crz.su/BAWxYovu
301 Moved Permanently 194 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ec0f2d6d8da7997a10f72a2537729e59
d6b8ca36f266d92775f5b757e65b8c10c747c30a
95e1144ae5faba1d6ea1ac58b29b1e8d0399125e4dbc6a17d50d0bf5cf3bdcf8
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /BAWxYovu HTTP/1.1
Host: crz.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 29 Jan 2023 03:02:22 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://crz.su/BAWxYovu
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Sun, 29 Jan 2023 04:16:54 GMT
Date: Sun, 29 Jan 2023 03:02:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2203
Expires: Sun, 29 Jan 2023 03:39:05 GMT
Date: Sun, 29 Jan 2023 03:02:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 02:43:07 GMT
content-type: application/json
age: 1155
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16831
Expires: Sun, 29 Jan 2023 07:42:53 GMT
Date: Sun, 29 Jan 2023 03:02:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kn/sQt0O3jNxXUsMT+/JkQmDpU4jYn81k4TCnrUi6DkAYbPTR/Y8ShTMKhnHN3C0M2IawyCMKjM=
x-amz-request-id: 5KMD4FZ8JXNSZECR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 02:21:13 GMT
age: 2469
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:02:22 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5230959c007540fa4f79c4370bc339e3
5382aa89edfa5031488aae25ddf6f675bc0a50d1
ba24649929f62579a7729cb02d8e60783749663e15c13fa9dab73bf7874bf462
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA24649929F62579A7729CB02D8E60783749663E15C13FA9DAB73BF7874BF462"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 29 Jan 2023 09:02:23 GMT
Date: Sun, 29 Jan 2023 03:02:23 GMT
Connection: keep-alive
crz.su/BAWxYovu
302 Found 10 B IP
File type ASCII text, with no line terminators
Hash a8e03540dce77ac5043211d114328eb8
d7ddfe518c491af3a0dc594fa6890ae3dbd45a7b
2df1e0cd7190e6485b41ba12f0a445a2422a720cc97e6419160206383a481c5c
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /BAWxYovu HTTP/1.1
Host: crz.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 29 Jan 2023 03:02:23 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 10
Connection: keep-alive
Location: https://sl.crezu.pl/crm?lead_id=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&landing=offers
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 02:49:03 GMT
age: 800
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3209
Expires: Sun, 29 Jan 2023 03:55:52 GMT
Date: Sun, 29 Jan 2023 03:02:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6f6593b705bc5800a01bf29e76e7ade5
79b9b9f06e91c41927ae058c4fce0b86f752a8e1
4362334ce6bea4da52ab7b10f83acdd472850d89d1b3bb02522a07470534b907
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4362334CE6BEA4DA52AB7B10F83ACDD472850D89D1B3BB02522A07470534B907"
Last-Modified: Fri, 27 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Sun, 29 Jan 2023 09:01:32 GMT
Date: Sun, 29 Jan 2023 03:02:23 GMT
Connection: keep-alive
sl.crezu.pl/crm?lead_id=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&landing=offers
302 Found 10 B URL HTTP/1.1 sl.crezu.pl/crm?lead_id=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&landing=offers
IP
File type ASCII text, with no line terminators
Hash a8e03540dce77ac5043211d114328eb8
d7ddfe518c491af3a0dc594fa6890ae3dbd45a7b
2df1e0cd7190e6485b41ba12f0a445a2422a720cc97e6419160206383a481c5c
GET /crm?lead_id=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&landing=offers HTTP/1.1
Host: sl.crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 29 Jan 2023 03:02:23 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 10
Connection: keep-alive
Location: https://track.crezu.net/click?offer_id=466&sub1=759eb5aa7ab340f68171a8e2e8afc866&pid=2&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub6=156&sub4=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oO5QWEkpMPAPByzhOqq+KQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oFw9qavSHwIzjpAd5KJwD/lfT+g=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221674961030832%22
200 OK 21 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221674961030832%22
IP
File type JSON data\012- , ASCII text, with very long lines (20973), with no line terminators
Hash 8d6a73f64d1c131f0890f5d2e510e681
d7fbdcfb84d496717feff4c00b4bd961729f6f26
5ec97403e02d0b8d62181f332acc7fc31bb766c6adfc1fa8f5eeb2b6b47404d2
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221674961030832%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20973
via: 1.1 google
date: Sun, 29 Jan 2023 03:02:19 GMT
last-modified: Sun, 29 Jan 2023 02:57:10 GMT
content-type: application/json
age: 5
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 924f3596d83033d88c85b6ba0b1e16a6
60ee4b567e24522e797e241e4a52809464ebc5db
b458da2ff5190bde2ca7f0644b304a0ad7af36da4dd7b804597b1f8354df24e5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 04:31:36 GMT
Expires: Sat, 04 Feb 2023 04:31:35 GMT
Etag: "60ee4b567e24522e797e241e4a52809464ebc5db"
Cache-Control: max-age=523150,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790eba902e2db4ee-OSL
track.crezu.net/click?offer_id=466&sub1=759eb5aa7ab340f68171a8e2e8afc866&pid=2&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub6=156&sub4=0
302 Found 0 B URL HTTP/2 track.crezu.net/click?offer_id=466&sub1=759eb5aa7ab340f68171a8e2e8afc866&pid=2&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub6=156&sub4=0
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?offer_id=466&sub1=759eb5aa7ab340f68171a8e2e8afc866&pid=2&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub6=156&sub4=0 HTTP/1.1
Host: track.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 29 Jan 2023 03:02:24 GMT
content-length: 0
location: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63d5e1c06aa21800014fe1f8; expires=Mon, 29 Jan 2024 03:02:24 GMT; secure; SameSite=None
afoffers={"466":1674961344}; expires=Mon, 29 Jan 2024 03:02:24 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
