detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 04 Apr 2023 17:15:56 GMT
Content-Type: text/plain
Age: 13992
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
crz.su/uShedOtJ
35.187.173.18301 Moved Permanently 194 B IP 35.187.173.18:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ec0f2d6d8da7997a10f72a2537729e59
d6b8ca36f266d92775f5b757e65b8c10c747c30a
95e1144ae5faba1d6ea1ac58b29b1e8d0399125e4dbc6a17d50d0bf5cf3bdcf8
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /uShedOtJ HTTP/1.1
Host: crz.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 04 Apr 2023 21:09:09 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://crz.su/uShedOtJ
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a4074549843769a3da3f055bcb5a78ff
f99062d34cf71bda6a9c64061fb9e61008f94021
895e3801806f031611a25bec5652cc1a46dfa76ea6784f5064d859c1a5b9ddf7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "895E3801806F031611A25BEC5652CC1A46DFA76EA6784F5064D859C1A5B9DDF7"
Last-Modified: Tue, 04 Apr 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4771
Expires: Tue, 04 Apr 2023 22:28:40 GMT
Date: Tue, 04 Apr 2023 21:09:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b045bfd45e608ddca42970ea190f8ee1
d8c67bd526d0dbcb6a358d2f64a9e890b2d60fcd
509863d8a0a02f95501ef647f11e9a46c18234e2e7c6e790b405c33105d9067e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "509863D8A0A02F95501EF647F11E9A46C18234E2E7C6E790B405C33105D9067E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8169
Expires: Tue, 04 Apr 2023 23:25:18 GMT
Date: Tue, 04 Apr 2023 21:09:09 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 44 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e9ad0f2984d865f42b5bcbe08ec16cc2
62b7c1c44625229ef3c155f77adac45952b702c1
9d30debc2e8aa0aab644ea9cfe924c072bcbecc272257a4b027809ac2e3798a4
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: BXlOOoKSADrN23SnPEqvnWaBmPGuAZRhkfxm5vq2TqSoKWCpyowOwQ==
content-encoding: gzip
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 20:56:26 GMT
age: 796
content-type: application/json
vary: Accept-Encoding
content-length: 43464
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 903ed2d58f1f33d069b70c4b53f1cb1f
0ef89cd6eb79a2ddd74434f9233cf486fffc1142
d8c984b50f04fcdb1ebc99d982502d85193302c85239ee7497666247edfc0061
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C984B50F04FCDB1EBC99D982502D85193302C85239EE7497666247EDFC0061"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8344
Expires: Tue, 04 Apr 2023 23:28:13 GMT
Date: Tue, 04 Apr 2023 21:09:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rL0fpqa0vY8E1KDWuSBdWO3qv5c+MfdaRLY54GTahYxo3E4eFPXQT4gRS0i+VlLlEDolI877Iw0=
x-amz-request-id: JH45BD520JYS7SM5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 20:10:07 GMT
age: 3542
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e50dac5108a698d61ca49516033d1a20
53d243b89fc00deb9bfae07351bbe36ddb7c1df3
e9e0ad98c485b56fe65ea0a8bc4974fff3f804fcf2d8f6266ada9acd27c7b7cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9E0AD98C485B56FE65EA0A8BC4974FFF3F804FCF2D8F6266ADA9ACD27C7B7CC"
Last-Modified: Tue, 04 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18787
Expires: Wed, 05 Apr 2023 02:22:16 GMT
Date: Tue, 04 Apr 2023 21:09:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Alert, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 20:28:45 GMT
content-type: application/json
age: 2424
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:09 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76167f970d0cbaab029db6c5f1769444
03b67e77779946527cc316189b961863baf4c6fd
74e33dd620b5addf4c5cf775207b6d0c71363167e0f3f7a73d54079aea0d2a1d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "74E33DD620B5ADDF4C5CF775207B6D0C71363167E0F3F7A73D54079AEA0D2A1D"
Last-Modified: Mon, 03 Apr 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10792
Expires: Wed, 05 Apr 2023 00:09:01 GMT
Date: Tue, 04 Apr 2023 21:09:09 GMT
Connection: keep-alive
crz.su/uShedOtJ
35.187.173.18302 Found 10 B IP 35.187.173.18:0
File type ASCII text, with no line terminators
Hash a8e03540dce77ac5043211d114328eb8
d7ddfe518c491af3a0dc594fa6890ae3dbd45a7b
2df1e0cd7190e6485b41ba12f0a445a2422a720cc97e6419160206383a481c5c
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /uShedOtJ HTTP/1.1
Host: crz.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 04 Apr 2023 21:09:09 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 10
Connection: keep-alive
Location: https://sl.crezu.mx/crm?sub2=mx-sms-welcome-click-trigger-2&lead_id=3b8c75a3d4714df8b465abd7a55725aa&landing=offers
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1c682b982d1ecaa1d27cb4da560edd95
fa046ceed7b97d3893993b65490b24f718bd1d7a
4faa28c9a8c88aa88a28e8065763938a3cf81e62a244482b280a58e825f5a904
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FAA28C9A8C88AA88A28E8065763938A3CF81E62A244482B280A58E825F5A904"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6093
Expires: Tue, 04 Apr 2023 22:50:42 GMT
Date: Tue, 04 Apr 2023 21:09:09 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash eb19a04e48a5bf17f99de5edf0ad9b1f
f1a6b50466d9eea160ce9dcc1d128af338eb93f2
98e50e875dd921ebef4b7c155fca49135af3fc7271e8051fb0fa39c4378f4bf6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5345
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:09 GMT
Last-Modified: Tue, 04 Apr 2023 19:40:04 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 217dc23e2adda716704ac4c0db118649
73d82cbad3522233dcc690be30c8e727f3443e18
ef554d82d4bb74d84b331ed08b1a30856ea131dce7b9c976c70c57af902d8293
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF554D82D4BB74D84B331ED08B1A30856EA131DCE7B9C976C70C57AF902D8293"
Last-Modified: Mon, 03 Apr 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Wed, 05 Apr 2023 03:09:07 GMT
Date: Tue, 04 Apr 2023 21:09:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, ETag, Cache-Control, Expires, Backoff, Last-Modified, Pragma, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 04 Apr 2023 20:17:29 GMT
age: 3101
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
sl.crezu.mx/crm?sub2=mx-sms-welcome-click-trigger-2&lead_id=3b8c75a3d4714df8b465abd7a55725aa&landing=offers
35.241.222.91302 Found 10 B URL HTTP/1.1 sl.crezu.mx/crm?sub2=mx-sms-welcome-click-trigger-2&lead_id=3b8c75a3d4714df8b465abd7a55725aa&landing=offers
IP 35.241.222.91:0
File type ASCII text, with no line terminators
Hash a8e03540dce77ac5043211d114328eb8
d7ddfe518c491af3a0dc594fa6890ae3dbd45a7b
2df1e0cd7190e6485b41ba12f0a445a2422a720cc97e6419160206383a481c5c
GET /crm?sub2=mx-sms-welcome-click-trigger-2&lead_id=3b8c75a3d4714df8b465abd7a55725aa&landing=offers HTTP/1.1
Host: sl.crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 04 Apr 2023 21:09:10 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 10
