turbomobile.site/m/th/s4/
79.98.29.8302 Found 0 B URL HTTP/1.1 turbomobile.site/m/th/s4/
IP 79.98.29.8:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m/th/s4/ HTTP/1.1
Host: turbomobile.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 23 Dec 2022 15:08:30 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //ak.lanopoon.net/4/5087048?var=ar_error
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ad598540c6639aaaa344fb3ce4f3162f
b0b9f86d50de7dc23bdc7aee2f45d79a06165afc
4e9aaff330ce0c9c11f6bb8502fe21296b1845151bace75f73908a3194d5d0a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E9AAFF330CE0C9C11F6BB8502FE21296B1845151BACE75F73908A3194D5D0A1"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4563
Expires: Fri, 23 Dec 2022 16:24:34 GMT
Date: Fri, 23 Dec 2022 15:08:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e300ca7d2d586dd1ca0c185ef6b0da5
3914cfd3b7aa6e1d1117bf509319479e489ed2a4
91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7603
Expires: Fri, 23 Dec 2022 17:15:14 GMT
Date: Fri, 23 Dec 2022 15:08:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4206
Expires: Fri, 23 Dec 2022 16:18:37 GMT
Date: Fri, 23 Dec 2022 15:08:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 14:34:46 GMT
content-type: application/json
age: 2025
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8DpleOHARDzDdXT3Lp3coczGxysARYXaS6bW1+9D24jLhamSQeStu+NUnfN9YTfMaNKZrCuyQDo=
x-amz-request-id: D8Y2PSSPHSPHCBDB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 14:54:06 GMT
age: 865
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 15:08:31 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ak.lanopoon.net/4/5087048?var=ar_error
95.101.10.27200 OK 9.4 kB URL HTTP/1.1 ak.lanopoon.net/4/5087048?var=ar_error
IP 95.101.10.27:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12966)
Hash 5d2ebbc003f5bf2bd7b012777b882f3d
d470aec0c0229930df0b66a2d795d17ef4973d53
437d7f954ef80ed8f02d3fee7bc391a720347cae97dcda1e0859a2717ce3b855
GET /4/5087048?var=ar_error HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
X-Trace-Id: a6545985146f364c326fd16b8d030218
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
Expires: Fri, 23 Dec 2022 15:08:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Dec 2022 15:08:31 GMT
Content-Length: 9386
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: OAID=f765cbd5caff4ba086abec2e6e5bf059; expires=Sat, 23 Dec 2023 15:08:31 GMT; path=/
oaidts=1671808111; expires=Sat, 23 Dec 2023 15:08:31 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0ddacadc88328d7758710bb7b61f3285
7d1b8c3288f439e8dc576b0d63107528cec9bc01
61485705a3c70b5f4f016ab019acecc6909d8e3d099f192612514f1a7cbbc738
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61485705A3C70B5F4F016AB019ACECC6909D8E3D099F192612514F1A7CBBC738"
Last-Modified: Thu, 22 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3622
Expires: Fri, 23 Dec 2022 16:08:53 GMT
Date: Fri, 23 Dec 2022 15:08:31 GMT
Connection: keep-alive
my.rtmark.net/img.gif?f=merge&userId=f765cbd5caff4ba086abec2e6e5bf059
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=f765cbd5caff4ba086abec2e6e5bf059
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=f765cbd5caff4ba086abec2e6e5bf059 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ak.lanopoon.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 15:08:31 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f765cbd5caff4ba086abec2e6e5bf059; expires=Sat, 23 Dec 2023 15:08:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ak.lanopoon.net/?z=5087048&syncedCookie=true&rhd=false
95.101.10.27302 Moved Temporarily 0 B URL HTTP/1.1 ak.lanopoon.net/?z=5087048&syncedCookie=true&rhd=false
IP 95.101.10.27:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET ADWARE_PUP Win32/Adware.Agent.NSU CnC Activity M2
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 475
Origin: http://ak.lanopoon.net
Connection: keep-alive
Referer: http://ak.lanopoon.net/afu.php?zoneid=5087048&var=5087048&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false
Cookie: OAID=f765cbd5caff4ba086abec2e6e5bf059; oaidts=1671808111
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
X-Trace-Id: 46d79f87fadbd552bd7b80815365df0f
Link: <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0&language=en&connectiontype=broadband&cost=0.000816&visitor_id=630171496257687974&rdk=rk3
Access-Control-Allow-Origin: http://ak.lanopoon.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Expires: Fri, 23 Dec 2022 15:08:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Dec 2022 15:08:31 GMT
Connection: keep-alive
Set-Cookie: OAID=f765cbd5caff4ba086abec2e6e5bf059; expires=Sat, 23 Dec 2023 15:08:31 GMT; path=/
oaidts=1671808111; expires=Sat, 23 Dec 2023 15:08:31 GMT; path=/
syncedCookie=true; expires=Fri, 30 Dec 2022 15:08:31 GMT; path=/
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4520987e43f1961867ed52d00b1a5dd9
48d26ca30d8f20bb77ba538c92b9bcb1f01e9a25
4865aa67755f602ed0050bb0eb1a5ccc04e63fff4b4d15bce39a3218c925c7a2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 15:08:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 14:07:07 GMT
Expires: Thu, 29 Dec 2022 14:07:06 GMT
Etag: "48d26ca30d8f20bb77ba538c92b9bcb1f01e9a25"
Cache-Control: max-age=514114,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e203595b370b3d-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 15:08:02 GMT
age: 29
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.000816&visitor_id=630171496257687974&rdk=rk3
18.193.209.105302 Found 0 B URL HTTP/2 voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.000816&visitor_id=630171496257687974&rdk=rk3
IP 18.193.209.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.000816&visitor_id=630171496257687974&rdk=rk3 HTTP/1.1
Host: voices-kerence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 23 Dec 2022 15:08:31 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=webcre89i2mlancl27ch1fd6
pragma: no-cache
set-cookie: e156c3f3-11b0-4914-affc-c6259ac63ded-v4=lV2-m61vD4O_xONYqCzXjrnWhJqQd_1tpp0vpCrjc4s; Max-Age=86400; Expires=Sat, 24-Dec-2022 15:08:31 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=3vjJJoWxPqkKDp81ADeVssnM3kaXYvjgpMsq7fgNTzFiioRbHmSm5iW%2BrMbM7TF5mz37QM1vDsgyOn11TVfsb6w2kyfXRkV1vlmnfxxABPLwo%2FTosbXpAhVtMmRDxYKDznRV26noL3kVDf0b76TYqA%3D%3D; Max-Age=31536000; Expires=Sat, 23-Dec-2023 15:08:31 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6330
Cache-Control: max-age=157426
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:31 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 10:52:17 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=webcre89i2mlancl27ch1fd6
95.101.10.178307 Temporary Redirect 0 B URL HTTP/2 wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=webcre89i2mlancl27ch1fd6
IP 95.101.10.178:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=2052770&bid=5396&clickid=webcre89i2mlancl27ch1fd6 HTTP/1.1
Host: wzb-bc-7s.lptrak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://wazamba100.com/no/?btag=658915_99E19E0D6F264B69889296E49015ED2C&clickid=webcre89i2mlancl27ch1fd6&MSID=2052770&BID=5396
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 23 Dec 2022 15:08:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 23 Dec 2022 15:08:32 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a2052770%2c%22BID%22%3a5396%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671808112125)%5c%2f%22%2c%22CookieTag%22%3a%2253962052770451240919C20221223158%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22562840631%7c1%22%7d%5d; domain=.lptrak.com; expires=Sun, 23-Dec-3021 15:08:32 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=24, origin; dur=41
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 688f0db2532f14f91adf98b4d47d288e
c4dc195e040abdfc60d0507587f93999391b0473
829892674a65cdf9a8a2413fca440f05dc6ec8b07bb4975763ec7c72427e089b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 567
Cache-Control: max-age=168948
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Etag: "63a5b32d-117"
Expires: Sun, 25 Dec 2022 14:04:20 GMT
Last-Modified: Fri, 23 Dec 2022 13:54:53 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
34.210.158.59101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f1S5fvRnQhtSsu4I0YW0wQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: d/bO2Cxl5DqqzAeVAjKS6j9gbr0=
wazamba100.com/no/?btag=658915_99E19E0D6F264B69889296E49015ED2C&clickid=webcre89i2mlancl27ch1fd6&MSID=2052770&BID=5396
45.8.106.138301 Moved Permanently 0 B URL HTTP/2 wazamba100.com/no/?btag=658915_99E19E0D6F264B69889296E49015ED2C&clickid=webcre89i2mlancl27ch1fd6&MSID=2052770&BID=5396
IP 45.8.106.138:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/?btag=658915_99E19E0D6F264B69889296E49015ED2C&clickid=webcre89i2mlancl27ch1fd6&MSID=2052770&BID=5396 HTTP/1.1
Host: wazamba100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 23 Dec 2022 15:08:32 GMT
content-length: 0