200 OK 8.9 kB URL HTTP/1.1 crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26032)
Hash 2f900da7515316311d5b24c0c6417baf
b026054c4ce177a394e1f838833345d125a27d63
f4cd514a932317252314b048d6b0b5184605b5329e47a4dd92b0010201f87a5e
GET /landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9= HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: text/html
Last-Modified: Fri, 06 Jan 2023 09:30:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea51-9389"
Expires: Sun, 29 Jan 2023 03:02:23 GMT
Cache-Control: no-cache
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
crezu.pl/_nuxt/28fa288.js
200 OK 1.5 kB URL HTTP/1.1 crezu.pl/_nuxt/28fa288.js
IP
File type ASCII text, with very long lines (2849), with no line terminators
Hash 5638811cf79f4ae0605ae9138f60631e
ddee0d09633c4e37d3f7e7cdbba34a38c78a652e
a2b724970ad81c31d20f23e46b2ce4cc30c9feb954bc5d07b1d25133284e5463
GET /_nuxt/28fa288.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Jan 2023 09:30:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea4e-b21"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
crezu.pl/_nuxt/eb1a31d.js
200 OK 380 B URL HTTP/1.1 crezu.pl/_nuxt/eb1a31d.js
IP
File type ASCII text, with very long lines (380), with no line terminators
Hash df2dd4d31ae5df1f1a5f14b49067f36e
79a0c6800158fad4660bd14114a7411de461a762
04b71092c1c762a92470c78906b51f00ba82108263a9f446042a2ed73173b51f
GET /_nuxt/eb1a31d.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: application/javascript
Content-Length: 380
Last-Modified: Fri, 06 Jan 2023 09:30:54 GMT
Connection: keep-alive
ETag: "63b7ea4e-17c"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
crezu.pl/_nuxt/static/1672997453/landing/offers/payload.js
200 OK 80 B URL HTTP/1.1 crezu.pl/_nuxt/static/1672997453/landing/offers/payload.js
IP
File type ASCII text, with no line terminators
Hash 6c1e7ec9f0064dc589999938dee7431d
33bf67ccb5cbf45b8c7aff851168ada5b6ecd2d1
a7ef29d3fc71e75ad570a2faaa78d65cf17d29c8bffc019145d1d9599e01265d
GET /_nuxt/static/1672997453/landing/offers/payload.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: application/javascript
Content-Length: 80
Last-Modified: Fri, 06 Jan 2023 09:30:55 GMT
Connection: keep-alive
ETag: "63b7ea4f-50"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
crezu.pl/_nuxt/static/1672997453/manifest.js
200 OK 530 B URL HTTP/1.1 crezu.pl/_nuxt/static/1672997453/manifest.js
IP
File type ASCII text, with very long lines (530), with no line terminators
Hash 1eaa77107a2f1f40db326c92dfaef040
c445d6687246c4cd9e25fa1bf910722f6e1ade62
f3ebb0f5a02b85144e6166e716333e04771792365ce5230246ac5120b9f3b660
GET /_nuxt/static/1672997453/manifest.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: application/javascript
Content-Length: 530
Last-Modified: Fri, 06 Jan 2023 09:30:57 GMT
Connection: keep-alive
ETag: "63b7ea51-212"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
crezu.pl/_nuxt/3a79763.js
200 OK 4.6 kB URL HTTP/1.1 crezu.pl/_nuxt/3a79763.js
IP
File type ASCII text, with very long lines (21714), with no line terminators
Hash 85d80e49c88da94bcd394a2c360eb99c
6d53517086109b1702d01146eb5141ae166348af
1823b2695568c05900622fcbaf9865545b8f9b6b5526280faf946d35f4b5d78c
GET /_nuxt/3a79763.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Jan 2023 09:30:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea4e-54d2"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
X-Firefox-Early-Data: sent
crezu.pl/_nuxt/static/1672997453/landing/offers/state.js
200 OK 9.2 kB URL HTTP/1.1 crezu.pl/_nuxt/static/1672997453/landing/offers/state.js
IP
File type Unicode text, UTF-8 text, with very long lines (21175), with no line terminators
Hash a068a16085f6771e6e9aa28083b4de9a
1addee2734028cb23e848ac2dc1f14886c758a22
5f95b53c6567d6f7e74eb5b48fb3db7e1e61a5edb66237b695cdaedc6b2a5252
GET /_nuxt/static/1672997453/landing/offers/state.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Jan 2023 09:30:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea4f-5699"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
X-Firefox-Early-Data: sent
crezu.pl/_nuxt/6bbdbe8.js
200 OK 93 kB URL HTTP/1.1 crezu.pl/_nuxt/6bbdbe8.js
IP
File type ASCII text, with very long lines (65485)
Hash 17a28450b5f15da065a19910d3f0b341
7a4dfc9b8625e33fa32ccde392b6f2fe8263f19e
fefe7540fad4ab9e79602cc77d1bc7020856042a7865ffc96de5ed3e1deb0590
GET /_nuxt/6bbdbe8.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Jan 2023 09:30:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea4e-44803"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
X-Firefox-Early-Data: sent
crezu.pl/_nuxt/b7373f7.js
200 OK 92 kB URL HTTP/1.1 crezu.pl/_nuxt/b7373f7.js
IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (62927), with no line terminators
Hash 7d313cf62b0e7f16dd8aafb21e6b81b0
0cd3ca4643b95c542b1332daaf4398a8eca74ad6
ae9c0350c50806b78671166197a3fb96123edcf5efb0fda76748ad8b1309161f
GET /_nuxt/b7373f7.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Jan 2023 09:30:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea4e-4e6be"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
X-Firefox-Early-Data: sent
crezu.pl/_nuxt/0262757.js
200 OK 154 kB URL HTTP/1.1 crezu.pl/_nuxt/0262757.js
IP
File type ASCII text, with very long lines (65485)
Size 154 kB (153517 bytes)
Hash 90cbecc2cc1d350dda84602d0b169253
d2cb0ecb8a2c5ca1cc0878e71850e4eaae3ff301
c1948c512c25ad8c8a32bd2e7d327cb09a626b1dbff68e8fca2534d407e27245
GET /_nuxt/0262757.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Jan 2023 09:30:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea4e-7c91e"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
X-Firefox-Early-Data: sent
crezu.pl/fonts/SF_Pro_Display/SFProDisplay-Medium.woff2
200 OK 100 kB URL HTTP/1.1 crezu.pl/fonts/SF_Pro_Display/SFProDisplay-Medium.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 99572, version 1.0\012- data
Hash 52ea0d7008516c101595f81d37225889
6730d0f88794957b23d45148e162773485744235