Connection: keep-alive
Location: https://track.crezu.net/click?offer_id=216&sub1=3b8c75a3d4714df8b465abd7a55725aa&pid=2&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub6=833&sub4=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3HsZgN3b6WTGaOUpb2TLKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CvWfgWf0Ox5aUZRuzoX+TBSz38M=
Date: Tue, 04 Apr 2023 21:09:09 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
35.83.144.93200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 35.83.144.93:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 04 Apr 2023 21:09:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1e2b49923e5fbecaef2b0939c7705bcc
7cff6de843d0aaf4ee4b556b0c269c7ed569ef79
c2a37e91dbc35c41fd6866a7febefa61bbb0131deb770ce6f7e09d8b08d47607
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 21:09:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 04 Apr 2023 16:31:46 GMT
Expires: Tue, 11 Apr 2023 16:31:45 GMT
Etag: "7cff6de843d0aaf4ee4b556b0c269c7ed569ef79"
Cache-Control: max-age=587554,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b2c87e26e04b524-OSL
track.crezu.net/click?offer_id=216&sub1=3b8c75a3d4714df8b465abd7a55725aa&pid=2&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub6=833&sub4=0
34.90.46.36302 Found 0 B URL HTTP/2 track.crezu.net/click?offer_id=216&sub1=3b8c75a3d4714df8b465abd7a55725aa&pid=2&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub6=833&sub4=0
IP 34.90.46.36:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?offer_id=216&sub1=3b8c75a3d4714df8b465abd7a55725aa&pid=2&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub6=833&sub4=0 HTTP/1.1
Host: track.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Tue, 04 Apr 2023 21:09:10 GMT
content-length: 0
location: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=642c91f6a134710001b8c8ed; expires=Wed, 03 Apr 2024 21:09:10 GMT; secure; SameSite=None
afoffers={"216":1680642550}; expires=Wed, 03 Apr 2024 21:09:10 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221680641833309%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221680641833309%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (22067), with no line terminators
Hash 9443962df7e6585c7549420dd60cc9eb
d56c47278d5137c68a5ed11957e613bbb5ef09bc
5e08ea32b59f98beb11520ddc771494637db489e028e357feb71f7a974b87c14
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221680641833309%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Alert, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22067
via: 1.1 google
date: Tue, 04 Apr 2023 21:01:56 GMT
last-modified: Tue, 04 Apr 2023 20:57:13 GMT
content-type: application/json
age: 434
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1680018554787&_since=%221643818378440%22
35.241.9.150200 OK 10 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1680018554787&_since=%221643818378440%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (10095), with no line terminators
Hash ac3223d11626c68bd3701c1214318f62
832f3d65842dbc4562a41ff06d247d896b8af069
975286b5e11399aa1d15a14e5e8080342ee7e0caaf6477303e20c0daaa52184a
GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1680018554787&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 10095
via: 1.1 google
date: Tue, 04 Apr 2023 20:29:59 GMT
age: 2351
last-modified: Tue, 04 Apr 2023 16:36:42 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 95f61d351f5fc9533cc78e255ce9bc06
fba284117f347782ac23c51d141d7e3ec15a867e
7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3
GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: YJDZBrXQeK2IoXWSSBcI2RmQNxixNEJC3FG67SJdmTPDC2RLee3kNDYGzeYhjQdHFm8xvSG0Ock9O7hDLdY7+g==
x-amz-request-id: 19P0WW9ZGQTEBJXV
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 20:53:17 GMT
age: 953
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1680201445669&_since=%221666204638208%22
35.241.9.150200 OK 49 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1680201445669&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (48988), with no line terminators
Hash 6b4cb6acccb2e110978175dd713538d9
fdc93e3ac37e90c0206a5d58ab241f05f1367d2e
ad955db5572d6dcee5dc2add8aab401a939b1d1631da31439a6464de13d2e985
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1680201445669&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 48988
via: 1.1 google
date: Tue, 04 Apr 2023 20:21:01 GMT
age: 2889
last-modified: Thu, 30 Mar 2023 18:37:25 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: aaXwyns433HdVfnk6K11+Gz53Jirg9h26BAJ4pq9/LF7lfPlnewQ++zc7yoFmbth7UyyQGkGC88=
x-amz-request-id: JY4NYS4W3K7KDCX7
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 20:14:00 GMT
age: 3310
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Alert, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 20:28:45 GMT
content-type: application/json
age: 2425
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd0537f750b6097c6b9ff596a1ead45c
5df3cf46badd94cebc7e42ffca1d3a0f2a94a30a
66b8a546733a1f068f2af6d5a688f92fee2a4bce3cd2d954d1c8d13990c90040
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66B8A546733A1F068F2AF6D5A688F92FEE2A4BCE3CD2D954D1C8D13990C90040"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10807
Expires: Wed, 05 Apr 2023 00:09:17 GMT
Date: Tue, 04 Apr 2023 21:09:10 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e1fc33769cea4b364e15cf3894a40717
bdfdd0d4da999edb1507686d13890fb3565695dd
4be0605cbb1092d31a905a4c6a9aad09e0112c4c34edeb7cca345f1dcb8fd1c3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 21:09:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 01 Apr 2023 21:10:56 GMT
Expires: Sat, 08 Apr 2023 21:10:55 GMT
Etag: "bdfdd0d4da999edb1507686d13890fb3565695dd"
Cache-Control: max-age=345104,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b2c87e58a64b524-OSL
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Wd2+EBlY7PBxlmtHxPIPsT5pgsjRxQQDDrKBdsbm9nqP99VGZ6s6OP4YbL2uB8aaiX/H2WEfVy0=
x-amz-request-id: XFCVPTEAB3J62XPY
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Thu, 30 Mar 2023 11:49:24 GMT
age: 465586
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1680628217598&_since=%221666279968541%22
35.241.9.150200 OK 66 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1680628217598&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 83bb9adfd7c134d90fe07da9b905e213
42835683f32ebab79f5377cbe05d2d96656b6336
3a7c85cff19fef25b78d44dae5cfae6c9383354a6e21a1141b201bc8329b002c
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1680628217598&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 65552
via: 1.1 google
date: Tue, 04 Apr 2023 20:27:38 GMT
age: 2492
last-modified: Tue, 04 Apr 2023 17:10:17 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1680566473665&_since=%221666483264567%22
