceaa8a7625cc57fb5439a8588fc88182606aebd090
0d37e384f67828f7c4a81baf644db2a01e75abcae84b3c3f07e50a320ea9ee08
0d512ddcb052ac08447d959f427eee128770628c7a4a585300194e2c73ea9be5
113fd08a3eeb8380ed202b4daa6d718c0bbe20dc142f6c44b1a5875137e2bdf5
14aa535cd0e09c90fa57d980795fe26f1c51e6b2ff6cc35602215c3752bb9cb7
1ae0cac8b98ba591e3bcea3831da2502f28b4786ccfd4f0f15adc11d1920f33a
1c0d9b7cc5a9606713b45c417a6d4e64af28f676e800ed6c0485847a8199e11a
26b9e3e98b9415b99775a736fa1a3af32402746c2bf7746411bea496c44e4b80
34029ea1f503d58569747a868beafc921e16e63c3a471b5e64b3b27e63fbae82
340a8da2eb5ff096a98629ba58a12e2410d3e02de9cd28f0e9aee200616c6b0a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
412238f13c146aa1cf896a5c4ff3ded3b36557304159c7c0fbde0c4223fa3a55
417b3b97c7ed473e6acc366b59732c163aa72cb607b268a0f52bee42a0cf9ecc
41d7e51c56b85860203a48a9a6520ab76f7e31b17234f13e246bc7cd6638da24
43fc1d979121cfcf568156ceec4833949c7131a238fb8b2d43a461aeac8f6328
4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5
47b9756cbd7905fd47884f5826711c78c9b2aa4af28bd4112bbc3178381e9bdc
51f5137764d05d9d9f27a561d18fedf0f7f62655ca8f6e89979a64c8bae43c15
52cac7af4a964ce7e5233c4877496d933a13cb01ccfb9a912968b0ce2bf9da38
571ed023479fe949f6ae02c7d968d6ed8f56a47a6a69924c3224ce7cb6e36d8c
573296ed09fbf0460be6a537377ed7496a46b1db9866dca98e4193f8fadb4497
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
680d93c88ad7d4496cba8aaf054c82c32292a2381d09f5f5bcc311f66a338c3b
6ee7daaefe466454ccb3c20a7840ac8dcda7e9b85e08622e43d60f37975ab5ab
73159deb9408bfa9cbddc3cb52fafa0e27ef39194188ca12113fddf75b7ca9ef
78411d780b71236e4aa7279351b4928101c30d8046252bc4d47c230b751fe9a2
795e9296127f8af8539628cdeb99fa3914e14723b66ae6406e47f694b35b8c52
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
86e66d26f90dda8f96a37ca48d6ee3f42f2cb78cdf187a316b2a9b46a61dd346
8da9f9b4db8b3fa334f01447a4ec6d48f74ce0d177edeecdfb19cf01cab81dc4
8e9f4a07773d7565c8ddb3a06a6b6053ef0e55a9787bc760ca55ff4a3facf16c
91026b89d5de375a872deb6ba9f600d2936ed20d386ed5c0057faf9ce1c2bb7f
9114c9e72dcc0a0ae389b8726e48398805876c2004493c4b40ba2b65064108b1
92e2bbe1916bbbebf7f98ed74817d02f571744e0f78658bdeedcb60cea31013b
95b713a5b39d1a830b8aed33df8e1182d934f483ace6a99321e39c2a28c9985a
97647db9d93ccfbf11aa203efe27970a765b194fd7e3ea471a0c16bdd81efd97
97dc9f32f48db94b04fae1c248ca7272e4dac3e70b2ed5f4be3fae96517e7229
9b2dff9f012f6e3ea179f9d8eb13971a5e6b047320fd1cc82f0d7c39c80b5c97
a396ad25212fafa84dda5f1b43bf28bd1eec26af6c1655f3325ca123de01553b
a78993e0a66057d523122f4fcecbb681c566e5281ef2897a3d9939498705566e
a7ef29d3fc71e75ad570a2faaa78d65cf17d29c8bffc019145d1d9599e01265d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad3475c7f4d70164e0c35e41f5e0af761328897f7a9f374759623ee496dbd65d
b3bfb6b13177d20562f631e4706922f315cbcee77cf14007acfaafd972dc9d28
be9e8b9da82aeba33d69082e5cff466defef2519a2ddb42f35e95602b34da1bd
becbc360fea8ef973bb32aa2a160d8c64ed6cb5063977a753b1978260d54f48a
bf0042bfd4ea33fcc68e1a1a1524bc81a3ff8f5f485ef7f75e24b8f5781cdc2f
bfbd21cbaa8f08778b0258014c39580b1642f725a3817237a6f7f2bd925b84eb
bfc7a1da5c2714823dee19b0fd62f3f693842f77605e4db715378399c7efe0ef
c2e32670e6899b0899b4043f26d83f47be0f742984fcf20ac5a1d2e30a811668
c4f2c1c0b7a65aa1941a12c6659554c6c795c4e04d858559aecab497bda0ffd9
c7ecf5bdab9a0bf138e0d6b416f1096d52a32fb31b398f7d208e07ee306aefb1
cec96507a10dec531a8e7d9f0dbb0487803f70ed936a21cca248f4904eb8f233
d51f9a946ae648aa7f2ab9be76d48d6d16fa434916e58866e3a1faaf08e9870f
d73c593b6ec4c7acd8f215c99596131f72563365acff92a56030617e2df42b35
db29a6ee4ab550b07b1dc5985f4bd04443d670421069ab6ba8d82e2b6e723ddb
df3441e4b7d86d84098fa9e2e6b12700308df977d1e5a323eebfdf8c53ce12c9
dfb53632e77e80d8978b888dc374925ef7448628f507ca7dad75724b01028f39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb049667ff6de4b3e87f1fcc6c0e862bdb94c1d76f59f19f2017d2b63dd17b09
ed91f48e55c5074e1e2579f9bc425876fb6c1a55288a6a1c25870db90aa8eddf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6bea67163ff3b8cd138a3f036050cab807709d88b22cb45f0467c99217bab97
fabf53662815fc23f5049b05af5bd62ecf8ea160e559c20c855ea5ec2e9e2545
fbc0b494d27e5eba4ada41f333549bc92f621e6cda76586416a0fcb1ec802900