tele0.site/ph/bx/_shell
79.98.29.10301 Moved Permanently 239 B IP 79.98.29.10:0
ASN #212531 UAB Interneto vizija
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 65c287ffa993b4a65461b9d5b07ab3f2
5ab9e5c9967044bb8c24ff815d23e1b25fc435e5
8150c82295595ceed627dc109f5fe0b938522045717c12e2dc2f5f8f24d1a69e
Analyzer Verdict Alert fortinet Phishing
GET /ph/bx/_shell HTTP/1.1
Host: tele0.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 20 Jan 2023 06:58:59 GMT
Server: Apache
Location: http://tele0.site/ph/bx/_shell/
Content-Length: 239
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9706
Expires: Fri, 20 Jan 2023 09:40:45 GMT
Date: Fri, 20 Jan 2023 06:58:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc07d664b5dadee6f9120d54904dfa57
df75a55b0b2019684a6c512bee528c51a2c4a756
14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8857
Expires: Fri, 20 Jan 2023 09:26:36 GMT
Date: Fri, 20 Jan 2023 06:58:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3267
Expires: Fri, 20 Jan 2023 07:53:26 GMT
Date: Fri, 20 Jan 2023 06:58:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 20 Jan 2023 06:34:35 GMT
content-type: application/json
age: 1464
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ja3wPcuc51o9XGFS/GeeWKbKPSvHw4k5dG9wUcQ+sXyT07ZP/6GvPBQWWtB14GhturOV25IMHEQ=
x-amz-request-id: JD5ZDA92H993JG6N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 20 Jan 2023 06:46:14 GMT
age: 765
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
tele0.site/ph/bx/_shell/
79.98.29.10302 Found 0 B IP 79.98.29.10:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /ph/bx/_shell/ HTTP/1.1
Host: tele0.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 20 Jan 2023 06:58:59 GMT
Server: Apache
Location: http://ak.lanopoon.net/4/5087048?var=ed_error
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 06:58:59 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ak.lanopoon.net/4/5087048?var=ed_error
95.101.10.59200 OK 926 B URL HTTP/1.1 ak.lanopoon.net/4/5087048?var=ed_error
IP 95.101.10.59:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (481)
Hash d18b2e7bbab43b2209590c9d2f5f6a9c
6ae40f02149a4832a54defa1385a9cc4c5185600
f7b64df04db64cc0979964bad6a4f9859a4b9419cdd519468a425c73a6d95ede
GET /4/5087048?var=ed_error HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
X-Trace-Id: ca95ac2010cb6a5272a33be364257b3f
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
Expires: Fri, 20 Jan 2023 06:59:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 20 Jan 2023 06:59:00 GMT
Content-Length: 926
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: OAID=4de12dbb2ed94d02b0f4d4007c49c66c; expires=Sat, 20 Jan 2024 06:59:00 GMT; path=/
oaidts=1674197940; expires=Sat, 20 Jan 2024 06:59:00 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
voices-kerence.com/836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003553&visitor_id=640195161711972487&rdk=rk1
18.193.209.105302 Found 0 B URL HTTP/2 voices-kerence.com/836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003553&visitor_id=640195161711972487&rdk=rk1
IP 18.193.209.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003553&visitor_id=640195161711972487&rdk=rk1 HTTP/1.1
Host: voices-kerence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 20 Jan 2023 06:59:00 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=w5jpvhbsntmk7e1m2rrvc4f6
pragma: no-cache
set-cookie: 836cb829-7893-4133-b820-74b91c0194cf-v4=0a_OwaCZrmIrFYMqpIhdwEhjR1lTIuuIqn87lOVRDXU; Max-Age=86400; Expires=Sat, 21-Jan-2023 06:59:00 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=HaDhev45CIBTnDm8EAS5RGNmSlYUE%2FxSiPzVeYPRSc0G1bO%2FNmI%2FOy15qYi67TWThSMkDPgKyIFGSo%2BcvHI12mskLmbvIsSkrNMXgu3en5BOJ8NQtxWIzGeJ4I61cT2qfcNRJQTiDIT2L1wlBo1trg%3D%3D; Max-Age=31536000; Expires=Sat, 20-Jan-2024 06:59:00 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 66486c1d50f9c0b34967c4ccbe91da2e
b65021d77d30716d47af19ecd8cd920fcbc548bf
022fd9d73714fec5ebf49ab17d29a9ea8ede77b67633d37d389d1aaa62f891f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "022FD9D73714FEC5EBF49AB17D29A9EA8EDE77B67633D37D389D1AAA62F891F1"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Fri, 20 Jan 2023 07:48:17 GMT
Date: Fri, 20 Jan 2023 06:59:00 GMT
Connection: keep-alive