35.241.9.150200 OK 64 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1680566473665&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (64284), with no line terminators
Hash cc58a1e1727f6f030961941840d3f441
72c505cc5de8a838df113679f4262f67446e5732
71966356f1ecb1c0dda22def0fc2885f60ba86152bc0a643ac88fcc8d10d6452
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1680566473665&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Alert, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 64284
via: 1.1 google
date: Tue, 04 Apr 2023 20:27:38 GMT
age: 2492
last-modified: Tue, 04 Apr 2023 00:01:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 4bb1b4fc8c2869ca65fb998686896d37
cf12db870d3310470b02271d9874ddcc6b3e7c99
f1654281b2b55768524562e0c0cbfc737c0a4945883d068a4cb74b90bd4d2e76
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, ETag, Cache-Control, Expires, Backoff, Last-Modified, Pragma, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Tue, 04 Apr 2023 20:17:35 GMT
age: 3096
last-modified: Sat, 01 Apr 2023 16:36:58 GMT
etag: "1680367018198"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1251), with no line terminators
Hash ac95e17144874629483055652a59b3ab
094cf663f568dd24b674a8513dcacb33c81ec96d
48ee07390b28f4ed2b1c63c8afe6aa0fe0e215e728638eadbfca56c6080f20b7
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1251
via: 1.1 google
date: Tue, 04 Apr 2023 20:53:52 GMT
age: 919
last-modified: Sat, 01 Apr 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 04 Apr 2023 17:15:56 GMT
Content-Type: text/plain
Age: 13995
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators
Hash 692068c33d657bcf4dbc680d834040ff
5ab0860fe1180e65c001a23fe02634f98c9d20c8
397dfc50f368fa2225253fdeba566035edd4e3635f68b5cc016ad45d68bd5925
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1742
via: 1.1 google
date: Tue, 04 Apr 2023 20:59:16 GMT
age: 595
last-modified: Sat, 01 Apr 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
35.241.9.150200 OK 2.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators
Hash d0f04fce6ffc2367533a886eab81e9f7
c2cc77e327af6d0792559d50bc25d29d0b625309
0916e36b6bace74e4de43ed96dc6721b2cf559b8072e8dcca83f623a88abc52b
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2387
via: 1.1 google
date: Tue, 04 Apr 2023 20:35:51 GMT
age: 2000
last-modified: Sat, 01 Apr 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1680364263540&_since=%221662044085942%22
35.241.9.150200 OK 8.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1680364263540&_since=%221662044085942%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (7961), with no line terminators
Hash 7b8bb32dc8b9c816dca22028e869675e
08d3cd2217299d9d37061fe91f7f12f0be3df84a
5179456d49be8bd7246542e96c4350bf315b25cc2521f0f8d4de8fcd8074e490
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1680364263540&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 7961
via: 1.1 google
date: Tue, 04 Apr 2023 20:12:26 GMT
age: 3405
last-modified: Sat, 01 Apr 2023 15:51:03 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1504), with no line terminators
Hash 50de80e2b05f38f82d229a41cc6487cb
3dab6bdb97a119f4ad78d632b7e8d55f14fc1cf9
910aa8bbfa4adbf92a8ca304d07270c82be4bd6afa6bece6649e83b36b6a751f
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1504
via: 1.1 google
date: Tue, 04 Apr 2023 20:41:01 GMT
age: 1690
last-modified: Fri, 31 Mar 2023 16:36:48 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash d78c9933e50dcdfd12baf5e6451b4af0
9ff71e4d53bafa1eb83ec7ae7db8f7e28d4f4a63
d52bc0f54df87b008e7e919bd154e6d03d4eb70f7dcd59020752707b6bb70af9
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Alert, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Tue, 04 Apr 2023 20:51:29 GMT
age: 1062
last-modified: Fri, 31 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22
35.241.9.150200 OK 772 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (772), with no line terminators
Hash 1d339048d51d4c3d091251a61c1cc8e9
c83e25ec971b92afd798da972f5f5340383c7e7e
a10e0e82cabc6e4500512889799e17c6cacbc80838c8dbc1ce928fe89d1bb144
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 772
via: 1.1 google
date: Tue, 04 Apr 2023 20:38:49 GMT
age: 1822
last-modified: Fri, 31 Mar 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
35.241.9.150200 OK 25 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (25354), with no line terminators
Hash 1904d8293b5f2c002df47873f23e827b
3ad77fb86caaf84886bcd6a811e39c918ba39a34
7600832994dcc92fd44775fed282ca3fdf7baf4333d4ad8310ad0b50d5e010ce
GET /v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 25354
via: 1.1 google
date: Tue, 04 Apr 2023 20:08:13 GMT
age: 3658
last-modified: Thu, 30 Mar 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
35.241.9.150200 OK 1.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1646), with no line terminators
Hash 0530a1e9082b795cd4fd4c2b8bd25d70
3f0229439b1d96f80fcb6ab6b77a25feaa8775e9
84fac3b241036cfdcf0f5ded9e9a46d2b49eba4344b3db83755f7268ee21f553
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Alert, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1646
via: 1.1 google
date: Tue, 04 Apr 2023 20:13:44 GMT
age: 3327
last-modified: Tue, 28 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14737
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 21:09:11 GMT
Connection: keep-alive
crezu.mx/_nuxt/3ed99a8.modern.js
34.94.124.239200 OK 2.5 kB URL HTTP/2 crezu.mx/_nuxt/3ed99a8.modern.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 76791052739b310674a3d499cd59847e
1612a80a4336ab614b193f6e03024538a9401944
157533c2b2037789472257fcbd950fd15f678ab82832f9b9b158b170dacd1333
GET /_nuxt/3ed99a8.modern.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
vary: Accept-Encoding
etag: W/"64233a43-1b92"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14737
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 21:09:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fde7605b95c3ac6b8de339dbd12e17b1
b44d521b31be7b3fe378a0e070c49379a6eab26e
5496cf7c705ccc67dd13f86a07d9a352424d58591aa67afe1e1361c640f8d510
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6803
x-amzn-requestid: 6c78179f-0d11-4a23-8e86-e4f05d7c7f90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fq3HrioAMF7ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4645-758850e07ef9b1512b684c35;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:57 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: TvDTtH9ZqXuvomWMYiB8g8N0JKjRrHIXF1SxfCRJfwZS-7pGLAPrVw==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:33:57 GMT
etag: "b44d521b31be7b3fe378a0e070c49379a6eab26e"
content-type: image/jpeg
age: 84914
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