b8da67821e588e3ee5516083d99f1d9907c23a24fcb52dfb3c57cd38924dcef7
GET /fonts/SF_Pro_Display/SFProDisplay-Medium.woff2 HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: font/woff2
Content-Length: 99572
Last-Modified: Fri, 06 Jan 2023 09:30:54 GMT
Connection: keep-alive
ETag: "63b7ea4e-184f4"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
crezu.pl/fonts/SF_Pro_Display/SFProDisplay-Bold.woff2
200 OK 99 kB URL HTTP/1.1 crezu.pl/fonts/SF_Pro_Display/SFProDisplay-Bold.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 98712, version 1.0\012- data
Hash 33802914271ef3d489d31399a5c8c3af
cfb1f5ce8dff071fb09c9545a4b72b9465da3fbe
32b6db04338d853de4148e775afcacadfb2d0bd3e8f10192916f6688f34c6005
GET /fonts/SF_Pro_Display/SFProDisplay-Bold.woff2 HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: font/woff2
Content-Length: 98712
Last-Modified: Fri, 06 Jan 2023 09:30:54 GMT
Connection: keep-alive
ETag: "63b7ea4e-18198"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14989
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 03:02:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14989
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 03:02:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14989
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 03:02:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14989
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 03:02:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f73f114f8dc452fc0b16825570ad50c
6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575
23fd69e6ccdd2ce2b5d3d8b3f075a07cdb36efd663a4119b5dca22165e7b2090
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10030
x-amzn-requestid: 0c6c82b5-f91b-4468-bb25-d87d4d7dedd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVAbgERRIAMFdcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1e116-7f17c79047447dff2de3ab67;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 02:10:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pHTs5LN29bSjD8GAXY_vstXiEQ7iy9qXsq23Pxl-GdXX16_5H5QKCQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 16:13:35 GMT
age: 38930
etag: "6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14989
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 03:02:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 8dca6752-c548-4526-ae81-4626843ade3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYbDjGREoAMFxiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d33ee3-1c097c131b91c34b4e7df1be;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i8JJruxoRfordb6WFNf67-GLWrA_Q930x3GCCQoUmDwXrfZtBXvsZg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 03:16:34 GMT
age: 85551
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVguyG7BIAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 06:42:55 GMT
age: 73170
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6021d6a06bff2826eb341747e82484f7
a817ff1ba206234627706551820d0d9856b398de
f0ba6de8709fdb73e94dbdace635232c76b9d70dad73badaca0542d9ad49604d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11624
x-amzn-requestid: 09cf15e8-9e34-48d8-98e6-f698e3db09a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIhl7Hv7oAMFozg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce2f2-0c3acc173da3ccf164b4c412;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:17:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0-OYl8IX1kTRNxA8_kGXbD-yV4DeqDgN4qkCcvKxTW7VVz2FTQgalw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 06:42:55 GMT
age: 73170
etag: "a817ff1ba206234627706551820d0d9856b398de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6d617843cc1f7df21950fe7d4add160
4b7b2e07f0c4667f9c83d99c1481f81ac6e531f9
facb5e8beed1bf0b0ae02cba77278767f211717097803b3966312dfe0822646b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7790
x-amzn-requestid: 19b7ae0c-7ce9-4d01-96c3-9259e6f2b1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88xFpKIAMF_gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-0d4a98a74200cb962d434f82;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORGO0m0bJJzpWpxLCewm0J1vp8khEZlPzL58syBdlhyQniN8em5Qzg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:53:11 GMT
age: 18554
etag: "4b7b2e07f0c4667f9c83d99c1481f81ac6e531f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 22569
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
crezu.pl/favicon.svg
200 OK 816 B IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1425)
Hash c64316d4a1ce5ba97b54eef2cf7a1a85
eeaee27f8c1485f8348db25e6bc38d908cd68242
1ff1d8e11755d400a2584ba3f1b08a48e23c3f1341f07f24b74086d3aeb689c3
GET /favicon.svg HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Cookie: i18n_redirected=PL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:25 GMT
Content-Type: image/svg+xml
Last-Modified: Fri, 06 Jan 2023 09:30:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea4e-629"
Expires: Mon, 29 Jan 2024 03:02:25 GMT
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
crezu.pl/_nuxt/e17529a.js
200 OK 2.5 kB URL HTTP/1.1 crezu.pl/_nuxt/e17529a.js
IP
File type ASCII text, with very long lines (6814), with no line terminators
Hash a7dfc79443c262d8c3f8a8c1767c6841
13895171650a35f52104d20339d52d073beb2406
977cf3443c45ec612194904c4f01d94949f0d3ed0566e11c644fe93c3867bac5
GET /_nuxt/e17529a.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5&sub6=156&sub7&sub8&sub9
Cookie: i18n_redirected=PL
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:25 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Jan 2023 09:30:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea4e-1a9e"
Expires: Mon, 29 Jan 2024 03:02:25 GMT
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
crezu.pl/_nuxt/static/1672997453/payload.js
200 OK 66 B URL HTTP/1.1 crezu.pl/_nuxt/static/1672997453/payload.js
IP
File type ASCII text, with no line terminators
Hash 2fdf26e41c54a3b19b3585bf503c9269
fe9f39f0cb018c5ca786985e3a57c1a3bd4b8880