my.rtmark.net/img.gif?f=merge&userId=4de12dbb2ed94d02b0f4d4007c49c66c
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=4de12dbb2ed94d02b0f4d4007c49c66c
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=4de12dbb2ed94d02b0f4d4007c49c66c HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 06:59:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4de12dbb2ed94d02b0f4d4007c49c66c; expires=Sat, 20 Jan 2024 06:59:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=w5jpvhbsntmk7e1m2rrvc4f6
23.36.79.24307 Temporary Redirect 0 B URL HTTP/2 wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=w5jpvhbsntmk7e1m2rrvc4f6
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=2052770&bid=5396&clickid=w5jpvhbsntmk7e1m2rrvc4f6 HTTP/1.1
Host: wzb-bc-7s.lptrak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://wazamba100.com/no/?btag=658915_3B0B23FDBB6F45A3B37CA16793C95FE1&clickid=w5jpvhbsntmk7e1m2rrvc4f6&MSID=2052770&BID=5396
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 20 Jan 2023 06:59:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 20 Jan 2023 06:59:00 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a2052770%2c%22BID%22%3a5396%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674197940509)%5c%2f%22%2c%22CookieTag%22%3a%2253962052770451240919C2023120659%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22574147057%7c1%22%7d%5d; domain=.lptrak.com; expires=Sun, 20-Jan-3022 06:59:00 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=39
X-Firefox-Spdy: h2
ak.lanopoon.net/favicon.ico
95.101.10.59204 No Content 0 B URL HTTP/1.1 ak.lanopoon.net/favicon.ico
IP 95.101.10.59:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=4de12dbb2ed94d02b0f4d4007c49c66c; oaidts=1674197940
HTTP/1.1 204 No Content
Pragma: public
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=2591967
Date: Fri, 20 Jan 2023 06:59:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 20 Jan 2023 06:17:28 GMT
age: 2492
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
wazamba100.com/no/?btag=658915_3B0B23FDBB6F45A3B37CA16793C95FE1&clickid=w5jpvhbsntmk7e1m2rrvc4f6&MSID=2052770&BID=5396
45.8.106.138301 Moved Permanently 0 B URL HTTP/2 wazamba100.com/no/?btag=658915_3B0B23FDBB6F45A3B37CA16793C95FE1&clickid=w5jpvhbsntmk7e1m2rrvc4f6&MSID=2052770&BID=5396
IP 45.8.106.138:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/?btag=658915_3B0B23FDBB6F45A3B37CA16793C95FE1&clickid=w5jpvhbsntmk7e1m2rrvc4f6&MSID=2052770&BID=5396 HTTP/1.1
Host: wazamba100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 20 Jan 2023 06:59:00 GMT
content-length: 0
location: https://wazamba.com/no/?btag=658915_3B0B23FDBB6F45A3B37CA16793C95FE1&clickid=w5jpvhbsntmk7e1m2rrvc4f6&MSID=2052770&BID=5396
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c5ecc8fbe3b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e125172cf71e62a4726d65ac217d134b
4feec0f2c60b6a874bdef97a46586678fdc2bb91
7be3a17b12ed238ad4cdd9f5c3a6f0baa1f0d2eeb2dce65e5f74dd0a19c258f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:00 GMT
Server: ECS (amb/6BC5)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dce4a8be753d4a93db03ffca50421c43
068040a8f69777484e545c0053ad54f273710797
7e6dddef8a4a5502c9715f8c20dcb75e132ecc875f13459a967c9e235e9ce3e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 259
Cache-Control: max-age=94324
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:00 GMT
Etag: "63c90825-1d7"
Expires: Sat, 21 Jan 2023 09:11:04 GMT
Last-Modified: Thu, 19 Jan 2023 09:06:45 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e125172cf71e62a4726d65ac217d134b
4feec0f2c60b6a874bdef97a46586678fdc2bb91
7be3a17b12ed238ad4cdd9f5c3a6f0baa1f0d2eeb2dce65e5f74dd0a19c258f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:00 GMT
Last-Modified: Fri, 20 Jan 2023 06:59:00 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a435563e4adb6d7d64a8600e6250bf45
a8f5a99620153938ec4cfba0423d6d06c66bb7fe
9e5c713c50dca08152c55041574e3e4003213133a8c78494ff18d1d1808589fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d202273e867b01591672b07722f430fb
4bbab50550b5b6a583e1fcdeb68c1b6b67b0cd87
5b4ab20a3dc9a884b04e727e6d62a1428984126ea975e308c48a6e9b6581146a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a435563e4adb6d7d64a8600e6250bf45
a8f5a99620153938ec4cfba0423d6d06c66bb7fe