crezu.mx/_nuxt/51c9eb7.modern.js
34.94.124.239200 OK 8.6 kB URL HTTP/2 crezu.mx/_nuxt/51c9eb7.modern.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash bfcc98f49f949c024f26c25643035aae
328ddd36e0f538705736ec1e66558e118cf35bea
667909ed04b3132cf854f5bd950462af7ca177e950341feacd792c563069788a
GET /_nuxt/51c9eb7.modern.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
vary: Accept-Encoding
etag: W/"64233a43-cb9"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 80fcfbf9081b3ede0bbbb18635a9cbf4
037891066a15726bb272a8d74f96abb1520b4fe3
5cf70d8254f20aea5ca12439a4558f459d6bbf162f5e1a0f9b62e79de29d4b29
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6898
x-amzn-requestid: a56b192d-c797-4521-9af4-e3baaa8e6205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frbGsRoAMFjiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-5aeb60706595f7762c545067;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 5PCc80UBjiGObi7QYuzScnsR2Tn7XkH2ihpI5rGlrFTjWr7s74quNQ==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:34:01 GMT
etag: "037891066a15726bb272a8d74f96abb1520b4fe3"
content-type: image/jpeg
age: 84910
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad137bebd56918d96431d867ae123332
8572417b762ea2b1dccc3d4236336456be6be1cf
92a575b8055174a83ac1066e2ff931525760c9b96f3e588077ce0ce24a0a7b46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8658
x-amzn-requestid: 36fb7671-bd9a-43fc-8920-c5948711d560
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CvNkNGjHIAMFsBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6429294d-5e753ae346a583ac5cbb42f4;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sun, 02 Apr 2023 07:05:49 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: fxJD_NxmovXM_HkNkB7sUV_iAGruUAFoEn6P2XqPwcN05EabrxuBtQ==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 07:23:38 GMT
age: 49533
etag: "8572417b762ea2b1dccc3d4236336456be6be1cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 790b71fc2b1faa08db8b4334c9c3f9e3
e1defe547d4ffca2560cd8f25c4f7a92a9ae87b4
eed429169c9d3feb115463d8ead934fa348cdca60aabf0c88d4553ed23575c9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10535
x-amzn-requestid: 8efe600f-9818-4c23-afd3-41c5a4dece2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frbFHSoAMF8HQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-65e8e6fd575fdc91668d6676;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 3eFc64JrVV7kNe1QSEyApxR5PQ0aC-6UWaOI5wUZjIDATg38NAlkcw==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:34:01 GMT
etag: "e1defe547d4ffca2560cd8f25c4f7a92a9ae87b4"
content-type: image/jpeg
age: 84910
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
crezu.mx/_nuxt/52b86be.modern.js
34.94.124.239200 OK 8.6 kB URL HTTP/2 crezu.mx/_nuxt/52b86be.modern.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 43d56d78847acea2ab00f6ef1ee5387b
863e7eeafcf69062c6c4d68660dbeaab8cc0db03
6c7b469f355ad4cbc3fb19c8ab1e5a75be4e6ba00b07a0f1ef218391e919b17e
GET /_nuxt/52b86be.modern.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
vary: Accept-Encoding
etag: W/"64233a43-4077"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
crezu.mx/fonts/SF_Pro_Display/SFProDisplay-Medium.woff2
34.94.124.239200 OK 100 kB URL HTTP/2 crezu.mx/fonts/SF_Pro_Display/SFProDisplay-Medium.woff2
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 99572, version 1.0\012- data
Hash 52ea0d7008516c101595f81d37225889
6730d0f88794957b23d45148e162773485744235
b8da67821e588e3ee5516083d99f1d9907c23a24fcb52dfb3c57cd38924dcef7
GET /fonts/SF_Pro_Display/SFProDisplay-Medium.woff2 HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/octet-stream
content-length: 99572
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
etag: "64233a43-184f4"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.mx/fonts/SF_Pro_Display/SFProDisplay-Bold.woff2
34.94.124.239200 OK 99 kB URL HTTP/2 crezu.mx/fonts/SF_Pro_Display/SFProDisplay-Bold.woff2
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 98712, version 1.0\012- data
Hash 33802914271ef3d489d31399a5c8c3af
cfb1f5ce8dff071fb09c9545a4b72b9465da3fbe
32b6db04338d853de4148e775afcacadfb2d0bd3e8f10192916f6688f34c6005
GET /fonts/SF_Pro_Display/SFProDisplay-Bold.woff2 HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/octet-stream
content-length: 98712
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
etag: "64233a43-18198"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.mx/fonts/SF_Pro_Display/SFProDisplay-Semibold.woff2
34.94.124.239200 OK 100 kB URL HTTP/2 crezu.mx/fonts/SF_Pro_Display/SFProDisplay-Semibold.woff2
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 100384, version 1.0\012- data
Size 100 kB (100384 bytes)
Hash af64ab08547cc18daa32439d1f6c9c05
53abb89948948eceaedb4cd118dc9e0c6d93ed9c
e80a61b2cbc6d6b3b3ed8b50bcd8f6a89f8f5b69460e03f47defe0554c3220d2
GET /fonts/SF_Pro_Display/SFProDisplay-Semibold.woff2 HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/octet-stream
content-length: 100384
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
etag: "64233a43-18820"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
X-Firefox-Spdy: h2
crezu.mx/_nuxt/c009a59.modern.js
34.94.124.239200 OK 5.7 kB URL HTTP/2 crezu.mx/_nuxt/c009a59.modern.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 2ed0ced1ed58d3a5dc77ebbaa5f85e57
e8ca2c3e41e86180471733f6937905970510d253
fb56e3557f5f2c109d4939a1cf62af464b90ba988e0364f62b2a91aed290de0e
GET /_nuxt/c009a59.modern.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:12 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
vary: Accept-Encoding
etag: W/"64233a43-5700"
expires: Wed, 03 Apr 2024 21:09:12 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash fbbafa46b2a2707732818528730624b0
02be8228e2defbf45c7eac47670083109842745b
2ebb3a127431ad5e5d0c400d0075134cf037846aef36f6fe7651a5960c9b24f2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 21:09:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 02 Apr 2023 03:40:18 GMT
Expires: Sun, 09 Apr 2023 03:40:17 GMT
Etag: "02be8228e2defbf45c7eac47670083109842745b"
Cache-Control: max-age=368463,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b2c87f55b9ab517-OSL
cdn.crezu.net/common/dist/common.js
35.201.76.189200 OK 56 kB URL HTTP/2 cdn.crezu.net/common/dist/common.js
IP 35.201.76.189:0
File type Unicode text, UTF-8 text, with very long lines (65462)
Hash 9dcff52828ff88568e37d1ac4c7ab5c9
1c4cd57c52f46d4e69f53859e4c2a4b7b61f317a
efb1e26d82dd7e2ac1c259a9f51847d1b4d30e243f9deb01c80e4129a2f9dcd6
GET /common/dist/common.js HTTP/1.1
Host: cdn.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
content-length: 55682
date: Tue, 04 Apr 2023 15:00:43 GMT
expires: Tue, 11 Apr 2023 15:00:43 GMT
cache-control: max-age=604800,public