8c410f0cd0ba160363ead57587ffbfc23d7236dbccf4eb73c754b140ee0b5d7c
GET /_nuxt/static/1672997453/payload.js HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5&sub6=156&sub7&sub8&sub9
Cookie: i18n_redirected=PL
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:25 GMT
Content-Type: application/javascript
Content-Length: 66
Last-Modified: Fri, 06 Jan 2023 09:30:55 GMT
Connection: keep-alive
ETag: "63b7ea4f-42"
Expires: Mon, 29 Jan 2024 03:02:25 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
ocsp.sectigo.com/
200 OK 472 B IP
Hash af1800754407bed651dcffc5c36713d2
c97fce5d6724975dbf735df213afe72cb1f507be
54587ee0805a8081d7804e71ffd519db938873829b109886b0ed042010316ec6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:02:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:40:18 GMT
Expires: Wed, 01 Feb 2023 15:40:17 GMT
Etag: "c97fce5d6724975dbf735df213afe72cb1f507be"
Cache-Control: max-age=304071,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790eba97a9b6b4ee-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash af1800754407bed651dcffc5c36713d2
c97fce5d6724975dbf735df213afe72cb1f507be
54587ee0805a8081d7804e71ffd519db938873829b109886b0ed042010316ec6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:02:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:40:18 GMT
Expires: Wed, 01 Feb 2023 15:40:17 GMT
Etag: "c97fce5d6724975dbf735df213afe72cb1f507be"
Cache-Control: max-age=304071,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790eba97a898b4ed-OSL
cdn.crezu.net/offers/dist/offers.iife.js
200 OK 50 kB URL HTTP/2 cdn.crezu.net/offers/dist/offers.iife.js
IP
File type ASCII text, with very long lines (56121)
Hash 35b6f26345cc4da6835844bc08492ff4
31e76f9cab68fc97915f25a56e1065f434bd89a3
61f320ab5542412679476dba444653e617c373082c737c954820f816a2197cce
GET /offers/dist/offers.iife.js HTTP/1.1
Host: cdn.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
content-length: 49788
date: Fri, 27 Jan 2023 19:41:20 GMT
expires: Fri, 03 Feb 2023 19:41:20 GMT
cache-control: max-age=604800,public
age: 112865
last-modified: Fri, 27 Jan 2023 09:34:07 GMT
etag: W/"63d39a8f-25e4a"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.crezu.net/offers/dist/style.css
200 OK 7.6 kB URL HTTP/2 cdn.crezu.net/offers/dist/style.css
IP
File type ASCII text, with very long lines (50504)
Hash 1da2c8b6ea67cf670534c1e080f507cc
0a07aa9406f7bed14844403f69fcd582e8a457be
5394b83c848ffe9a9565ec2bf92840bd64ae24d58f8c346994c816dfd2c861c6
GET /offers/dist/style.css HTTP/1.1
Host: cdn.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
content-length: 7560
date: Fri, 27 Jan 2023 19:41:20 GMT
expires: Fri, 03 Feb 2023 19:41:20 GMT
cache-control: max-age=604800,public
age: 112865
last-modified: Wed, 25 Jan 2023 09:10:33 GMT
etag: W/"63d0f209-c549"
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash af1800754407bed651dcffc5c36713d2
c97fce5d6724975dbf735df213afe72cb1f507be
54587ee0805a8081d7804e71ffd519db938873829b109886b0ed042010316ec6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:02:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:40:18 GMT
Expires: Wed, 01 Feb 2023 15:40:17 GMT
Etag: "c97fce5d6724975dbf735df213afe72cb1f507be"
Cache-Control: max-age=304071,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790eba9839f4b4ee-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash af1800754407bed651dcffc5c36713d2
c97fce5d6724975dbf735df213afe72cb1f507be
54587ee0805a8081d7804e71ffd519db938873829b109886b0ed042010316ec6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:02:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:40:18 GMT
Expires: Wed, 01 Feb 2023 15:40:17 GMT
Etag: "c97fce5d6724975dbf735df213afe72cb1f507be"
Cache-Control: max-age=304071,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790eba97ad51b52d-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M35GBQ7
200 OK 61 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M35GBQ7
IP
File type ASCII text, with very long lines (3085)
Hash abfcbb4ca374e167bc76fd2718a752b4
bd12fc271f2d147323d46947ff52a5ac46ae9d3d
aeace1ba29a09dacb89214f605abe0f1b76fb5904b11f61cbf227e664543d482
GET /gtm.js?id=GTM-M35GBQ7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 03:02:25 GMT
expires: Sun, 29 Jan 2023 03:02:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 61178
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
crezu.pl/img/financial-services-mobil.webp
200 OK 472 B URL HTTP/1.1 crezu.pl/img/financial-services-mobil.webp
IP
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
GET /img/financial-services-mobil.webp HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5=&sub6=156&sub7=&sub8=&sub9=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:24 GMT
Content-Type: image/webp
Last-Modified: Fri, 06 Jan 2023 09:30:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea4d-15d3e"
Expires: Mon, 29 Jan 2024 03:02:24 GMT
Cache-Control: max-age=31536000
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 130b3ff4163abb38ef0e41138ba485ad
1454594a3969fa6487c8b4c6e708a3f063eba7c0
4931cb9cc027b2b403a9fcffb8a8a652d15ceb4bee5c567d6dfe58b02cc4d5ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4931CB9CC027B2B403A9FCFFB8A8A652D15CEB4BEE5C567D6DFE58B02CC4D5AC"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5660
Expires: Sun, 29 Jan 2023 04:36:45 GMT
Date: Sun, 29 Jan 2023 03:02:25 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sl.crezu.net/sl-feed?lead_id=759eb5aa7ab340f68171a8e2e8afc866&page=landing-offers&direction=swap
200 OK 85 B URL HTTP/1.1 sl.crezu.net/sl-feed?lead_id=759eb5aa7ab340f68171a8e2e8afc866&page=landing-offers&direction=swap
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash de1f4e47f078041c2d212b141b159195
7481d466d526e2c74b28c17efedc64e0f6255529
7ad1727e56e738fe5fd9c4917f482ad1a45dc05000cf5d4d82bdd953dfb2e346
GET /sl-feed?lead_id=759eb5aa7ab340f68171a8e2e8afc866&page=landing-offers&direction=swap HTTP/1.1