location: https://wazamba.com/no/?btag=658915_99E19E0D6F264B69889296E49015ED2C&clickid=webcre89i2mlancl27ch1fd6&MSID=2052770&BID=5396
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e2035d4b6cfac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 688f0db2532f14f91adf98b4d47d288e
c4dc195e040abdfc60d0507587f93999391b0473
829892674a65cdf9a8a2413fca440f05dc6ec8b07bb4975763ec7c72427e089b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 567
Cache-Control: max-age=168948
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Etag: "63a5b32d-117"
Expires: Sun, 25 Dec 2022 14:04:20 GMT
Last-Modified: Fri, 23 Dec 2022 13:54:53 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4b4036b4c1171dbdcd2ee18e1797bd78
ef8cb209206ca8f48ee4c461c8ac16f65df8c723
54b5ed3392c13af43e64516598472d4084c3d05fd0888fce1e92a86302b2a337
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6243
Cache-Control: max-age=163817
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Etag: "63a588f6-117"
Expires: Sun, 25 Dec 2022 12:38:49 GMT
Last-Modified: Fri, 23 Dec 2022 10:54:46 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4b4036b4c1171dbdcd2ee18e1797bd78
ef8cb209206ca8f48ee4c461c8ac16f65df8c723
54b5ed3392c13af43e64516598472d4084c3d05fd0888fce1e92a86302b2a337
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6243
Cache-Control: max-age=163817
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Etag: "63a588f6-117"
Expires: Sun, 25 Dec 2022 12:38:49 GMT
Last-Modified: Fri, 23 Dec 2022 10:54:46 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
151.101.129.229200 OK 38 kB URL HTTP/2 cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0880c171f6c1061e1a2de7c892645c86
39b9c3eedf84507430791a2f17e03a4bc4b891be
e02180112a0dee98478682fa68ebef088ef1ca2cd3052ca783212478833151a3
GET /npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.9.38
x-jsd-version-type: version
etag: W/"23e2d-8Ljb58fTcif9uN6WX1ki2pXIRm0"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Dec 2022 15:08:32 GMT
age: 4524676
x-served-by: cache-fra-eddf8230084-FRA, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 38325
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 305e61785b6a439d62cc6d1eb782acf0
51c1e3e213b20326f9b0a6089a07d64559945d85
b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 23bde22c6b34b8828be77deffd748968
90441dd7f624ecebe1474955a4f1034267ededd0
fbb5968d82a4a4193d59a22b3b691189597d07256c9489f5a8bd97d213c882b4
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 15:08:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "5F6C59C27D2ABD349E3499C46D41423C1D727439"
Expires: Sat, 24 Dec 2022 02:00:00 GMT
Last-Modified: Fri, 23 Dec 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 746
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77e2035f7a6eb518-OSL
www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
142.250.74.46200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
IP 142.250.74.46:0
File type ASCII text, with very long lines (1921)
Hash 5fc44bd9258540399a110b5f9c021985
4065e4b3a535c085e2486a0040429c64fd4128a7
8ea93ab93ba6ed90d687f8421b4045877bcfb8c4379db1b93dd4bfb035f025fa
GET /optimize.js?id=OPT-P6V4PQ2 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Dec 2022 15:08:32 GMT
expires: Fri, 23 Dec 2022 15:08:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 63 kB IP 142.250.74.131:0
Hash 7420ff6182240d82280c26a6d71bb7d6
08392b4cfb0b576559643babff0f5b19ff697587
06bcf590abd27c100e157e7767b1785b470e4bd42588a25efde788036c233d13
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
142.250.74.168200 OK 71 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (9893)
Hash c7fe9c7a7b7af9fcd2cc77ec5a0a6efc
2f3a06d4b11c9b2f4751c6943d8101ca5d7c2185
a6c0bbbce33834847c3d41ca233de41503ee5f94b6d63f20b78c36d8cbc2516e
GET /gtm.js?id=GTM-MCXZLND HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Dec 2022 15:08:32 GMT
expires: Fri, 23 Dec 2022 15:08:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
142.250.74.106200 OK 32 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
IP 142.250.74.106:0
Hash 638aed328a61aabd90d08c8e7a986278
9caa926ce5435cc40bccd7becb1c9ca7b0282c03
87e3e261cb3f72fc15a464fd3c499588253d3539d8f2068c63d47572c18d09bb
GET /css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Dec 2022 15:08:32 GMT
date: Fri, 23 Dec 2022 15:08:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 06d5397b8f6980c28842d4ff9a819052
92682a0d1f2619e45270f84cbba36d7a88e356fe
71cacd9f2dda1597769645ac5dc63d82b5f3cbede2b495afc900edd45e41f107
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3857
Cache-Control: max-age=150227
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:32 GMT
Etag: "63a55d32-117"
Expires: Sun, 25 Dec 2022 08:52:19 GMT
Last-Modified: Fri, 23 Dec 2022 07:48:02 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP 142.250.74.131:0
Hash 9bae0d7337bb56de69fe6f09fc8f37e2
153d691c5180b5bd42e697de9f2326fcd0e11d1f
6391884740bd4b7eab2799f82fc00127653be44cd6db96f8c9ac2f1a49bb9bb1
POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1671453642579
34.120.135.117200 OK 132 kB URL HTTP/2 sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1671453642579
IP 34.120.135.117:0
File type ASCII text, with very long lines (64976)
Size 132 kB (131455 bytes)
Hash f45d9e72b671f7319c76c270fc970e2e
f8d8d426f7d2f863f6a08bcbe20a7b0910b07763
79505382bbaa9001d9e784de8e7d9e0cbadd46d6a6db2fb31a101469c2b38aa2
GET /altenarWSDK.js?build=1671453642579 HTTP/1.1
Host: sb2widgetsstatic-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu4S_b2i-jflRFVOmSeDLC5aGAePmo81Ki5ICpmA1DJW5zGSUlxtgs6i1SnNXSpcEYnIM5XpPpt5prPO0KtP_gjiw
x-goog-generation: 1670934811958488
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 131455
x-goog-meta-goog-reserved-file-mtime: 1670934789
content-encoding: gzip
x-goog-hash: crc32c=idYX0A==, md5=9F2ecrZx9zGcdsJw/JcOLg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 131455
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Fri, 23 Dec 2022 15:08:33 GMT
expires: Fri, 23 Dec 2022 15:08:33 GMT
cache-control: no-cache,max-age=0
last-modified: Tue, 13 Dec 2022 12:33:32 GMT
etag: "f45d9e72b671f7319c76c270fc970e2e"
content-type: application/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP 142.250.74.131:0
Hash 9bae0d7337bb56de69fe6f09fc8f37e2
153d691c5180b5bd42e697de9f2326fcd0e11d1f
6391884740bd4b7eab2799f82fc00127653be44cd6db96f8c9ac2f1a49bb9bb1
POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.css
54.230.245.200200 OK 17 kB URL HTTP/1.1 d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.css
IP 54.230.245.200:0
Hash f2a68465f0d08be87b9b5314959692f8
eb6087ce177a1159a461f58a637ba640f991b9da
35969e23c4cef976a9192f5f75053031222bb967e3e9d8c63c61f0dd8eb6eeb0
GET /webpush/1/webpush.css HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 16571
Connection: keep-alive
Date: Fri, 23 Dec 2022 11:35:32 GMT
Last-Modified: Tue, 27 Sep 2022 12:25:29 GMT
ETag: "14e2bc37863315233df178043f69a7c6"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dHoMqqw85QCRFPMZz3wquR5QPg2VOSaas74AD2r-qzBKkjvnPzFxFQ==
Age: 12782
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.js
54.230.245.200200 OK 38 kB URL HTTP/1.1 d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.js
IP 54.230.245.200:0
Hash 7f4d3e7149cec9d4cef65539f7c767f3
6e3d447c6834967ccc335aa55a3cb849c648ffa5
b0465392ae22806156f2bd6d3569ce6397c0cfc2b5bb1cdc1c60ed6c05f4c79a
GET /webpush/1/webpush.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 38381
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 12:25:30 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 22 Dec 2022 21:29:38 GMT
ETag: "7f4d3e7149cec9d4cef65539f7c767f3"
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RMotqQJfettnHmFh6gLwnRL_p292xJExju-DvD2shHSFKOyhKU_OEg==
Age: 63536
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7095575146d527ea2722685ca1dfd0b3
f9c8c06f94d9ac0f11354a0b408fa9e74115c468
4a4e2d1f8e7b4421308e48e2ee7ba6acaba1cfd6615c7464d711f626b13f1249
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4426
Cache-Control: max-age=107624
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:33 GMT
Etag: "63a4b490-1d7"
Expires: Sat, 24 Dec 2022 21:02:17 GMT
Last-Modified: Thu, 22 Dec 2022 19:48:32 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
37.157.2.234200 OK 180 B URL HTTP/2 track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
IP 37.157.2.234:0
File type ASCII text, with no line terminators
Hash 2255005e68a8880fe8846b0ce53772ad
36ba75259314950e35818b9d871b02b09dab56ce
28df773657a07be0bbc8ab226c401438dacd6a9bc8662f38f0a69252c0089fc5
GET /Serving/Cookie/?adfaction=getjs;adfcookname=uid HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 15:08:33 GMT
content-type: text/javascript; charset=utf-8
content-length: 180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1671453642579
104.22.8.90200 OK 21 kB URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1671453642579
IP 104.22.8.90:0
File type ASCII text, with very long lines (8259)