9e5c713c50dca08152c55041574e3e4003213133a8c78494ff18d1d1808589fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nNuirtYMA9elrncz6MEOGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i7ohDelXtSxTKJogVDJxgIL1lBI=
www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
172.217.21.168200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
IP 172.217.21.168:0
File type ASCII text, with very long lines (7206), with no line terminators
Hash bd719f628a31ec6db8a8b2d9cd2d9b68
e8aace64ba9c403532a296f278b5485e328b88be
fdc1ecdc8c6de137dc410d838b0a911eb8209790623aacb23666024a4b0ab0e7
GET /gtm.js?id=GTM-MCXZLND HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 20 Jan 2023 06:59:01 GMT
expires: Fri, 20 Jan 2023 06:59:01 GMT
cache-control: private, max-age=900
last-modified: Fri, 20 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2710e6694429ed2cf5082b6e48eb6ebe
fd6e63ac90e1d86f37e5f46c98c7592a86106217
928ff655e10cf8a01515e4ca9ad5c7128044617acd61fbd46b613b4861aa5379
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
Hash f3de51ae27ba76be7fd14a2290d58035
9596389173c2961eb98b6e38675fba928c6fb890
0ca59dc280c480ade23ffd30c6f58136e8fedf2b191797ca81c4b67854a18516
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 07:08:09 GMT
expires: Sat, 13 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 604252
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
142.250.74.74200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
IP 142.250.74.74:0
Hash f46200c84ee2cf3e1f27e0f7f3b4488b
c92a76e4a5ace3106b113f7e9b550c1ec37322f7
5df4cc0faa467ea8c8dfd1b821b62aed6f96a9616c69306518872a04bc73bb98
GET /css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 06:59:01 GMT
date: Fri, 20 Jan 2023 06:59:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
142.250.74.131200 OK 63 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP 142.250.74.131:0
Hash f0427c9e31ec89a1a3ea39720680a7ef
90779149926b7165a0d4830dd8e84a48ff9e66cf
f8c8a7275e6cb946d585d5b435f72247f1eafac0e829b52a6420062d66db3772
POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1674050760734
34.120.135.117200 OK 114 kB URL HTTP/2 sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1674050760734
IP 34.120.135.117:0
File type ASCII text, with very long lines (64976)
Size 114 kB (114295 bytes)
Hash 845a17d89140d3a3f5c618d3ac4fd02d
0a1e7b9f5dcc0426affd02e38696e232c14fe3f9
cb2e5cdda2c9402bc52d63044e286abe925cd5d1de7121ef8621cf503a3e75a5
GET /altenarWSDK.js?build=1674050760734 HTTP/1.1
Host: sb2widgetsstatic-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsmTDWCcwyqaGGfyO0sonJMhXCEkwJ2sQN6SG9PNvNErcRtGi9IMdiTrzgKaaeHWUSZspNEIDIu3q_7xHe7yC0sV4nhvtjV
x-goog-generation: 1672123526502985
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 114295
x-goog-meta-goog-reserved-file-mtime: 1672123508
content-encoding: gzip
x-goog-hash: crc32c=SKtaIQ==, md5=hFoX2JFA06P1xhjTrE/QLQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 114295
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Fri, 20 Jan 2023 06:59:01 GMT
expires: Fri, 20 Jan 2023 06:59:01 GMT
cache-control: no-cache,max-age=0
last-modified: Tue, 27 Dec 2022 06:45:26 GMT
etag: "845a17d89140d3a3f5c618d3ac4fd02d"
content-type: application/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
142.250.74.131200 OK 64 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP 142.250.74.131:0
Hash 8bfd31e546af7d665987927e56de39f5
c99b774867420f35b3d88dd2c8410a7833e5214b
3df239e8e2d6b23ac603bde7bf997a0b9bf675a826fdb003a8d3836411e52375
POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rec.smartlook.com/recorder.js
185.76.9.25200 OK 55 kB URL HTTP/2 rec.smartlook.com/recorder.js
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
Hash 67a80008780fd418f786fd0610e499a1
7bcc7925294aaabccbe4e829163479df44bd6db7
f76dea6713037cf206cfaf390d1170ff48f5a0a72dd9cc2d4f5135ae2a6054e6
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:01 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"63c92552-c4a"
last-modified: Thu, 19 Jan 2023 11:11:14 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1674198050
server: CDN77-Turbo
x-77-nzt: AblMCRTClOn/6wEAAA
x-77-nzt-ray: af585630f6bf1d88b53bca63f9429522
x-cache: HIT
x-age: 491
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.css