Host: sl.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crezu.pl
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 29 Jan 2023 03:02:25 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 85
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (3649)
Hash 48aedb67f801bd64f934a88fe739aa71
bbca741c102a492970a71937dc7884f2e5ceae5f
15fc15a1564bdd8a44fd6afd227170a62cd1b6695ca031496a76a22bf77392fe
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 29 Jan 2023 03:02:25 GMT
expires: Sun, 29 Jan 2023 03:02:25 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1769875171284261204
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50290
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8725f64752110c399a49352b67b692c2
116a83377c871fca5407d63cb571d1bfcb04e6b1
ba10ed07472c27ed6e12cd193e70b5df74ac2c2c1fbb9f8ae969347293af4f37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA10ED07472C27ED6E12CD193E70B5DF74AC2C2C1FBB9F8AE969347293AF4F37"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18613
Expires: Sun, 29 Jan 2023 08:12:38 GMT
Date: Sun, 29 Jan 2023 03:02:25 GMT
Connection: keep-alive
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDMAAN3C77U9BMO6UE4G&lib=ttq
200 OK 1.3 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDMAAN3C77U9BMO6UE4G&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2663)
Hash b57e330aa949d6e50a7313c69ad59c4b
72dbbd5f34ff9ae46bb2ccfd0aa22a08f685e0a1
17ca90e139d2a2e8ae34378cbafe352dba3596c41b1928903e46e875c9f26a88
GET /i18n/pixel/events.js?sdkid=CDMAAN3C77U9BMO6UE4G&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230129030226EAFB51B42DE0ED25180E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60fa52c5d1c57f3b77a3dac2d549caf6cfb732c4f665d1f3ac58070fc5989b2f62083beb8f24d51650e99f10ea88fcdc00c535cc9e21a6d6a609ed11b370558a4d63ddd3e6bf2ca3c40d28a6f40ac945b4a6e0e718a862b63cc53024295c30cd68
content-encoding: gzip
content-length: 1313
x-origin-response-time: 54,23.194.131.36
x-akamai-request-id: 1bb84e73.4d879144
expires: Sun, 29 Jan 2023 03:02:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 29 Jan 2023 03:02:26 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2KyyvPyAGvyCrUlES6dmGqFlqYZ; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-194-131-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=54, inner; dur=3
x-parent-response-time: 155,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
200 OK 69 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 09e9bdc02bd94387901641c0b3a1f8f0
7bf30498ae27e11f7fc60b438b090f15b67ca113
d8f79f755ae4e42d98623589e5e6420342ce199553a3b7b7713caaaec65117e9
GET /i18n/pixel/static/main.MWE2YWY2YTgzMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Cookie: _ttp=2KyyvPyAGvyCrUlES6dmGqFlqYZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023011217582238FCAA3D419588756972
x-tt-trace-host: 01e57b2566233939c0b7a614d728f3c137bda4b6e8ffed077a25e96861feda11fa551f058721a274fc4605886b55ca626730a56b385a942b4129028dfc561d0b618d751524aad0a4ae27ef533e55d2e8e40a3ad2aaa7ba995375ace641e8e6ae3a
content-encoding: gzip
date: Sun, 29 Jan 2023 03:02:26 GMT
content-length: 68605
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
x-akamai-request-id: 4d879187
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dcab8baa18c9beb329fcfc9e2a4bbad8
0b38fe9291b4f3d5c5730bd4f97ff21aeb480da1
0f61fe397b26c31fd203dcc03bd146b06c33550db40886eb7dc6884357d16787
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F61FE397B26C31FD203DCC03BD146B06C33550DB40886EB7DC6884357D16787"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Sun, 29 Jan 2023 09:01:41 GMT
Date: Sun, 29 Jan 2023 03:02:26 GMT
Connection: keep-alive
events.crezu.net/api/event
204 No Content 0 B URL HTTP/1.1 events.crezu.net/api/event
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/event HTTP/1.1
Host: events.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://crezu.pl/
Origin: https://crezu.pl
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 29 Jan 2023 03:02:26 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,X-API-KEY,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85bd96a56a6a7f09e3e7dadc7980152e
37590c595abeb315046a293a9e53632ae2128ac4
c27be18eef006f48310fb2b0c456d6bcb1f3b0298dcb6e580724923323cb48a7
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Cookie: _ttp=2KyyvPyAGvyCrUlES6dmGqFlqYZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825D19F86481431D6BBCCFF
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f827e6bc0806bd5a24cf0439744099e1e4bba0637571d8edb56c6009f69fe5018b8e38bd5b93708ee64c377fa97874d18ceefbea8a477a7fa2bec40c3b56c69b1
content-encoding: gzip
date: Sun, 29 Jan 2023 03:02:26 GMT
content-length: 30917
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 4d8791b9
X-Firefox-Spdy: h2
events.crezu.net/api/event
201 Created 0 B URL HTTP/1.1 events.crezu.net/api/event
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/event HTTP/1.1
Host: events.crezu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crezu.pl/
Content-Type: application/json
Origin: https://crezu.pl
Content-Length: 303
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 29 Jan 2023 03:02:26 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-API-KEY,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.comodoca.com/
200 OK 471 B IP
Hash 4d2529e0c0c6f7146a3e0b4cf87c3c5b
8b270c03a3644bd040783f2d341c47c6e0fc0ddb
c1c0a900b85b2b671f52cb27ff581e1b60f8ecc87446580d2191f2b39b31ba00
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:02:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 15:38:21 GMT
Expires: Sat, 04 Feb 2023 15:38:20 GMT
Etag: "8b270c03a3644bd040783f2d341c47c6e0fc0ddb"
Cache-Control: max-age=602986,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1428
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790eba9e1d75b511-OSL
ocsp.comodoca.com/
200 OK 471 B IP
Hash 4d2529e0c0c6f7146a3e0b4cf87c3c5b
8b270c03a3644bd040783f2d341c47c6e0fc0ddb
c1c0a900b85b2b671f52cb27ff581e1b60f8ecc87446580d2191f2b39b31ba00