age: 22110
last-modified: Wed, 22 Feb 2023 08:54:30 GMT
etag: W/"63f5d846-2d77c"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
crezu.mx/svg/google-play-badge.svg
34.94.124.239200 OK 3.6 kB URL HTTP/2 crezu.mx/svg/google-play-badge.svg
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 875483022e3cc9b9c4dc42bded2232a8
1a09f0ca1f59dc46145c06f21a1093b033ff90ca
c44cee98ce9596cf88ed818f9eda6423e8be1357999adc12ad02f6300c0e0b59
GET /svg/google-play-badge.svg HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: image/svg+xml
last-modified: Tue, 28 Mar 2023 19:04:34 GMT
vary: Accept-Encoding
etag: W/"64233a42-1f38"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2cd3f434a12d198abeaadbfb321bdac2
2720dbf537a719412e035c7682a738878211ba3c
00e6af13b49d9559588217ac936e87aa82a58da0af42fb03df3a8e04f376586e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
crezu.mx/_nuxt/a9a7a47.modern.js
34.94.124.239200 OK 148 kB URL HTTP/2 crezu.mx/_nuxt/a9a7a47.modern.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Size 148 kB (147837 bytes)
Hash e29aa0dbc5efa73bde31c887ce7b40fd
238b361e3c0917bc776ea35affad2e10b4423b10
9994a19dc120133cea1c70b43fd305276ab6d2dfe5d0f125984d319cbbc1ba70
GET /_nuxt/a9a7a47.modern.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
vary: Accept-Encoding
etag: W/"64233a43-7709a"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NPS92WP
142.250.74.40200 OK 56 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NPS92WP
IP 142.250.74.40:0
File type ASCII text, with very long lines (13004)
Hash 608701c4ac99180cf8559f5da4b45a00
c9ae18e20595a1a487edb115bd35372240dff35a
c5269e07d19c3699a44696fff66e41d25fc65e5b71b2ff15bead37547ad552a5
GET /gtm.js?id=GTM-NPS92WP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Apr 2023 21:09:13 GMT
expires: Tue, 04 Apr 2023 21:09:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3ac35c85d7416ec0358c59258de7715
28f91f05fdf3fd4da6895f353d7ef4aea0b0cde4
79fa0cc648b1dd771ee7b7372354fc4fc6e7f169a0e02035a1309208ca5ba49e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FA0CC648B1DD771EE7B7372354FC4FC6E7F169A0E02035A1309208CA5BA49E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7792
Expires: Tue, 04 Apr 2023 23:19:05 GMT
Date: Tue, 04 Apr 2023 21:09:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2cd3f434a12d198abeaadbfb321bdac2
2720dbf537a719412e035c7682a738878211ba3c
00e6af13b49d9559588217ac936e87aa82a58da0af42fb03df3a8e04f376586e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sl.crezu.net/sl-feed?lead_id=3b8c75a3d4714df8b465abd7a55725aa&page=landing-offers&direction=swap&experimental=broker
35.241.222.91200 OK 40 B URL HTTP/1.1 sl.crezu.net/sl-feed?lead_id=3b8c75a3d4714df8b465abd7a55725aa&page=landing-offers&direction=swap&experimental=broker
IP 35.241.222.91:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9421e4ab0d2575b415c4090211f9635f
efd304799962d1501685f7d04d6af73b164cc2a6
8a42e5da13bb9dfb4a52d03e0ef6be9f3f54f53859ba45dd44d056990927f2ea
GET /sl-feed?lead_id=3b8c75a3d4714df8b465abd7a55725aa&page=landing-offers&direction=swap&experimental=broker HTTP/1.1
Host: sl.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crezu.mx
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 04 Apr 2023 21:09:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 40
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
crezu.mx/img/financial-services.webp
34.94.124.239200 OK 259 kB URL HTTP/2 crezu.mx/img/financial-services.webp
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Size 259 kB (258794 bytes)
Hash f3043dcdf66822311d3c26fe32dc634a
2c0c9243b57ed0c64b630983e93486317129f76d
e31ec8a9d31fb0a023002aba3314ae48845ce5d8eb22a148b4975ffd5a7256b2
GET /img/financial-services.webp HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: image/webp
last-modified: Tue, 28 Mar 2023 19:04:34 GMT
vary: Accept-Encoding
etag: W/"64233a42-2acf0"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 48 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (3599)
Hash 455042564f0fb7d545ed91acc3004266
96df087d0e8b12b581df40fedba42640ed914928
f16daf3af3150b958819de715b6f82d27c523500911d49acce9c855bf61623e0
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 Apr 2023 21:09:13 GMT
expires: Tue, 04 Apr 2023 21:09:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 13720999089600131468
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7ac47ef385bc7c524ed803b880454fa3
601c9bf2d242f6d26b2826836dca3bf73dcddbb4
83011803363383f94f0f96505cad7316f969cc42e465ecd2fd077322aa2ec88e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
crezu.mx/_nuxt/9cf2175.modern.js
34.94.124.239200 OK 54 kB URL HTTP/2 crezu.mx/_nuxt/9cf2175.modern.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (64754), with no line terminators
Hash c408855b9d6229911e02d923444fbed6
66419322aa76af3c26a90eaa47f1f4b55c5748e6
5ea34bf97ffb26572a655d94f5cd3b4a30c36499d1dca2b58c4343acd1cf422b
GET /_nuxt/9cf2175.modern.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
vary: Accept-Encoding
etag: W/"64233a43-2e4ef"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 04 Apr 2023 20:05:12 GMT
expires: Tue, 04 Apr 2023 22:05:12 GMT
cache-control: public, max-age=7200
age: 3841
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230330/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230330/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3205)
Hash bad17ab9662318e8927e5009c83c2ad1
53ded630f95abe04b7b77d43076bf71b9ea71c02
68da39270ebfa6d17f4b765cbe004797a736611585ff0c53213d91f78f13c260
GET /pagead/html/r20230330/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4549
x-xss-protection: 0
date: Tue, 04 Apr 2023 15:40:49 GMT
expires: Tue, 18 Apr 2023 15:40:49 GMT
cache-control: public, max-age=1209600
age: 19704
etag: 2378337311435320485
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
95.101.10.128200 OK 66 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21931)
Hash d3166642d0a5f1e237d4bd67bb57deb9
0d128f46a0f9924138ddaf20874a4de4f9698e0e
6abc11c1cf32e64ec6ba834866ca0eb449066a0c845c67bfbe2c0d8f5fb4cdd1
GET /i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Cookie: _ttp=2Nyi7EskozJyMYjwXjUoITyVbSc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202303281506520C28F957835DDF7C735C
x-tt-trace-host: 01e9b3dc8e3c0089b207cf07e1e2eea856e326e803fe81b0e5910dba33e5b58af000fef5da2465929fc2479df02071a372831001dad34e6f28d1fb6fde71cc2df8552ba0f49645c561cafa935734c43f1d617c9eb933cafdd9d1904ebc5c0bab4e
content-encoding: gzip
content-length: 66519
date: Tue, 04 Apr 2023 21:09:13 GMT
x-cache: TCP_HIT from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 549888d5
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 6a7db5abefd460ab737ba19d6233468c
eb119f0e1418e3627a9c24d12b543ea00e1cd53a