Hash 454d62cf95321dca026f266095a34842
6a0e0c1af89fea454ff9d446b358ec0e7fc12af2
50708ac8cde045bc62dd1a530473af160487d87610858771854a90f9b13fe7ec
GET /api/Integration/wazamba?build=1671453642579 HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:33 GMT
content-type: text/plain; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77e203624d48b518-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 64 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3e1f24a75fc9006753e2f3c5652f6edb
9a8ddf0af10fc81c76c6c1c5df6c85fbc6ef04ef
e68b93e31d12ee1a77266d081e8f3b724f720b74d8ac1b42a2c92912f1eb2bbc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8380
Expires: Fri, 23 Dec 2022 17:28:13 GMT
Date: Fri, 23 Dec 2022 15:08:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 6.9 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 945c70c0dc617f309a2b1df974616113
9a7e1afeb4a378084ec50e45c805b5996d548e09
8b5f10e9a4097e42924158bc72c8d23328ab54eb932fc0a94d3272add4daf9a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8380
Expires: Fri, 23 Dec 2022 17:28:13 GMT
Date: Fri, 23 Dec 2022 15:08:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8380
Expires: Fri, 23 Dec 2022 17:28:13 GMT
Date: Fri, 23 Dec 2022 15:08:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8380
Expires: Fri, 23 Dec 2022 17:28:13 GMT
Date: Fri, 23 Dec 2022 15:08:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8380
Expires: Fri, 23 Dec 2022 17:28:13 GMT
Date: Fri, 23 Dec 2022 15:08:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
34.120.237.76200 OK 43 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
IP 34.120.237.76:0
Hash 3330d07cc77ce54fdc59cb1e41172917
654bf5154439dac46aef3b947cea5ad9dbe5895a
7c96d8323d290067d95bcd919c74001a5d42617b038236eba7ba786c0f7913e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11939
x-amzn-requestid: a00e5ab5-ad16-4576-b046-381e36456998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqE94oAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-28687ad51eea1f6f3ce8cc86;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uIDvI3BVK0v68x1jkgw9GB0U1i3l2kyW81q2Kiy3ZDREqQmyUTXCnQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:11 GMT
age: 63022
etag: "eafb4e029313caabcdbdc1002abcab95f66e91b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
34.120.237.76200 OK 112 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
IP 34.120.237.76:0
Size 112 kB (112125 bytes)
Hash 5ec15d51e8b656ae3d5604e65611041a
fe17f8586133e64f620e409e4a5916ac53905c80
f11fef8303fe14b95085010a0a98fe13da68dd0004deacf137e3bba6eb76f515
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11471
x-amzn-requestid: 20d9459a-710b-4fcf-bfce-9f0c5f513740
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbNEqGPnoAMFcDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a12884-4a93ab9047181db109d328e2;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 03:14:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qFwWS-f0U1hSbrFFgBiGNzXRvZyvR90n_MI7jfYfWsyv2W6jH8D-9w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 04:54:20 GMT
age: 36853
etag: "552f216608b819b4f65f0574e421f4a761f0d721"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP 34.120.237.76:0
Hash 6d5ac9043f519a93e323943173b4cd77
e6cf47bfd2a4770daa5999a6fd4922c3e5dbbcd8
9c483ec039c4be9df71bd3c32b8504e0eb4e3dc52c4498ad60b435060216a99a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FGP2S7V05eAwwnHzdlYQJC9ZW-5xLD8Aqi7XBCcJtaqbVoNCocGFhw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:50:42 GMT
age: 47871
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
34.120.237.76200 OK 111 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
IP 34.120.237.76:0
Size 111 kB (111281 bytes)
Hash 8b5d6926a8905c7258e26e2ffe8afce1
2bd8d3f83d9b7fe185c322c8a79f588a9eba1b9c
9e2d3cfdc559fc4ec905840ec3df63a6ff3e65749e2b917307d4f063143cc996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9158
x-amzn-requestid: 2047fa50-737a-420b-8bcd-6ba2d79b60eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOjrhHuiIAMF5JQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c197c-0103d96966f2f8924b8c8a10;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 07:08:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MAD0zRheKGRmq1aqcKD5oOfjQFY_8CeffvGAvwTxjhKihl6PqbzV8Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 16:52:36 GMT
age: 80157
etag: "ef8fd938e82dec810c56e4497441c452012e5a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
34.120.237.76200 OK 63 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
IP 34.120.237.76:0
Hash 902f0fe39ce91b0e1079cc78a2c37fb0
d9efc10a87d289ed9e4bbae62c1e084a6b555fb9
60b36474b3a7a4551c8c295bbd406d548817fd8f936aabd1ba9f2dc5871d5b0b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12794
x-amzn-requestid: 82617475-f461-429b-b38d-0c84eee33754
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk55IGPioAMFi1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a509d3-0dfc997d3853974a08914362;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:52:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -24dBoLhaZcF6kjZCYp8EJSAYmslMmv15G3oPgPAydPxVA0j51Vs3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:52:20 GMT
age: 47773
etag: "48ff42e4329102d6a006b8f947bfaf29c0a5de17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61b1b9ece5581fe0b212144f45243f1a
d161c613f1491ae6ab63b536c50c6630e80d6382
f5a2b23b66a05734b86755986573c07c5f75bc6cbe67d2b769aee9ef402b2c14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7117
x-amzn-requestid: 470b959f-7f5f-4a64-8d8d-bfc91856fad2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dUnBBFhZIAMFhiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e8539-3916bad034c86d5503e456f2;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 03:12:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UIB-d7y4AawAml6oXhsAeoIud_U-fhQzha7VwRqY9AgNaYtJ49nlzg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 05:06:41 GMT
age: 36112
etag: "d161c613f1491ae6ab63b536c50c6630e80d6382"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 118e9e463e1e5174953658f35fb83427
8c2ba52661133dc0d78d0a756996ddb690112e35
8d56cd051472c79b399e7fe5165f4bf46761fb30b519177a8ff76da17214dd36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 29d3696d17220dcd271363e420d6d592
16fb6e6352605346ddca3f28e69ed5e3b3980057
3a5946f894fc0ec400905c1a88a943fb60b5170dc0fc6946c13f800964af79d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=645843120.1671808112>m=2oebu0&aip=1&z=362081263
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=645843120.1671808112>m=2oebu0&aip=1&z=362081263
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=645843120.1671808112>m=2oebu0&aip=1&z=362081263 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 15:08:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
142.250.74.164200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash dffa4cd32dff0a7f6d9f30e6aff1162a
40d06bc27f3c15a8e1ba50e59859cbb7f22a7795
e5336a1644148eb438c7c45abd4d7f41613f770989b0729ecf625a38f6942718
GET /recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 23 Dec 2022 15:08:33 GMT
date: Fri, 23 Dec 2022 15:08:33 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 118e9e463e1e5174953658f35fb83427
8c2ba52661133dc0d78d0a756996ddb690112e35
8d56cd051472c79b399e7fe5165f4bf46761fb30b519177a8ff76da17214dd36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ecc130cabc8432a4c29a8ee3c411345f
ec68a99dcefeae0499da898b048d5a1a850d6256
71a24b7303015b50931d655a2761bd377379b2d8a1fba34d90311bdc1462e5d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.352fddba5b21bbfc3a08.js
143.204.55.96200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.352fddba5b21bbfc3a08.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash 3256c76707175033b83ffe82f89b32ec
d33e93f001d08e0449fde66b60493900f8f5c62e
cdb9b4030412de584b24a407d6186cd5971df1b3fb3168d819c8d9b9e5927bdf
GET /modules.352fddba5b21bbfc3a08.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68894
date: Thu, 22 Dec 2022 08:07:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3256c76707175033b83ffe82f89b32ec"
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Um4VIOBVVfY5Fjrobz6uPzeUgouHq5QGM4BeBM3SBS6a1fFK3_Pa_g==
age: 111688
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
142.250.74.3200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (658)
Size 165 kB (164706 bytes)
Hash 0b7fccb24ee065a01fdde10928c03c3f
9b198014f81844820588c202cc24bf5e03bf3dd7
68756de8f0d6742525ddaca56ab350e34d822777e86939fea27eb704ae013280
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 08:42:55 GMT