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:02:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 15:38:21 GMT
Expires: Sat, 04 Feb 2023 15:38:20 GMT
Etag: "8b270c03a3644bd040783f2d341c47c6e0fc0ddb"
Cache-Control: max-age=602986,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1428
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790eba9e1961b505-OSL
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 01:46:59 GMT
expires: Sun, 29 Jan 2023 03:46:59 GMT
cache-control: public, max-age=7200
age: 4527
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2921
Cache-Control: max-age=142178
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:26 GMT
Etag: "63d55ebb-1d7"
Expires: Mon, 30 Jan 2023 18:32:04 GMT
Last-Modified: Sat, 28 Jan 2023 17:43:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 916
Origin: https://crezu.pl
Connection: keep-alive
Referer: https://crezu.pl/
Cookie: _ttp=2KyyvPyAGvyCrUlES6dmGqFlqYZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230129030226EAFB51B42DE0ED25181D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60fa52c5d1c57f3b77a3dac2d549caf6cfb732c4f665d1f3ac58070fc5989b2f62083beb8f24d51650e99f10ea88fcdc00ef91984282ac0cb725bd704c76b4f06b6d01a4b2d309ea54337789cc300c0dc95c7497f406424a15debe14164235ee18
x-origin-response-time: 62,23.194.131.36
x-akamai-request-id: 1bb850d9.4d8791bf
expires: Sun, 29 Jan 2023 03:02:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 29 Jan 2023 03:02:26 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-194-131-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=62, inner; dur=20
x-parent-response-time: 164,23.36.79.28
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: cYmcxjxR9l9HISsKbgX/nzMkqC6dZAw8kUTuFZ4lHp4ubxAwIqdLn6ivwY2/ub5OOtbPaGuFVKS/ka46rLMujA==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 03:02:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2921
Cache-Control: max-age=142178
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:26 GMT
Etag: "63d55ebb-1d7"
Expires: Mon, 30 Jan 2023 18:32:04 GMT
Last-Modified: Sat, 28 Jan 2023 17:43:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 886
Origin: https://crezu.pl
Connection: keep-alive
Referer: https://crezu.pl/
Cookie: _ttp=2KyyvPyAGvyCrUlES6dmGqFlqYZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202301290302261504552939FF0A2E8936
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60fa52c5d1c57f3b77a3dac2d549caf6cf1062bdf824432049410721e581ec9d4232f1db22fe21eae6f4b6f7a27c1b216d2c7452ce779778bfc2fbec0c72a0165c43b65753fcfd1313bd3ba518e97e389a17d28e69d51a44272b2d1e693ec26f04
x-origin-response-time: 152,23.194.131.30
x-akamai-request-id: 739f4d8.4d8791c0
expires: Sun, 29 Jan 2023 03:02:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 29 Jan 2023 03:02:26 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-194-131-30.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=152, inner; dur=22
x-parent-response-time: 252,23.36.79.28
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-196925302-1&cid=1852793273.1674961352&jid=1582218900&gjid=608817237&_gid=1272699819.1674961352&_u=YEBAAEAAAAAAACAEK~&z=1163922327
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-196925302-1&cid=1852793273.1674961352&jid=1582218900&gjid=608817237&_gid=1272699819.1674961352&_u=YEBAAEAAAAAAACAEK~&z=1163922327
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-196925302-1&cid=1852793273.1674961352&jid=1582218900&gjid=608817237&_gid=1272699819.1674961352&_u=YEBAAEAAAAAAACAEK~&z=1163922327 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://crezu.pl
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://crezu.pl
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 03:02:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.amplitude.com/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cross-origin-resource-policy
Referer: https://crezu.pl/
Origin: https://crezu.pl
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 03:02:26 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: cross-origin-resource-policy
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=crezu.pl
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=crezu.pl
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=crezu.pl HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 03:02:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=crezu.pl
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=crezu.pl
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=crezu.pl HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 03:02:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ae45eeb8e62398ce3fc49c0234699163
f5506898f66248b331e84b573a010c5c1a8ad0d2
3d298a54e6d0f6e8f6a48a398e372720fb871623080b7408d66f296068ec6ddc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-196925302-1&cid=1852793273.1674961352&jid=1582218900&_u=YEBAAEAAAAAAACAEK~&z=2139057595
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-196925302-1&cid=1852793273.1674961352&jid=1582218900&_u=YEBAAEAAAAAAACAEK~&z=2139057595
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-196925302-1&cid=1852793273.1674961352&jid=1582218900&_u=YEBAAEAAAAAAACAEK~&z=2139057595 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 03:02:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-196925302-1&cid=1852793273.1674961352&jid=1582218900&_u=YEBAAEAAAAAAACAEK~&z=2139057595
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-196925302-1&cid=1852793273.1674961352&jid=1582218900&_u=YEBAAEAAAAAAACAEK~&z=2139057595
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-196925302-1&cid=1852793273.1674961352&jid=1582218900&_u=YEBAAEAAAAAAACAEK~&z=2139057595 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 03:02:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.amplitude.com/
200 OK 7 B IP
File type ASCII text, with no line terminators
Hash 260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