d88a1df68e834418ba42c02a8ee6a271eb77c262ae5f45e7a773e11d71b38ce7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3747
Cache-Control: max-age=146184
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:13 GMT
Etag: "642c1b5e-1d7"
Expires: Thu, 06 Apr 2023 13:45:37 GMT
Last-Modified: Tue, 04 Apr 2023 12:43:10 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64347)
Hash 7716e124e19760049484d1bcde4a8af2
51d50c9e9b7fc658c1316d1844418cee0baffa2a
fa7968a9a888e1a6dc6ac6126b8edd6e73974c2b0629f669bfb74916f0e7d534
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: AX1kCB3zk1aSDD9dSj9gTMBzF46S7JhktVI4/aClRPTfa62zuguzU1KxnFR0/yA9E4coNrxA6Enw2gz0Ve0drQ==
content-length: 27909
x-fb-trip-id: 1679558926
date: Tue, 04 Apr 2023 21:09:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 6a7db5abefd460ab737ba19d6233468c
eb119f0e1418e3627a9c24d12b543ea00e1cd53a
d88a1df68e834418ba42c02a8ee6a271eb77c262ae5f45e7a773e11d71b38ce7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5422
Cache-Control: max-age=147858
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:14 GMT
Etag: "642c1b5e-1d7"
Expires: Thu, 06 Apr 2023 14:13:32 GMT
Last-Modified: Tue, 04 Apr 2023 12:43:10 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/i18n/pixel/static/identify_08840.js
95.101.10.128200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_08840.js
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash b638549310f9fa7c551c832cf6367679
6729fef9be19ba25038bdc8f1988d3a8f37b2a9b
34d86c5f082f540cf905e90ca4577357a77acb6d87799188abcb92a616b2f9e5
GET /i18n/pixel/static/identify_08840.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Cookie: _ttp=2Nyi7EskozJyMYjwXjUoITyVbSc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202303281506462CB5149419CF7A5630CF
x-tt-trace-host: 014ee04bc3b7bbba901d3d50b857ab37ddfad910a198a15549d8d2ba1a5b9aae95586f31d5aa7b91eb08fb3f70a3f4e8dfe09d2a4160ccc89a8938bf986db9fd998b030931be4b3aade7e7092d8a4f9a34e79646de739aa869716dbf44d2bb3294
content-encoding: gzip
content-length: 30616
date: Tue, 04 Apr 2023 21:09:14 GMT
x-cache: TCP_MEM_HIT from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=11
x-akamai-request-id: 549889ed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 274780afcb4fbc5f81feba1c5d99add3
c26412d591486507f86c9c310a2b1cc62ddd8e76
2baa6a831f9856ee6b02859c3681a5a0d0e9dc361c60d04580b9f893fc06802c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 56c71eaf36368e415c26682707de1f4b
11fa3f31278035c07813bf6f17361ac20442c900
a86434a20450dfd2b7787c1759e2e9b502bc89cf579fed44e6e698b27fc90203
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=crezu.mx
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=crezu.mx
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=crezu.mx HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 04 Apr 2023 21:09:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=crezu.mx
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=crezu.mx
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=crezu.mx HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 04 Apr 2023 21:09:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
95.101.10.128200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 895
Origin: https://crezu.mx
Connection: keep-alive
Referer: https://crezu.mx/
Cookie: _ttp=2Nyi7EskozJyMYjwXjUoITyVbSc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230404210914BABFCD3DEFE126134822
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6d762dd76eaaf24a3f1d39c6cbdbf9bb09324630d552232109ae96ac11480f28a0299ad0b575d687c2b298c9339d441ec7e3ebf6ab01d41938b11f7004219d46a9e446070d69da1153223f541a23d37a8
expires: Tue, 04 Apr 2023 21:09:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 04 Apr 2023 21:09:14 GMT
x-cache: TCP_MISS from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=65, cdn-cache; desc=MISS, edge; dur=7, origin; dur=156
x-origin-response-time: 157,95.101.10.124
x-akamai-request-id: 549889f7
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
95.101.10.128200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 916
Origin: https://crezu.mx
Connection: keep-alive
Referer: https://crezu.mx/
Cookie: _ttp=2Nyi7EskozJyMYjwXjUoITyVbSc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023040421091480AB4021265A33ECBAAF
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb614aaf58061e7e31aca0a3667efd5b7b3d7f543b1544f3b52fad4d963eda6a5a42378436573655f03f95c79ecc6f3654adda1c21fbc445f8a3b0db6bcdef92cf966ac43fc76fcbf22ea46ca6ee8a6c6bf1f19db13fdca7cd265d237e62357b928
x-origin-response-time: 45,23.220.106.76
x-akamai-request-id: 6648b8c7.549889f5
expires: Tue, 04 Apr 2023 21:09:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 04 Apr 2023 21:09:14 GMT
x-cache: TCP_MISS from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-cache-remote: TCP_MISS from a23-220-106-76.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=130, origin; dur=45, inner; dur=20
x-parent-response-time: 169,95.101.10.124
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7a6ff04bc2025740f1bd615b1563d7c8
16a7f9d3e6d5e6c780e439542c7080ef95784efb
d5665dd82fe0dd9e14d7acb6c073a553252b79af0f6a443f54d04415faace503
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5665DD82FE0DD9E14D7ACB6C073A553252B79AF0F6A443F54D04415FAACE503"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Wed, 05 Apr 2023 03:08:27 GMT
Date: Tue, 04 Apr 2023 21:09:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 274780afcb4fbc5f81feba1c5d99add3
c26412d591486507f86c9c310a2b1cc62ddd8e76
2baa6a831f9856ee6b02859c3681a5a0d0e9dc361c60d04580b9f893fc06802c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2224d39f113ee4614933fb6aea551034
e30b6f99b3b8e3ec72762a0fcffccb6e2458ebde
63f6cd091b91e6660d3bdd911b2d6c0ccf7c8f6a36e6b285a2912af078e4e98b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63F6CD091B91E6660D3BDD911B2D6C0CCF7C8F6A36E6B285A2912AF078E4E98B"
Last-Modified: Tue, 04 Apr 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 05 Apr 2023 03:09:14 GMT
Date: Tue, 04 Apr 2023 21:09:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 56c71eaf36368e415c26682707de1f4b
11fa3f31278035c07813bf6f17361ac20442c900
a86434a20450dfd2b7787c1759e2e9b502bc89cf579fed44e6e698b27fc90203
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
events.crezu.net/api/event
35.240.92.105204 No Content 0 B URL HTTP/1.1 events.crezu.net/api/event
IP 35.240.92.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/event HTTP/1.1
Host: events.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://crezu.mx/
Origin: https://crezu.mx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 04 Apr 2023 21:09:14 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,X-API-KEY,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