expires: Sat, 23 Dec 2023 08:42:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 23138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=1677915491&_gaz=1&cid=645843120.1671808112&ul=en-us&sr=1280x1024&_s=1&sid=1671808112&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_99E19E0D6F264B69889296E49015ED2C%26clickid%3Dwebcre89i2mlancl27ch1fd6%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=1677915491&_gaz=1&cid=645843120.1671808112&ul=en-us&sr=1280x1024&_s=1&sid=1671808112&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_99E19E0D6F264B69889296E49015ED2C%26clickid%3Dwebcre89i2mlancl27ch1fd6%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=1677915491&_gaz=1&cid=645843120.1671808112&ul=en-us&sr=1280x1024&_s=1&sid=1671808112&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_99E19E0D6F264B69889296E49015ED2C%26clickid%3Dwebcre89i2mlancl27ch1fd6%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Fri, 23 Dec 2022 15:08:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e2b94572412cbd6dec9120f26fbd8edd
4ded5a76d85e2c35e8d3b1c5c196fa58159ba2a5
1371df100af0981a2cc1a7d9796c06dd16b71bd3e94f3439d7f789281853bb82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=645843120.1671808112>m=2oebu0&aip=1
209.85.233.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=645843120.1671808112>m=2oebu0&aip=1
IP 209.85.233.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK&cid=645843120.1671808112>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Fri, 23 Dec 2022 15:08:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e2b94572412cbd6dec9120f26fbd8edd
4ded5a76d85e2c35e8d3b1c5c196fa58159ba2a5
1371df100af0981a2cc1a7d9796c06dd16b71bd3e94f3439d7f789281853bb82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.101200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z6oCVdfEphclrLx81b-jI_51gUVR92hzoTMe-75p1wPC69sAGkYurA==
age: 2599108
X-Firefox-Spdy: h2
a27c99e6-8f2c-4a02-b829-0e3b348ee7cf.seondnsresolve.com/
143.204.55.12200 OK 633 B URL HTTP/2 a27c99e6-8f2c-4a02-b829-0e3b348ee7cf.seondnsresolve.com/
IP 143.204.55.12:0
File type JSON data\012- , ASCII text, with very long lines (633), with no line terminators
Hash b7dea913b6da34bb1d2f3cf17747de1e
a6445dcacb6f8ab302aeb1cd836cdd700f132fa0
2b14a52db90e83290a49c1a5dac92923d2225d6491a5b602982d8f4433d0a981
POST / HTTP/1.1
Host: a27c99e6-8f2c-4a02-b829-0e3b348ee7cf.seondnsresolve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 6181
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 633
date: Fri, 23 Dec 2022 15:08:34 GMT
x-amzn-requestid: e8b9bce2-42af-4a6b-9a4f-9da492974b99
access-control-allow-origin: *
x-amz-apigw-id: dmuh4EyEjoEFjKw=
x-amzn-trace-id: Root=1-63a5c472-5b211d8a2787b6ed38f2f31e;Sampled=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1cTQJcYSPhc5LQIT1QTeqQKgYYK5m0a4a3rd3zjLowqo-EqbWnuRow==
X-Firefox-Spdy: h2
rec.smartlook.com/es6/init.7171b9a4c8e511f032f0.js
185.76.9.17200 OK 66 kB URL HTTP/2 rec.smartlook.com/es6/init.7171b9a4c8e511f032f0.js
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
Hash cf1b9450c16697a3c25f8a087ccc8884
65fa30ff567bd8ceb3f45abfcded50e0e905416f
94fb970fbc02b7de98f4a533b72e3f15d0d008b2307201710c499e19c2f1ea79
GET /es6/init.7171b9a4c8e511f032f0.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"63a2fca2-d8e6"
last-modified: Wed, 21 Dec 2022 12:31:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1703164166
server: CDN77-Turbo
x-77-nzt: AblMCQ3J5/7/674CAA
x-77-nzt-ray: c0a4cc2887f7068971c4a5633352f62e
x-cache: HIT
x-age: 179947
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 711dd1a7293763854e08a587151ba25d
9af471198bc05a0adf98fad418ca36ff52d48d70
61485dfbde61e94a1688816b5e16e8eb130a55ebd2bc4c6a4d34ea6d5215dc50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 733
Cache-Control: max-age=169470
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:34 GMT
Etag: "63a5b493-117"
Expires: Sun, 25 Dec 2022 14:13:04 GMT
Last-Modified: Fri, 23 Dec 2022 14:00:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 711dd1a7293763854e08a587151ba25d
9af471198bc05a0adf98fad418ca36ff52d48d70
61485dfbde61e94a1688816b5e16e8eb130a55ebd2bc4c6a4d34ea6d5215dc50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 421
Cache-Control: max-age=169157
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:34 GMT
Etag: "63a5b493-117"
Expires: Sun, 25 Dec 2022 14:07:51 GMT
Last-Modified: Fri, 23 Dec 2022 14:00:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 711dd1a7293763854e08a587151ba25d
9af471198bc05a0adf98fad418ca36ff52d48d70
61485dfbde61e94a1688816b5e16e8eb130a55ebd2bc4c6a4d34ea6d5215dc50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 733
Cache-Control: max-age=169470
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:34 GMT
Etag: "63a5b493-117"
Expires: Sun, 25 Dec 2022 14:13:04 GMT
Last-Modified: Fri, 23 Dec 2022 14:00:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 711dd1a7293763854e08a587151ba25d
9af471198bc05a0adf98fad418ca36ff52d48d70
61485dfbde61e94a1688816b5e16e8eb130a55ebd2bc4c6a4d34ea6d5215dc50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 421
Cache-Control: max-age=169157
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:34 GMT
Etag: "63a5b493-117"
Expires: Sun, 25 Dec 2022 14:07:51 GMT
Last-Modified: Fri, 23 Dec 2022 14:00:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 711dd1a7293763854e08a587151ba25d
9af471198bc05a0adf98fad418ca36ff52d48d70
61485dfbde61e94a1688816b5e16e8eb130a55ebd2bc4c6a4d34ea6d5215dc50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 733
Cache-Control: max-age=169470
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:34 GMT
Etag: "63a5b493-117"
Expires: Sun, 25 Dec 2022 14:13:04 GMT
Last-Modified: Fri, 23 Dec 2022 14:00:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
104.16.151.45200 OK 28 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
IP 104.16.151.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash caf2e885906d6d25e4bfb3fbd2048463
ea8c3be612ac1b3ee18dae469a4208388ca788b0
d2dec97fc0ea9d58d4426672070c3f09d5a714451fd2bacff2aef9258211aa35
GET /crab/startscreen/cash-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:34 GMT
content-type: image/webp
content-length: 28536
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=29855
content-disposition: inline; filename="cash-crab-logo.webp"
etag: "630f1da0-749f"
expires: Thu, 15 Dec 2022 17:30:43 GMT
last-modified: Wed, 31 Aug 2022 08:36:48 GMT
vary: Accept
cf-cache-status: HIT
age: 1817367
accept-ranges: bytes
server: cloudflare
cf-ray: 77e2036d6836b529-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
104.16.151.45200 OK 34 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
IP 104.16.151.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash db1d31533283422abf8460024b0fa333
12951c08fcc92366278ce2a006f5f257ed9d6f02
b3894f9a38d87b7cb97a3c72744b34540e2d7d1dce7b65ca0e4281eae643f05d
GET /crab/startscreen/bonus-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:34 GMT
content-type: image/webp
content-length: 33602
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35463
content-disposition: inline; filename="bonus-crab-logo.webp"
etag: "630f1d9d-8a87"
expires: Thu, 15 Dec 2022 18:34:53 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 1817367
accept-ranges: bytes
server: cloudflare
cf-ray: 77e2036d783eb529-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/promo-text.png
104.16.151.45200 OK 20 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/promo-text.png
IP 104.16.151.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 31f9984a6ea4ab039d1ca2be44c40c51
fb0c9dd75d1362fa410877e485ec85c544516cfc
4ee9e1556bae45b29055f28591dc50d54943144a25377eb9ad73cc4b108ff9f6
GET /crab/startscreen/promo-text.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:34 GMT
content-type: image/webp
content-length: 20300
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=21490
content-disposition: inline; filename="promo-text.webp"
etag: "630f1d9d-53f2"
expires: Thu, 15 Dec 2022 18:28:48 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 1817367
accept-ranges: bytes
server: cloudflare
cf-ray: 77e2036d7843b529-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
104.16.151.45200 OK 125 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
IP 104.16.151.45:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 125 kB (124920 bytes)
Hash 6d37ce026529f6dbc461f0a9e779ed52
ee72985a64bfbbe9259d251148d3b6636cf7c948
370323d75ec8339ce5c5e7bdc8dce370701bb98adc28c180b176fca76a40afd3
GET /crab/backgrounds/start-screen-desktop__animals.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:34 GMT
content-type: image/webp
content-length: 124920
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=152171
content-disposition: inline; filename="start-screen-desktop__animals.webp"
etag: "623b0046-2526b"
expires: Thu, 29 Dec 2022 18:35:52 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
vary: Accept
cf-cache-status: HIT
age: 584126
accept-ranges: bytes
server: cloudflare
cf-ray: 77e2036d8852b529-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
104.16.151.45200 OK 152 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
IP 104.16.151.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 152 kB (151608 bytes)
Hash dc8b0375858d38a5a251333a48e60709
1cbf60c6695c7fe37e90ec49c4ad50ff6fa744f7