POST / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 1188
Origin: https://crezu.pl
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 03:02:26 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-63d5e1c2-48a319430be9e9a800319245
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ae45eeb8e62398ce3fc49c0234699163
f5506898f66248b331e84b573a010c5c1a8ad0d2
3d298a54e6d0f6e8f6a48a398e372720fb871623080b7408d66f296068ec6ddc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 622fef0135648b055d1691ae97508eff
535c21115ccc50934d06c70e153df6ae542f1b5c
a66508fe21cab04638a3988ee90babe52167f0399a5440e329cf397182c813b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 29 Jan 2023 03:02:26 GMT
expires: Sun, 29 Jan 2023 03:02:26 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:43:30 GMT
expires: Fri, 26 Jan 2024 20:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 195536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1041030910146216&ev=feedSubmitted&dl=https%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9&rl=&if=false&ts=1674961352371&cd[positions]=17&cd[source]=pl-sms-welcome4-crezu&cd[wall]=new-landing-offers&cd[withBrokers]=false&sw=1280&sh=1024&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1674961352367.293412551&it=1674961351888&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1041030910146216&ev=feedSubmitted&dl=https%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9&rl=&if=false&ts=1674961352371&cd[positions]=17&cd[source]=pl-sms-welcome4-crezu&cd[wall]=new-landing-offers&cd[withBrokers]=false&sw=1280&sh=1024&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1674961352367.293412551&it=1674961351888&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1041030910146216&ev=feedSubmitted&dl=https%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9&rl=&if=false&ts=1674961352371&cd[positions]=17&cd[source]=pl-sms-welcome4-crezu&cd[wall]=new-landing-offers&cd[withBrokers]=false&sw=1280&sh=1024&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1674961352367.293412551&it=1674961351888&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 29 Jan 2023 03:02:27 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1041030910146216&ev=PageView&dl=https%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9&rl=&if=false&ts=1674961352368&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674961352367.293412551&it=1674961351888&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1041030910146216&ev=PageView&dl=https%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9&rl=&if=false&ts=1674961352368&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674961352367.293412551&it=1674961351888&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1041030910146216&ev=PageView&dl=https%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9&rl=&if=false&ts=1674961352368&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674961352367.293412551&it=1674961351888&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 29 Jan 2023 03:02:27 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019
200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019
IP
File type ASCII text, with very long lines (2595)
Hash 22b1107093ffdaf82c67748570c23847
23dfc8f212390c65e14e5429f57808ba23519546
cbbc030a379d4135d1a593fe405ab78879df73eef55d3cb03774cc3b3c27ac82
GET /mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4209
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 05:47:37 GMT
expires: Mon, 24 Apr 2023 05:47:37 GMT
cache-control: public, max-age=7776000
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
content-type: text/javascript
age: 422090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight
200 OK 4.5 kB URL HTTP/2 www.gstatic.com/mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight
IP
File type C++ source, ASCII text, with very long lines (1812)
Hash aedf474400722a008158e56e573bc5d0
72656d7103183a1ced0cfe3495612a7a6232d5bb
0ddf3aa087012380c967098be900c1b7ab2e26618375d81d3740f470f3bcd792
GET /mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4467
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 05:47:53 GMT
expires: Mon, 24 Apr 2023 05:47:53 GMT
cache-control: public, max-age=7776000
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
content-type: text/javascript
age: 422074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP
Hash 2d22e5352cd38d70b780844b407b0cdf
82c5f15fe821a2cbb988fb384674a6e9573e3818
7d64f2960a6113219a715cd91c89cb697a15f25b69b27594066b73bbd55db335
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 03:02:27 GMT
date: Sun, 29 Jan 2023 03:02:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:02:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:34:21 GMT
expires: Fri, 26 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 217687
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
crezu.pl/svg/done.svg
200 OK 235 B IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 483b9a55052a6fed96ae0c8519e17f79
bbbab9fc2e8fbfd175ea5d9cf1f5aeac9abf75a0
fc52eb0bdcab53c8cdd4e4a03c6958c2c10a179d91eeb601435b1a668b20c735
GET /svg/done.svg HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5&sub6=156&sub7&sub8&sub9
Cookie: i18n_redirected=PL; landingOffersVisit={"sub1":"759eb5aa7ab340f68171a8e2e8afc866","sub2":"pl-sms-welcome4-crezu"}; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-29%2003%3A02%3A30%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-29%2003%3A02%3A30%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9; amp_2a3376=_ZkQEFOZTVY_9-fAjBkK8G.NzU5ZWI1YWE3YWIzNDBmNjgxNzFhOGUyZThhZmM4NjY=..1gntnjs91.1gntnk0rk.2.0.2; uuidv4=89fbfd70-c9f7-451c-89a4-442081e1f012; _tt_enable_cookie=1; _ttp=-wZNFUrquLMX2ptVJ5e6CWcX1Tx; _ga=GA1.2.1852793273.1674961352; _gid=GA1.2.1272699819.1674961352; _gat_UA-196925302-1=1; __gads=ID=319f6ad3d9e4aa3f-2298ebffafda0092:T=1674961346:RT=1674961346:S=ALNI_MbbO_VRjivD-af3qvQFoFewOY3kww; __gpi=UID=00000bab9bee3d64:T=1674961346:RT=1674961346:S=ALNI_MZaTvI39KXV2XXJzm52O7OD-kyN2A; _fbp=fb.1.1674961352367.293412551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:30 GMT