events.crezu.net/api/event
35.240.92.105201 Created 0 B URL HTTP/1.1 events.crezu.net/api/event
IP 35.240.92.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/event HTTP/1.1
Host: events.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://crezu.mx
Content-Length: 311
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 04 Apr 2023 21:09:14 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-API-KEY,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ef377e4c23e8d27b59aa52f66bc76b7f
450c795c12f1b3fd33e796b561f58bbfbcd7f931
cf6bd293576e0955d5f8350b3e75b45165de09fa8dfcd3b50c2b614f3c3f3008
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8318be4633e5bd7ed8b010dced813a61
bf8c3a8932684e7e2cabe13dc40ed71b710829ec
add9922dfdcf26c07d9a286e529332fa488099e9c7029ca62b658434e4e987c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=crezu.mx&callback=_gfp_s_&client=ca-pub-7720460051430832
142.250.74.66200 OK 247 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=crezu.mx&callback=_gfp_s_&client=ca-pub-7720460051430832
IP 142.250.74.66:0
File type ASCII text, with very long lines (383), with no line terminators
Hash 2c9ddc93552550219c99145dc67847ec
7420175a34d33e7c7fc89ad4898fb74fd8f0eb95
b064b5e072e5800f35642fb74e2674a005df3677f94d49ba1dd8ae1efd46e511
GET /gampad/cookie.js?domain=crezu.mx&callback=_gfp_s_&client=ca-pub-7720460051430832 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 04 Apr 2023 21:09:14 GMT
server: cafe
cache-control: private
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-127091598-1&cid=373496429.1680642554&jid=385620135&gjid=2099203995&_gid=1318239277.1680642554&_u=YADAAEAAAAAAACAAI~&z=2027041021
64.233.161.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-127091598-1&cid=373496429.1680642554&jid=385620135&gjid=2099203995&_gid=1318239277.1680642554&_u=YADAAEAAAAAAACAAI~&z=2027041021
IP 64.233.161.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-127091598-1&cid=373496429.1680642554&jid=385620135&gjid=2099203995&_gid=1318239277.1680642554&_u=YADAAEAAAAAAACAAI~&z=2027041021 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://crezu.mx
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://crezu.mx
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Apr 2023 21:09:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ef377e4c23e8d27b59aa52f66bc76b7f
450c795c12f1b3fd33e796b561f58bbfbcd7f931
cf6bd293576e0955d5f8350b3e75b45165de09fa8dfcd3b50c2b614f3c3f3008
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-8PMFQDPCNZ>m=45je3430&_p=570131699&cid=373496429.1680642554&ul=en-us&sr=1280x1024&_s=1&sid=1680642553&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&dt=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20Crezu&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-8PMFQDPCNZ>m=45je3430&_p=570131699&cid=373496429.1680642554&ul=en-us&sr=1280x1024&_s=1&sid=1680642553&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&dt=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20Crezu&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8PMFQDPCNZ>m=45je3430&_p=570131699&cid=373496429.1680642554&ul=en-us&sr=1280x1024&_s=1&sid=1680642553&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&dt=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20Crezu&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crezu.mx
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://crezu.mx
date: Tue, 04 Apr 2023 21:09:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98437f675562ae2af8df0fdaf1369f43
c4deaf8e798062e62d94f95268b5164ff40ebced
ee9c92d96eb1f6214f6bf42b234bc144d0cada1746fbd94ee8b595d8b765165b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-127091598-1&cid=373496429.1680642554&jid=385620135&_u=YADAAEAAAAAAACAAI~&z=817258920
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-127091598-1&cid=373496429.1680642554&jid=385620135&_u=YADAAEAAAAAAACAAI~&z=817258920
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-127091598-1&cid=373496429.1680642554&jid=385620135&_u=YADAAEAAAAAAACAAI~&z=817258920 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 21:09:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8318be4633e5bd7ed8b010dced813a61
bf8c3a8932684e7e2cabe13dc40ed71b710829ec
add9922dfdcf26c07d9a286e529332fa488099e9c7029ca62b658434e4e987c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
crezu.mx/img/financial-services-mobil.webp
34.94.124.239200 OK 42 B URL HTTP/2 crezu.mx/img/financial-services-mobil.webp
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /img/financial-services-mobil.webp HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: image/webp
last-modified: Tue, 28 Mar 2023 19:04:34 GMT
vary: Accept-Encoding
etag: W/"64233a42-15d3e"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=461067334443962&ev=PageView&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&rl=&if=false&ts=1680642554574&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680642554573.810096398&it=1680642553905&coo=false&rqm=GET
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=461067334443962&ev=PageView&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&rl=&if=false&ts=1680642554574&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680642554573.810096398&it=1680642553905&coo=false&rqm=GET
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=461067334443962&ev=PageView&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&rl=&if=false&ts=1680642554574&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680642554573.810096398&it=1680642553905&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 04 Apr 2023 21:09:14 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=461067334443962&ev=feedSubmitted&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&rl=&if=false&ts=1680642554576&cd[positions]=9&cd[source]=mx-sms-welcome-click-trigger-2&cd[wall]=new-landing-offers&cd[withBrokers]=false&sw=1280&sh=1024&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680642554573.810096398&it=1680642553905&coo=false&rqm=GET
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=461067334443962&ev=feedSubmitted&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&rl=&if=false&ts=1680642554576&cd[positions]=9&cd[source]=mx-sms-welcome-click-trigger-2&cd[wall]=new-landing-offers&cd[withBrokers]=false&sw=1280&sh=1024&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680642554573.810096398&it=1680642553905&coo=false&rqm=GET
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=461067334443962&ev=feedSubmitted&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&rl=&if=false&ts=1680642554576&cd[positions]=9&cd[source]=mx-sms-welcome-click-trigger-2&cd[wall]=new-landing-offers&cd[withBrokers]=false&sw=1280&sh=1024&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680642554573.810096398&it=1680642553905&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 04 Apr 2023 21:09:14 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f16c41317989bf50e17550073112d150