60136a4825a2602ae8862ef79ac8d103bc069c507ea76a5699233e249fce82ea
GET /crab/backgrounds/start-screen-desktop__single_ball.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:34 GMT
content-type: image/jpeg
content-length: 151608
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origSize=154594, status=webp_bigger
etag: "623b0046-25be2"
expires: Mon, 05 Dec 2022 04:41:07 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
cf-cache-status: HIT
age: 1729431
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e2036d8851b529-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
104.16.151.45200 OK 150 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
IP 104.16.151.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1080, components 3\012- data
Size 150 kB (150149 bytes)
Hash 1292a0631ae7d8704f8ca13b149fb57c
c98f5a6566a16a6eac69cc24fa12dbe3eb6e9b8f
02c32655984641c0f36fde93be7d8bf9c83ab69211f8ebf5e0ae94c2c7ddca8a
GET /crab/backgrounds/start-screen-desktop__balls.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:34 GMT
content-type: image/jpeg
content-length: 150149
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "623b0048-24a85"
expires: Mon, 05 Dec 2022 04:41:07 GMT
last-modified: Wed, 23 Mar 2022 11:11:04 GMT
cf-cache-status: HIT
age: 1983392
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e2036d8853b529-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f819327791425a722c3810022e0e775f
184ca8b94755122f2da13d276c38e6cb09a9cb9e
4780ef503774c063cc879b8ca6ea70a10b1592435dd1bff0f4bce99a39761696
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: max-age=150707
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:35 GMT
Etag: "63a55d32-116"
Expires: Sun, 25 Dec 2022 09:00:22 GMT
Last-Modified: Fri, 23 Dec 2022 07:48:02 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
2.18.172.207200 OK 1.5 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP 2.18.172.207:0
Hash 46bde6489297b05d54a6c05810c402ed
c974bab8c40c3bb595e2dc725b20b80c8f6e37a3
4cbdcc1273419ffb50a9e9b93e39c596bd26d7edae90f4a307b46aa45d0bade0
GET /event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1493
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master cdg-pixel-x34 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 23 Dec 2022 15:08:34 GMT
Date: Fri, 23 Dec 2022 15:08:35 GMT
Connection: keep-alive
Set-Cookie: uuid=51e363a5-c473-4e00-a3ab-9ddea5c949d5; domain=.mathtag.com; path=/; expires=Sat, 20-Jan-2024 15:08:35 GMT; SameSite=None; Secure
zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
104.85.191.64200 OK 20 B URL HTTP/2 zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
IP 104.85.191.64:0
Hash 163be0a88c70ca629fd516dbaadad96a
c8830ccf3a863e489ca37f4da572bad0e05d077b
ac73670af3abed54ac6fb4695131f4099be9fbe39d6076c5d0264a6bbdae9d83
POST /Wazamba/dcs/tagController/tagData/6db8c7e6cdeb HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 44
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-origin: https://wazamba.com
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-encoding: gzip
x-envoy-upstream-service-time: 3
expires: Fri, 23 Dec 2022 15:08:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 23 Dec 2022 15:08:35 GMT
content-length: 20
set-cookie: CxtId=81bc36fd-8c38-453b-844b-afcc34d6ef9a; Domain=.connextra.com; Expires=Sun, 22-Dec-2024 15:08:35 GMT; Path=/; Secure
Wazamba=P%7Clandingpage%7C1%7C202212231508; Domain=.connextra.com; Expires=Sat, 23-Dec-2023 15:08:35 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=31078906&t=2
185.89.210.20307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=31078906&t=2
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=31078906&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 23 Dec 2022 15:08:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
AN-X-Request-Uuid: 180ef888-6a98-4020-b87f-7b011e9d8f20
Set-Cookie: uuid2=210771571999912735; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 23-Mar-2023 15:08:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
54.236.79.251200 OK 19 B URL HTTP/1.1 logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
IP 54.236.79.251:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b5efa112ce475f8bf73086a68521ea2e
4c4e7a9e8feb3e4595b4baf2db4466df001afa61
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
POST /inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger HTTP/1.1
Host: logs-01.loggly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 329
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 15:08:36 GMT
Content-Type: text/html
Content-Length: 19
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
185.89.210.20200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP 185.89.210.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 23 Dec 2022 15:08:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 39278cda-7be5-4b84-84c7-5ba28cc9b579
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ddd762adf3b5db08cd092a3fa5971307
e359d4522b913bbdfa208a81d38b998ab83d790f
5ebff9a6fb2470a8610f6a526d5f129ef9c12ba2d50fad44695bff1a414fb386
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134152
Date: Fri, 23 Dec 2022 15:08:36 GMT
Etag: "63a51431-1d7"
Expires: Sun, 25 Dec 2022 04:24:28 GMT
Last-Modified: Fri, 23 Dec 2022 02:36:33 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3WTmKaXrgtA5L0RlLARxCNvUDXc3RZgBm5K7YbROiOMBlFzTTnNAAw==
Age: 6475
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 5519ce7fb8dbac531b11c876b6c2211f
53fd79c00a98c3736d943caddc573a0c7baddeda
fab66da30242b53e0619efad1e03b356fe3f5f964de75c83a77f82cb92ea2023
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165573
Date: Fri, 23 Dec 2022 15:08:36 GMT
Etag: "63a59161-1d7"
Expires: Sun, 25 Dec 2022 13:08:09 GMT
Last-Modified: Fri, 23 Dec 2022 11:30:41 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sqShQ_o6zqVwuQMS7VNaBfiTNdpkMEEtUPzaEJ2-4wQcpdBQnKh1Pw==
Age: 5848
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 23 Dec 2022 15:08:36 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 23 Dec 2022 15:18:36 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports
54.171.40.8303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP 54.171.40.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 23 Dec 2022 15:08:36 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 23 Dec 2022 15:18:36 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
pixel.mathtag.com/sync/iframe?mt_uuid=51e363a5-c473-4e00-a3ab-9ddea5c949d5&no_iframe=1&mt_adid=256810&source=mathtag
2.18.172.207200 OK 713 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=51e363a5-c473-4e00-a3ab-9ddea5c949d5&no_iframe=1&mt_adid=256810&source=mathtag
IP 2.18.172.207:0
File type HTML document text\012- HTML document, ASCII text
Hash f853f2ecf3f2d763c4057f4ff5c3e4e8
0f9ca6de16aa4261f1202443311462a81717dd85
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
GET /sync/iframe?mt_uuid=51e363a5-c473-4e00-a3ab-9ddea5c949d5&no_iframe=1&mt_adid=256810&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master cdg-pixel-x33 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 23 Dec 2022 15:08:35 GMT
Date: Fri, 23 Dec 2022 15:08:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c6e23f1a2605f5ede12e950c20ffd6f
22aace313abd2602095ca880c96d1fc873ab61d3
55a13f135ef3df63aae263e9a7c5eb62543392ae1d72fbc829d27ac5473c4564
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3569
Cache-Control: max-age=113993
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:36 GMT
Etag: "63a4d0cc-1d7"
Expires: Sat, 24 Dec 2022 22:48:29 GMT
Last-Modified: Thu, 22 Dec 2022 21:49:00 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
185.29.134.244302 Moved Temporarily 4.5 kB URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP 185.29.134.244:0
Hash a824a3a064af06eefc70f19306d0bc4f
35d9b3495024f7f377a6be22e3638ba72916e177
2aa573208e239d573aba7f55fd2f66e5b5b3f7482468a7f6c7794f6541701465
GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 23 Dec 2022 15:08:36 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master cdg-pixel-x32 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=eb1a63a5-c474-4100-85d1-9e8b8e9a30d6; domain=.mathtag.com; path=/; expires=Sat, 20-Jan-2024 15:08:36 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/eb1a63a5-c474-4100-85d1-9e8b8e9a30d6
Expires: Fri, 23 Dec 2022 15:08:35 GMT
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
185.89.210.20200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
IP 185.89.210.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D31078906%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 23 Dec 2022 15:08:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: a871ffde-fd9d-4b63-9c8e-881e2d6c26e1
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2IlgnowH]!]tbP6j2F-XstGt!@DVG$eaqg; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 23-Mar-2023 15:08:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.starfieldtech.com/