Content-Type: image/svg+xml
Content-Length: 235
Last-Modified: Fri, 06 Jan 2023 09:30:53 GMT
Connection: keep-alive
ETag: "63b7ea4d-eb"
Expires: Mon, 29 Jan 2024 03:02:30 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
crezu.pl/svg/close-green.svg
200 OK 235 B URL HTTP/1.1 crezu.pl/svg/close-green.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 5d59c353f7d574afe69b9e2dd2e990d4
cee4a6ea91a3e79470c3c38aebaabead825a6894
35388c215dad3ef4ce5523aea6900f5c434b4dbee600a9cf35ceea6012507fa3
GET /svg/close-green.svg HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5&sub6=156&sub7&sub8&sub9
Cookie: i18n_redirected=PL; landingOffersVisit={"sub1":"759eb5aa7ab340f68171a8e2e8afc866","sub2":"pl-sms-welcome4-crezu"}; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-29%2003%3A02%3A30%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-29%2003%3A02%3A30%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9; amp_2a3376=_ZkQEFOZTVY_9-fAjBkK8G.NzU5ZWI1YWE3YWIzNDBmNjgxNzFhOGUyZThhZmM4NjY=..1gntnjs91.1gntnk0rk.2.0.2; uuidv4=89fbfd70-c9f7-451c-89a4-442081e1f012; _tt_enable_cookie=1; _ttp=-wZNFUrquLMX2ptVJ5e6CWcX1Tx; _ga=GA1.2.1852793273.1674961352; _gid=GA1.2.1272699819.1674961352; _gat_UA-196925302-1=1; __gads=ID=319f6ad3d9e4aa3f-2298ebffafda0092:T=1674961346:RT=1674961346:S=ALNI_MbbO_VRjivD-af3qvQFoFewOY3kww; __gpi=UID=00000bab9bee3d64:T=1674961346:RT=1674961346:S=ALNI_MZaTvI39KXV2XXJzm52O7OD-kyN2A; _fbp=fb.1.1674961352367.293412551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:30 GMT
Content-Type: image/svg+xml
Content-Length: 235
Last-Modified: Fri, 06 Jan 2023 09:30:53 GMT
Connection: keep-alive
ETag: "63b7ea4d-eb"
Expires: Mon, 29 Jan 2024 03:02:30 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
crezu.pl/svg/polygon-push.svg
200 OK 308 B URL HTTP/1.1 crezu.pl/svg/polygon-push.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4a083d1e87c754b036ecf93137b2372b
fd3a0d10cf8c1c81cac9898f2f7e9407ad3f7cb0
5b0270cfaec64a3f0b274938da05903c44076025308fff5ed8fefe70b5771362
GET /svg/polygon-push.svg HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5&sub6=156&sub7&sub8&sub9
Cookie: i18n_redirected=PL; landingOffersVisit={"sub1":"759eb5aa7ab340f68171a8e2e8afc866","sub2":"pl-sms-welcome4-crezu"}; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-29%2003%3A02%3A30%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-29%2003%3A02%3A30%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9; amp_2a3376=_ZkQEFOZTVY_9-fAjBkK8G.NzU5ZWI1YWE3YWIzNDBmNjgxNzFhOGUyZThhZmM4NjY=..1gntnjs91.1gntnk0rk.2.0.2; uuidv4=89fbfd70-c9f7-451c-89a4-442081e1f012; _tt_enable_cookie=1; _ttp=-wZNFUrquLMX2ptVJ5e6CWcX1Tx; _ga=GA1.2.1852793273.1674961352; _gid=GA1.2.1272699819.1674961352; _gat_UA-196925302-1=1; __gads=ID=319f6ad3d9e4aa3f-2298ebffafda0092:T=1674961346:RT=1674961346:S=ALNI_MbbO_VRjivD-af3qvQFoFewOY3kww; __gpi=UID=00000bab9bee3d64:T=1674961346:RT=1674961346:S=ALNI_MZaTvI39KXV2XXJzm52O7OD-kyN2A; _fbp=fb.1.1674961352367.293412551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:30 GMT
Content-Type: image/svg+xml
Content-Length: 308
Last-Modified: Fri, 06 Jan 2023 09:30:53 GMT
Connection: keep-alive
ETag: "63b7ea4d-134"
Expires: Mon, 29 Jan 2024 03:02:30 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
crezu.pl/img/push-image.png
200 OK 133 kB URL HTTP/1.1 crezu.pl/img/push-image.png
IP
File type PNG image data, 732 x 591, 8-bit/color RGBA, non-interlaced\012- data
Size 133 kB (133249 bytes)
Hash 9bf14dc2958f286587ecdd6c1e0c17ef
a14f750c1b48522eee1e0f0168b8316881fc1a19
cc70f4e8b16f2ff1a1702ffe91b71756728be957de57e3c0561dee4b3c38bb9a
GET /img/push-image.png HTTP/1.1
Host: crezu.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crezu.pl/landing/offers/?sub1=759eb5aa7ab340f68171a8e2e8afc866&sub2=pl-sms-welcome4-crezu&sub3=sl-crm&sub4=0&sub5&sub6=156&sub7&sub8&sub9
Cookie: i18n_redirected=PL; landingOffersVisit={"sub1":"759eb5aa7ab340f68171a8e2e8afc866","sub2":"pl-sms-welcome4-crezu"}; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2023-01-29%2003%3A02%3A30%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2023-01-29%2003%3A02%3A30%7C%7C%7Cep%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fcrezu.pl%2Flanding%2Foffers%2F%3Fsub1%3D759eb5aa7ab340f68171a8e2e8afc866%26sub2%3Dpl-sms-welcome4-crezu%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D156%26sub7%26sub8%26sub9; amp_2a3376=_ZkQEFOZTVY_9-fAjBkK8G.NzU5ZWI1YWE3YWIzNDBmNjgxNzFhOGUyZThhZmM4NjY=..1gntnjs91.1gntnk0rk.2.0.2; uuidv4=89fbfd70-c9f7-451c-89a4-442081e1f012; _tt_enable_cookie=1; _ttp=-wZNFUrquLMX2ptVJ5e6CWcX1Tx; _ga=GA1.2.1852793273.1674961352; _gid=GA1.2.1272699819.1674961352; _gat_UA-196925302-1=1; __gads=ID=319f6ad3d9e4aa3f-2298ebffafda0092:T=1674961346:RT=1674961346:S=ALNI_MbbO_VRjivD-af3qvQFoFewOY3kww; __gpi=UID=00000bab9bee3d64:T=1674961346:RT=1674961346:S=ALNI_MZaTvI39KXV2XXJzm52O7OD-kyN2A; _fbp=fb.1.1674961352367.293412551
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 03:02:30 GMT
Content-Type: image/png
Last-Modified: Fri, 06 Jan 2023 09:30:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7ea4d-20dab"
Expires: Mon, 29 Jan 2024 03:02:30 GMT
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
api.amplitude.com/
200 OK 7 B IP
File type ASCII text, with no line terminators
Hash 260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
POST / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 1055
Origin: https://crezu.pl
Connection: keep-alive
Referer: https://crezu.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 03:02:30 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-63d5e1c6-6d5fa12c0ab2991f1364da54
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
35.187.173.18
35.241.9.150
34.90.63.227
23.36.79.32
157.240.200.14
104.18.32.68
93.184.220.29