c5e9f13f10a84be7966555d7f5b791c69a1ab1e2
996b02c714036abfaea1c558137476408db055ba0531b56bdddcda6eef4ef2ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 04 Apr 2023 21:09:15 GMT
expires: Tue, 04 Apr 2023 21:09:15 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=crezu.mx
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=crezu.mx
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=crezu.mx HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 04 Apr 2023 21:09:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.207.193200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.mx/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Apr 2023 15:47:53 GMT
expires: Wed, 03 Apr 2024 15:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 19282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9209152015bce63ee2d21cc0d966532
7fb6b50059f25e76e0acd9f8ced75095ba7474fe
e3d734e1657051dfd33351e97078cf4e5210332ac63e0b104ff73e913011f024
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
crezu.mx/_nuxt/abf7e57.modern.js
34.94.124.239200 OK 81 kB URL HTTP/2 crezu.mx/_nuxt/abf7e57.modern.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 6326c4e5178d29a31834809c40b1d029
197114176d72e8888d5a45281e8cb32a27ae1b57
e83ecb561d01c1b85bbd4ec03b4c66baac171f595b7cb2dd50edfa122122e5c7
GET /_nuxt/abf7e57.modern.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
vary: Accept-Encoding
etag: W/"64233a43-3c713"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4741fb0e250c9bcfbf5ecf935786156a
b5ee9286de89da804036335ad071bcdf0bd69b6f
0273c45d6b16ec9f44aef454cfcc190ac3e953899347c346effb38e335806309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/391edcfc9250fc73687380a2b5a5bc72.js?tag=text/vanilla_highlight_ms
142.250.74.35200 OK 4.4 kB URL HTTP/2 www.gstatic.com/mysidia/391edcfc9250fc73687380a2b5a5bc72.js?tag=text/vanilla_highlight_ms
IP 142.250.74.35:0
File type C++ source, ASCII text, with very long lines (1896)
Hash b3436ba414ed1e3dd52d27d2615248fe
d0dbe98ae2de68b004a01343f30b7d188be737ac
bfea2699b11e33fbe252a43746fe0ead96f968ab3114bc179495d2c86dcdcaab
GET /mysidia/391edcfc9250fc73687380a2b5a5bc72.js?tag=text/vanilla_highlight_ms HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4409
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Apr 2023 00:24:00 GMT
expires: Mon, 03 Jul 2023 00:24:00 GMT
cache-control: public, max-age=7776000
last-modified: Mon, 03 Apr 2023 20:59:49 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 74715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019
142.250.74.35200 OK 4.0 kB URL HTTP/2 www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019
IP 142.250.74.35:0
File type ASCII text, with very long lines (1752)
Hash 07c75960da93c41a144431cd0956ca6c
67822e2868de29ac11dcd457d6feef75276639f2
97b39a7ddbd391846fc4ceb7aa6aad3e68b5a9c863e474b2dd4cb4d9619f8b81
GET /mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Apr 2023 00:24:00 GMT
expires: Mon, 03 Jul 2023 00:24:00 GMT
cache-control: public, max-age=7776000
last-modified: Mon, 03 Apr 2023 20:59:49 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 74715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.98200 OK 50 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.98:0
File type ASCII text, with very long lines (3413)
Hash 808cdff23bfa39cf36fd83f53938175e
74727d19b0f2eff8a94b1d8a186ec4745cfde233
87293cd737b39a1b59353101584ca3af1c980ecbd135284de0528e4c18e3b496
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
timing-allow-origin: *
content-length: 49602
date: Tue, 04 Apr 2023 21:09:15 GMT
expires: Tue, 04 Apr 2023 21:09:15 GMT
cache-control: private, max-age=3000
etag: "1680521770904888"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9209152015bce63ee2d21cc0d966532
7fb6b50059f25e76e0acd9f8ced75095ba7474fe
e3d734e1657051dfd33351e97078cf4e5210332ac63e0b104ff73e913011f024
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.74200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.74:0
Hash 5856b95e51dc1884041c6b76fb034841
59f9ac26b786f5a72fdeb0c3f62d8870633d8f4d
ab40d77f2dfba58552e2d5068f2a72a771ed74745396b769e659248ff964e1de
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Apr 2023 21:09:15 GMT
date: Tue, 04 Apr 2023 21:09:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
crezu.mx/_nuxt/static/1680030274/manifest.js
34.94.124.239200 OK 0 B URL HTTP/2 crezu.mx/_nuxt/static/1680030274/manifest.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /_nuxt/static/1680030274/manifest.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:39 GMT
vary: Accept-Encoding
etag: W/"64233a47-316"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
34.94.124.239200 OK 0 B URL HTTP/2 crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9= HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:10 GMT
content-type: text/html
last-modified: Tue, 28 Mar 2023 19:04:38 GMT
vary: Accept-Encoding
etag: W/"64233a46-99f8"
expires: Tue, 04 Apr 2023 21:09:09 GMT
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2
crezu.mx/_nuxt/static/1680030274/landing/offers/payload.js
34.94.124.239200 OK 0 B URL HTTP/2 crezu.mx/_nuxt/static/1680030274/landing/offers/payload.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /_nuxt/static/1680030274/landing/offers/payload.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:36 GMT
vary: Accept-Encoding
etag: W/"64233a44-50"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
crezu.mx/_nuxt/2f28288.modern.js
34.94.124.239200 OK 0 B URL HTTP/2 crezu.mx/_nuxt/2f28288.modern.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /_nuxt/2f28288.modern.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5&sub6=833&sub7&sub8&sub9
Connection: keep-alive
Cookie: i18n_redirected=MX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:13 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:35 GMT
vary: Accept-Encoding
etag: W/"64233a43-3627"
expires: Wed, 03 Apr 2024 21:09:13 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
crezu.mx/_nuxt/static/1680030274/landing/offers/state.js
34.94.124.239200 OK 0 B URL HTTP/2 crezu.mx/_nuxt/static/1680030274/landing/offers/state.js
IP 34.94.124.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /_nuxt/static/1680030274/landing/offers/state.js HTTP/1.1
Host: crezu.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 21:09:11 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 19:04:36 GMT
vary: Accept-Encoding
etag: W/"64233a44-15a"
expires: Wed, 03 Apr 2024 21:09:11 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2