192.124.249.36200 OK 2.6 kB IP 192.124.249.36:0
Hash 9f6708912d518d52b91d2d959c68fb37
ce3a931c96f23c39f680ceaa04e2a03fe84c23ca
6e55d5e952f825ffa24b88001bf4d8b651559de269352100d783f96a91abf780
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 15:08:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 23 Dec 2022 13:50:12 GMT
Expires: Sat, 24 Dec 2022 13:50:12 GMT
ETag: "f1b5f1e336c1bbbe0591fdd37503d033e8f07d31"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 23 Dec 2022 15:08:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
54.171.40.8303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP 54.171.40.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 23 Dec 2022 15:08:37 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
zz.connextra.com/sync/data/uid/6c883bd680/eb1a63a5-c474-4100-85d1-9e8b8e9a30d6
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/eb1a63a5-c474-4100-85d1-9e8b8e9a30d6
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/6c883bd680/eb1a63a5-c474-4100-85d1-9e8b8e9a30d6 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Fri, 23 Dec 2022 15:08:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 23 Dec 2022 15:08:37 GMT
content-length: 64
set-cookie: CxtId=5b858f23-60d2-4e27-9898-252b24f528f1; Domain=.connextra.com; Expires=Sat, 23-Dec-2023 15:08:37 GMT; Path=/; Secure
ex_uuid=6c883bd680%2Ceb1a63a5-c474-4100-85d1-9e8b8e9a30d6; Domain=.connextra.com; Expires=Sat, 23-Dec-2023 15:08:37 GMT; Path=/; Secure
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ffe2595f46a507881bf1a54ea1ee7c87
35c719a62283a52ace858a9228a075e8363e88bf
2c1d7a5fdf4bc002d5f4054b9243927d25ec13029e91d1e4c46547704b9d9fd1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 15:08:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Dec 2022 22:14:29 GMT
Expires: Fri, 23 Dec 2022 22:14:29 GMT
ETag: "35c719a62283a52ace858a9228a075e8363e88bf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ffe2595f46a507881bf1a54ea1ee7c87
35c719a62283a52ace858a9228a075e8363e88bf
2c1d7a5fdf4bc002d5f4054b9243927d25ec13029e91d1e4c46547704b9d9fd1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 15:08:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Dec 2022 22:14:29 GMT
Expires: Fri, 23 Dec 2022 22:14:29 GMT
ETag: "35c719a62283a52ace858a9228a075e8363e88bf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ffe2595f46a507881bf1a54ea1ee7c87
35c719a62283a52ace858a9228a075e8363e88bf
2c1d7a5fdf4bc002d5f4054b9243927d25ec13029e91d1e4c46547704b9d9fd1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 15:08:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Dec 2022 22:14:29 GMT
Expires: Fri, 23 Dec 2022 22:14:29 GMT
ETag: "35c719a62283a52ace858a9228a075e8363e88bf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ffe2595f46a507881bf1a54ea1ee7c87
35c719a62283a52ace858a9228a075e8363e88bf
2c1d7a5fdf4bc002d5f4054b9243927d25ec13029e91d1e4c46547704b9d9fd1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 15:08:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Dec 2022 22:14:29 GMT
Expires: Fri, 23 Dec 2022 22:14:29 GMT
ETag: "35c719a62283a52ace858a9228a075e8363e88bf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
34.110.191.112204 No Content 0 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
IP 34.110.191.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetAuth/GetSystemParameters HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Fri, 23 Dec 2022 15:08:37 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
34.110.191.112204 No Content 0 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
IP 34.110.191.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetAuth/SignIn HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Fri, 23 Dec 2022 15:08:37 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
34.110.191.112200 OK 1.2 kB URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
IP 34.110.191.112:0
File type gzip compressed data, max compression\012- data
Hash cd2d36f424954126e620e7e26ab6d0e4
3a4546af5359b93f4d39b93ea438c28309c189ca
58f3cda21693c92ad087fa1214df81be2bcf971c612b620a6558c019306210a3
POST /api/WidgetAuth/GetSystemParameters HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 77
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Fri, 23 Dec 2022 15:08:37 GMT
content-type: application/json; charset=utf-8
content-length: 323
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
34.110.191.112200 OK 72 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
IP 34.110.191.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 390406eff768f9cbbffd928bb5cafdb7
618a24b27a6620e8499ac5942ac55e6cfd7fb593
56e2df3addeca698a846301e56be8dda12116c795db1f03ef6242b849be12f43
POST /api/WidgetAuth/SignIn HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 99
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Fri, 23 Dec 2022 15:08:37 GMT
content-type: application/json; charset=utf-8
content-length: 72
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ffe2595f46a507881bf1a54ea1ee7c87
35c719a62283a52ace858a9228a075e8363e88bf
2c1d7a5fdf4bc002d5f4054b9243927d25ec13029e91d1e4c46547704b9d9fd1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 15:08:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Dec 2022 22:14:29 GMT
Expires: Fri, 23 Dec 2022 22:14:29 GMT
ETag: "35c719a62283a52ace858a9228a075e8363e88bf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
zz.connextra.com/sync/data/uid/508a5e2dd5/
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/508a5e2dd5/
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Fri, 23 Dec 2022 15:08:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 23 Dec 2022 15:08:37 GMT
content-length: 64
set-cookie: CxtId=51811ed3-8baa-41d0-a10d-918410bf4af1; Domain=.connextra.com; Expires=Sat, 23-Dec-2023 15:08:37 GMT; Path=/; Secure
X-Firefox-Spdy: h2
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
2.18.172.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 2.18.172.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master cdg-pixel-x26 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 23 Dec 2022 15:08:36 GMT
Date: Fri, 23 Dec 2022 15:08:37 GMT
Connection: keep-alive
Set-Cookie: uuid=12ee63a5-c475-4b00-9981-e5156885d858; domain=.mathtag.com; path=/; expires=Sat, 20-Jan-2024 15:08:37 GMT; SameSite=None; Secure
sb2frontend-altenar2.biahosted.com/api/widget/GetUpcoming?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
104.22.9.90200 OK 8.6 kB URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetUpcoming?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
IP 104.22.9.90:0
File type JSON data\012- , ASCII text, with very long lines (31439), with no line terminators
Hash ea6391a8c3f7352c07572d5a2ccbe6f2
b2bb06381ccd599530738ea638b42f2185eba31c
35fb5f1aa9b22e7f22c0605a848e79fc0a80dab6de1aee35881df8db4ec46015
GET /api/widget/GetUpcoming?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77e20380bb4db527-OSL
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
34.110.191.112204 No Content 0 B URL HTTP/2 sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
IP 34.110.191.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetBonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Fri, 23 Dec 2022 15:08:38 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
34.110.191.112200 OK 168 B URL HTTP/2 sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
IP 34.110.191.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4bb0d8e93664d62c57f559f97ceae40a
590fbdb8542ffc1771c62e09c8b8aaf4b2fc03ff
52b5a77257d63de4bf03810962dda90f839a54b0bc4ce03103e35bd1a60fc151
POST /api/WidgetBonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 77
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Fri, 23 Dec 2022 15:08:38 GMT
content-type: application/json; charset=utf-8
content-length: 168
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 88a16bfd5e8bc6284370dd5ef478a35a
68a09576c3c1b135f5e3505c2dfe048db21780c9
e5a53cdd878daa3a0e108f71a577fb2313100a5c2561bf2e99a3583d773d3bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1772
Cache-Control: max-age=140243
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 15:08:38 GMT
Etag: "63a53e5d-116"
Expires: Sun, 25 Dec 2022 06:06:01 GMT
Last-Modified: Fri, 23 Dec 2022 05:36:29 GMT
Server: ECS (amb/6BC1)
X-Cache: HIT
Content-Length: 278
wazamba.zendesk.com/embeddable/config
104.16.51.111200 OK 475 B URL HTTP/2 wazamba.zendesk.com/embeddable/config
IP 104.16.51.111:0
File type JSON data\012- , ASCII text, with very long lines (716), with no line terminators
Hash f5c8a57c375ffd2ffe4fd060441b56b5
b35bef87e965ce1304141ab116d7f9af0e91cb86
6d18e3bd50a5719286f747314e133cd1fe5a756ff3a97be1466f847e366767a5
GET /embeddable/config HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:38 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-66f968b655-s49gx
x-request-id: 77e2021f1c2bb527-DUB
x-runtime: 0.002011
vary: Origin, Accept-Encoding
x-cached: MISS
last-modified: Fri, 23 Dec 2022 15:00:54 GMT
cf-cache-status: HIT
age: 57
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnSYLcPY78cMGwZsERgpq3y052Ku0MyWdmxeU%2FQ8ymOywUxG7wGKY22yJmnkMgtQf%2Fx0ubqqccAHd4FlNrJvzqV8jZj%2BMwOq1tOU3aRHNlVFWbN4T6lvgJqIYFOq6O8%2FTZxZ%2BQs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=5fcd40de40e10327df0334faacba03fc424db5fa-1671808118; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 77e2038768900b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/60efbeb0cab4c2f0b51dccf5f77371df-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
54.230.111.96200 OK 46 kB URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/60efbeb0cab4c2f0b51dccf5f77371df-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
IP 54.230.111.96:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 375b5b5bcd1d5179f5b789e4c28ca6df
f52bfd097b13f83fa43714f59786efa4082f55a1
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
GET /sealassets/60efbeb0cab4c2f0b51dccf5f77371df-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 46382
date: Fri, 23 Dec 2022 15:08:39 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77e203875e17996c-FRA
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ju1ewWVca_zsU4UkG7ZkVLf_wZTseuIyKvtTn9hg-b-w94lH2Y5rNQ==
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
104.22.9.90200 OK 2.8 kB URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
IP 104.22.9.90:0
File type JSON data\012- , ASCII text, with very long lines (16890), with no line terminators
Hash 0afca4aac4c4ef0dcb61ffaf702e0541
d1bc21c6251a0d8a1a586ceae2bed9ef77f39f96
3e0275a3a8bfc3815189ef26261e068d2ac9bc22771bc92059d6441101e9d4d7
GET /api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77e203803adfb527-OSL
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ffe2595f46a507881bf1a54ea1ee7c87
35c719a62283a52ace858a9228a075e8363e88bf
2c1d7a5fdf4bc002d5f4054b9243927d25ec13029e91d1e4c46547704b9d9fd1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 15:08:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Dec 2022 22:14:29 GMT
Expires: Fri, 23 Dec 2022 22:14:29 GMT
ETag: "35c719a62283a52ace858a9228a075e8363e88bf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
wazamba.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJkZXBhcnRtZW50cyI6eyJlbmFibGVkIjpbXSwic2VsZWN0IjoiY3VyYWNhbyArIE5PIn19LCJjb2xvciI6eyJ0aGVtZSI6IiM2RTM5MjNzIn19fSwiYnVpZCI6Ijg4ZjdiYTZlNjExNTQ0NjhhNTZlMDU1OGUwZjQxNzVmIiwic3VpZCI6IjYwMWEzNGI1NjQ4MzQwYjBhYjZlYzdmNmI4ZWY2ZjcyIiwidmVyc2lvbiI6IjgxYTNkZTciLCJ0aW1lc3RhbXAiOiIyMDIyLTEyLTIzVDE1OjA4OjM4LjA4NVoiLCJ1cmwiOiJodHRwczovL3dhemFtYmEuY29tL25vLz9idGFnPTY1ODkxNV85OUUxOUUwRDZGMjY0QjY5ODg5Mjk2RTQ5MDE1RUQyQyZjbGlja2lkPXdlYmNyZTg5aTJtbGFuY2wyN2NoMWZkNiZNU0lEPTIwNTI3NzAmQklEPTUzOTYifQ%3D%3D
104.16.51.111200 OK 0 B URL HTTP/2 wazamba.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJkZXBhcnRtZW50cyI6eyJlbmFibGVkIjpbXSwic2VsZWN0IjoiY3VyYWNhbyArIE5PIn19LCJjb2xvciI6eyJ0aGVtZSI6IiM2RTM5MjNzIn19fSwiYnVpZCI6Ijg4ZjdiYTZlNjExNTQ0NjhhNTZlMDU1OGUwZjQxNzVmIiwic3VpZCI6IjYwMWEzNGI1NjQ4MzQwYjBhYjZlYzdmNmI4ZWY2ZjcyIiwidmVyc2lvbiI6IjgxYTNkZTciLCJ0aW1lc3RhbXAiOiIyMDIyLTEyLTIzVDE1OjA4OjM4LjA4NVoiLCJ1cmwiOiJodHRwczovL3dhemFtYmEuY29tL25vLz9idGFnPTY1ODkxNV85OUUxOUUwRDZGMjY0QjY5ODg5Mjk2RTQ5MDE1RUQyQyZjbGlja2lkPXdlYmNyZTg5aTJtbGFuY2wyN2NoMWZkNiZNU0lEPTIwNTI3NzAmQklEPTUzOTYifQ%3D%3D
IP 104.16.51.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJkZXBhcnRtZW50cyI6eyJlbmFibGVkIjpbXSwic2VsZWN0IjoiY3VyYWNhbyArIE5PIn19LCJjb2xvciI6eyJ0aGVtZSI6IiM2RTM5MjNzIn19fSwiYnVpZCI6Ijg4ZjdiYTZlNjExNTQ0NjhhNTZlMDU1OGUwZjQxNzVmIiwic3VpZCI6IjYwMWEzNGI1NjQ4MzQwYjBhYjZlYzdmNmI4ZWY2ZjcyIiwidmVyc2lvbiI6IjgxYTNkZTciLCJ0aW1lc3RhbXAiOiIyMDIyLTEyLTIzVDE1OjA4OjM4LjA4NVoiLCJ1cmwiOiJodHRwczovL3dhemFtYmEuY29tL25vLz9idGFnPTY1ODkxNV85OUUxOUUwRDZGMjY0QjY5ODg5Mjk2RTQ5MDE1RUQyQyZjbGlja2lkPXdlYmNyZTg5aTJtbGFuY2wyN2NoMWZkNiZNU0lEPTIwNTI3NzAmQklEPTUzOTYifQ%3D%3D HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:39 GMT
content-length: 0
access-control-allow-origin: *
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
x-request-id: 77e2038a0a3e0b65-DUB
last-modified: Fri, 23 Dec 2022 15:08:39 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6ri8vGFFxIAStE9zzqj6pRw9tv%2F21B4xZB9YurCzCFhMQDeAyLgJRaBpvnhMmphT4qEZXyRkBKnWCSxg3iEAeSQ7VDJVq0Ncra4DfHyH13%2FCMIWJgECONGaqwP7e3Dt%2B64mt%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=ee3e1a32e8d64f267068ffbad406bda29f43fcb1-1671808119; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 77e2038a0a3e0b65-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 61 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
File type gzip compressed data, max compression\012- data
Hash fdce8c2465d9415952727c4d59288fa1
025fb35b6b3d663f73f3ae03f36cadd85ec37e5a
39652b90efc491bd4c537a6a5b049c23fd9e849611ed966209b83e71fa90b022
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100164
Date: Fri, 23 Dec 2022 15:08:39 GMT
Etag: "63a4919c-1d7"
Expires: Sat, 24 Dec 2022 18:58:03 GMT
Last-Modified: Thu, 22 Dec 2022 17:19:24 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pD45Bs7-ZqmcxOshbLuFX1vrXcg_gyY0ZTfU5CHtv6wABcDloT7NdA==
Age: 5919
sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=Light
104.22.8.90200 OK 1.6 kB URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=Light
IP 104.22.8.90:0
Hash c353a9a2113b2131699dbd56a12982ae
ef133b1797d569ece20ade6db51f82afcf0306cd
294549fd55f57ae5f7a3d2ec7a95da111cdbcc388709947e0594b65d36b2b872
GET /api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=Light HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:35 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77e2036efae7b50b-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js
104.18.72.113200 OK 163 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js
IP 104.18.72.113:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 163 kB (162569 bytes)
Hash b26b8f870b1dcb536277d382c68d6cf8
fed6ae8a4710bb41b8a622b987be1b3e71d17554
b5610ba6c0e31d702d8cea6fa46f4ff8798314b7e22ec8653c488dda4382219a
GET /web_widget/latest/classic/web-widget-5324-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:39 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: N5dT9JXWrJ6LHekTKf/mWyeV2xtYk6b8CIDMtPXNt5c/QUaa5FjHdkI91n1OR77lZMScW8RD3DY=
x-amz-request-id: F6C5FH3WES4KVVKJ
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"c296a94da281fc44d57ec8f4e4cfb0fa"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: CY5KQGuue_uwVKm8gYgHUkbI5bFfwkO_
cf-cache-status: HIT
age: 648213
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDeTvK33x8Rl2xEQIZ4R91fmoAFbpS2mnQMqGofiGMX10VDFj5yb4%2BNS%2FZrZXBdu5Eg3kIltxspudRgSUZeri6FzsZn8U%2Flm%2BYT%2BPaCqfJC0CSlqzZC68G6Z7mn3RGFNbMvb4Kw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77e203884bef0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget-mediator.zopim.com/s/W/ws/8hG8dRObtKKORa+x/c/1671808118263
35.157.139.85101 Switching Protocols 0 B URL HTTP/1.1 widget-mediator.zopim.com/s/W/ws/8hG8dRObtKKORa+x/c/1671808118263
IP 35.157.139.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/8hG8dRObtKKORa+x/c/1671808118263 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wazamba.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kzuoTBQ2+ZiqF/G2YzU5Gw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 23 Dec 2022 15:08:39 GMT
Connection: upgrade
Set-Cookie: AWSALB=q+3+ellGTVpzILTlySWU/Fm4JAqrxKIZaF0xSuJQi0y0w9A884m8PsGzYiwweOpfmQvjtjzWDcs7seRfl0Pi1080faE3GOLsFcoKFSZ3ogdfh4RuUfvJ5M1EJnzg; Expires=Fri, 30 Dec 2022 15:08:39 GMT; Path=/
AWSALBCORS=q+3+ellGTVpzILTlySWU/Fm4JAqrxKIZaF0xSuJQi0y0w9A884m8PsGzYiwweOpfmQvjtjzWDcs7seRfl0Pi1080faE3GOLsFcoKFSZ3ogdfh4RuUfvJ5M1EJnzg; Expires=Fri, 30 Dec 2022 15:08:39 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: OVT7eMvOyqYIub4uW58E+NxggQE=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636d561f-4cac-46b6-9b12-799eb03be3f7.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636d561f-4cac-46b6-9b12-799eb03be3f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5aee260508b4a6317aa74cfa263fcf0f
0268b809b07f0126ae1c707f0a72cbf2c5ee5dde
b43410a5b53d6318d13a1b6cac311beaff9aaf2b21a6d68420ec7e3291ce44b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636d561f-4cac-46b6-9b12-799eb03be3f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8103
x-amzn-requestid: 1dec4794-e477-4587-a919-10fed7e06f73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: degIwFtioAMFZoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a27a37-2088c1ec6c0d3158153e907b;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 03:15:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mBdKNm-n2HvTeSA3FxMS7yfjJvmpTCrNNCuOlJgt1Q6y258pawKQ0A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 08:40:52 GMT
age: 23268
etag: "0268b809b07f0126ae1c707f0a72cbf2c5ee5dde"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
104.18.72.113200 OK 57 kB URL HTTP/2 static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
IP 104.18.72.113:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 2a441d97c614c8013e5689cfc3ffd3e9
bf48c9a512dfcd1ad2fb94c0b3efbd80e4892742
f2ec49adc1b51874efe47ff1319d139e919530f437d55bebe2dd9c049943efa7
GET /web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: flXT3MjZXq9WFSWpPRs+IiSkjkX3+v9E8zHvt24+o/uXfRysJbOibD4IZBfnohBYxkCwc++Rpqo=
x-amz-request-id: F6CCGSFWY28CB4TK
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:41:53 GMT
etag: W/"34fbbf22dcbdf81917dd5b3e02a125e4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:41:52 GMT
x-amz-version-id: BijG1SZtZft6iu4XfUmwnaVs.g5q2jvS
cf-cache-status: HIT
age: 648213
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xe9Hm%2FdUvVMD7ZxvvHuOcIRZ51zFnas%2BNGFHVX4yQuGIZdFUKUMwTFSw6youFlSD2r24S%2Bs8kOoMnRDcBTJaoAJ0vuIjnD1aodBDTwAKOaGynSk8BeqOZiDDrEYCfOYWkKVLQ3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77e20385ba200b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
IP 142.250.74.106:0
GET /css2?family=Montserrat:wght@500;600;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Dec 2022 15:08:32 GMT
date: Fri, 23 Dec 2022 15:08:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rec.smartlook.com/recorder.js
185.76.9.17200 OK 0 B URL HTTP/2 rec.smartlook.com/recorder.js
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"63a2fca2-c4a"
last-modified: Wed, 21 Dec 2022 12:31:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1671808569
server: CDN77-Turbo
x-77-nzt: AblMCQ1+nV3/kAAAAA
x-77-nzt-ray: c0a4cc28d6ff268571c4a5639bf9b920
x-cache: HIT
x-age: 144
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/swiper@7.4.1/swiper-bundle.min.js
104.16.125.175200 OK 0 B URL HTTP/2 unpkg.com/swiper@7.4.1/swiper-bundle.min.js
IP 104.16.125.175:0
GET /swiper@7.4.1/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:32 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
via: 1.1 fly.io
fly-request-id: 01G4XGYFFRBMSG82JZ2H3KRTZA-fra
cf-cache-status: HIT
age: 17254837
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77e2035f2b54b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
104.18.72.113200 OK 0 B URL HTTP/2 ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
IP 104.18.72.113:0
GET /compose/36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:35 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"a642a5836165559c2fb6164cd39866d8"
x-request-id: 77a44b9bbdfd0b02-STL, 77a44b9bbdfd0b02-STL
x-runtime: 0.001742
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxVlXSIKrfnCsV5zvSBDeUHZ19VQ4FzZoaPDBcUAvoKxLokedb2DAVNWS6YYWQ8YODdF%2BuEF9S16m%2FyGTZfUd1uMMEyxGfWj8I5ap11Jf6BFoGl41ESiTQSeGCLTyMIr0HM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77e2036f9c7ab4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
104.22.9.90200 OK 0 B URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
IP 104.22.9.90:0
GET /api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77e203802acfb527-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js
IP 104.18.72.113:0
GET /web_widget/latest/classic/web-widget-classic-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:39 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Ce0nkuWjjUM/lzymVjHtiQ0M7cglO06O1GZHyYHKpApfhIFuCFdX0tcKGB1Nd+nf3sqmhVUU19M=
x-amz-request-id: F6C99C8H3KRW33CZ
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"0b77084bbe255e38dfc0511ed512b1b9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: BI7BH2_wYlhqABgV_1RpW5mVt_EhVp77
cf-cache-status: HIT
age: 648213
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yva9Gw1dWKMOVYZTIZHJFKijVRb24G%2FUIC3w3DAlPp0uy50ru7A6YIBeT4nFVRcthtw5TFsx07E3gZPXBuhbAYkg%2By7YS23J%2FL9koeJNokKN3jX9bStnQlcgk3Cm80Abt4Ydd3w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77e203881bd90b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js
IP 104.18.72.113:0
GET /web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:39 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Q/WsINVJ+Z0sX1C6ewo6dm4fGCmy1q+byCALlpmYTsO763wyxLOPMW+3hlpEmMz+n7wAWQ1i9dM=
x-amz-request-id: F6CEY42KW93BNB12
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:38 GMT
etag: W/"10d9a30eac6ed106c66673278428cd9d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:37 GMT
x-amz-version-id: w19VoZjQsh3pKdlpVeLbZ8rEmUXDsh_h
cf-cache-status: HIT
age: 648210
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMNrpIPmOa4BwxC3hMV5uxrS%2F2ZMzMTjp5guhs9ueAmzMuBF6GTkTR3wft7o%2B8k1g%2FMzgYUPwAlLVm0HrO7Px%2FarTG%2BqZx%2BNU%2BfXJR2lDkvaOoXo6MWUo9SsHlewkR4al%2FK%2BsVk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77e2038a0d060b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js
IP 104.18.72.113:0
GET /web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:41 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: SkcJzZn5RRlglaHLOhk1vV1v30pm0szNvelv2eyVm7RGrf9j3oUJTTfL0PSdr3Oz2xeVhjpMFg8=
x-amz-request-id: FXYJV7HX34MNB73Y
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"659635f5ad1b6653645380f46aa42236"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: yTfJjWtrph2znqvc1oRNTQcv23jcfwLc
cf-cache-status: HIT
age: 648214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9h5JGnSiLD1tuITBlG3qtm7iqpF2dM4T83vti%2FYCWjuRUBjU2wX4OFrM32wEAj82scrXtcqVZE4MuCsh96q9lhyLWMD6IS1wUBNqQOnsSK9NbRh9twTmAqAi7x8ZFBOrVbW4ZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77e203959c970b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
wazamba.com/no/?btag=658915_99E19E0D6F264B69889296E49015ED2C&clickid=webcre89i2mlancl27ch1fd6&MSID=2052770&BID=5396
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/no/?btag=658915_99E19E0D6F264B69889296E49015ED2C&clickid=webcre89i2mlancl27ch1fd6&MSID=2052770&BID=5396
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /no/?btag=658915_99E19E0D6F264B69889296E49015ED2C&clickid=webcre89i2mlancl27ch1fd6&MSID=2052770&BID=5396 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:32 GMT
content-type: text/html
cf-ray: 77e2035e38c2fac0-OSL
age: 158
last-modified: Tue, 20 Dec 2022 09:23:30 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-revalidated: Fri Dec 23 2022 15:05:54 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1671808014944
content-security-policy: frame-ancestors 'self' wazamba.com m.wazamba.com
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2021928.js?sv=6
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2021928.js?sv=6
IP 54.230.111.113:0
GET /c/hotjar-2021928.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 15:08:33 GMT
cache-control: max-age=60
etag: W/18732e5774831cec3ef8a18744b24895
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6EVKqOMTlV-rs5kv6f-OjZda4Np78w_mnA8f5s9-YQJvVrAaHU5ocQ==
age: 1
X-Firefox-Spdy: h2
static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
IP 104.18.72.113:0
GET /ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:34 GMT
content-type: application/javascript
x-amz-id-2: 2vczt6VEQAujZh2Sn1saK7Q0yPHQMRKRQuuC+kOwLnJ40itjD1HXfy2Id85tVz8wD4O1ArN10VQ=
x-amz-request-id: 4MARQ9YY8PDZ70A8
x-amz-replication-status: PENDING
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 18
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLHBoR%2F%2FFGk%2FqU%2Fy0uTdaSgLTwEYum4vLinbZ2ZHOPpJsxuB2FkCmkh1dBe91zG6i17a8FEcNJSzoHQl0%2Bo3a7RkHWJkXJFYxsDdmyzspqQxfLfAMnoOk9lEx%2F3G8TOOK8vXkgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77e20369d87b0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-8165-81a3de7.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-8165-81a3de7.js
IP 104.18.72.113:0
GET /web_widget/latest/classic/web-widget-8165-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:39 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: lzBkPtbnz0MGLlWYKiF43Rbof1dxLmCsNcfcXrLzOnOEtJYFONekq3s/EdUhjTmo6TQFKed2bBM=
x-amz-request-id: F6C4AQZ3YDWB1VQS
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: kU1YYFzxaCl55Jp2ZazHPuUZRF69EWpK
cf-cache-status: HIT
age: 648213
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gf8jSqgVv%2BNEn5VX2JY%2B5NwnzHNd3kNiKwL9AzGgwj%2F%2BhUV8nXjsRA8Ruq%2FHSbdI6p%2FWcytRmHdJsmDdtB4FeB5pCHH7EXe0tJHYdf6XIFD7hxFHoIHpl6x5yPfChi8w3qS4bsc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77e203884bee0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1
104.22.9.90200 OK 0 B URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1
IP 104.22.9.90:0
GET /api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 15:08:35 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77e2036f2ba8b527-OSL
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
54.230.111.96200 OK 0 B URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
IP 54.230.111.96:0
GET /apg-seal.js HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Fri, 23 Dec 2022 15:08:38 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c6b-TZVJAaCyOs5CBmovd30YfdYVV3I"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77e203863fcd9018-FRA
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sJR9EpFL5qoJG9Ilu1o0TkyoJT6Gs7F0hevW4MKnVgkQj5vKBCbuEw==
X-Firefox-Spdy: h2