54.230.245.125200 OK 17 kB URL HTTP/1.1 d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.css
IP 54.230.245.125:0
Hash 14e2bc37863315233df178043f69a7c6
bd2c04180a180da434c6a50d8dc9151dba1b8d90
0879f39b89a2675e809774d0461e9a84685c668a57b8fa3aa49bf6c490cec578
GET /webpush/1/webpush.css HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 16571
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 12:25:29 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 19 Jan 2023 09:04:24 GMT
ETag: "14e2bc37863315233df178043f69a7c6"
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2OWGI4FHS1cshOW9zYudAmIRML6gxSngeHYYgiF4WowahHnOR66aNw==
Age: 78878
track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
37.157.4.39200 OK 369 B URL HTTP/2 track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
IP 37.157.4.39:0
Hash c7ed0667e13b89ce8ae8c3ccddee9270
ea202de130a95564ad6d427365a117b845778d4e
03d9e2df3eb4fac9286e6cb75cd36ff338c19bf27e82e5453e07931996cbbfcb
GET /Serving/Cookie/?adfaction=getjs;adfcookname=uid HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 06:59:01 GMT
content-type: text/javascript; charset=utf-8
content-length: 180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
104.85.191.64200 OK 18 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
IP 104.85.191.64:0
Hash 8389a548083df612d07246b08d8809ff
7fb7ef66de956107ac9241497e6a727ce2af55e5
5ecb2d62fb109afa56383f564416360a57faed3af563bd4e1679337db9c6d4ee
GET /dcs/tagController/tag/6db8c7e6cdeb/landingpage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-length: 16608
server: istio-envoy
content-encoding: gzip
x-envoy-upstream-service-time: 2
cache-control: must-revalidate, max-age=179
expires: Fri, 20 Jan 2023 07:02:00 GMT
date: Fri, 20 Jan 2023 06:59:01 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,500;0,600;0,700;1,600;1,700&display=swap
142.250.74.74200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,500;0,600;0,700;1,600;1,700&display=swap
IP 142.250.74.74:0
Hash aba5b4e625e28af42bb968a15e593223
5d5f0c22b184acb9179c54af2f72b0fca6abdcee
1312c2fe8a03f449968f77a7482ee72d8b61cdf5e555f7db42ade1ef6ad214f9
GET /css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,500;0,600;0,700;1,600;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 06:59:01 GMT
date: Fri, 20 Jan 2023 06:59:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
216.58.207.228200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
IP 216.58.207.228:0
File type ASCII text, with very long lines (884), with no line terminators
Hash b269cde8993f09cd2fadec2eadc5d369
218302447d06346228151fe11802d713a8d8c95c
8ae16d2b3838a1375af15ccc60151433a817680c09a683645a3e7e146c5300c0
GET /recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 20 Jan 2023 06:59:01 GMT
date: Fri, 20 Jan 2023 06:59:01 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 604 B IP 142.250.74.131:0
Hash 2c1c7523bd54a3db5f482cc1fec54fcd
47e129f4dd6719d9c26036a487be0d01e6e91929
2c9daa76f17c0f3f7d83fb25f5ba0d9b6938401323734113c0ce074de8afba54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP 142.250.74.35:0
Size 165 kB (164586 bytes)
Hash dd7c41c814dde7e189be0ee7928daa2e
03050aea7794e47fbe16bb88b9388fff5d1ce971
9387650184262ee77a8187f1263fcfa423714b4146a0b5fd362a37aadcaf8074
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:41:18 GMT
expires: Wed, 17 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 227864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
Hash 6e48b1bc9768402a0b2e1ab3d072ba87
295869fe0f8e76586724365953a6be38fc45ae9e
fe5c6d2777febd3862375cad70320c254eace7bf3c48128e89d4737ffe4de696
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 20 Jan 2023 05:45:20 GMT
expires: Fri, 20 Jan 2023 07:45:20 GMT
cache-control: public, max-age=7200
age: 4422
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ef6fe7988a08e577759332c0eccc5f76
29939e4489df98e76795448d43105764c12d6aae
13798c5e5e75c8ac29aec703c616491c14dbab072fa546afe6ee9f03fabba1b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1631285746.1674197941>m=2oe1i0&aip=1&z=811966114
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1631285746.1674197941>m=2oe1i0&aip=1&z=811966114
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1631285746.1674197941>m=2oe1i0&aip=1&z=811966114 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 06:59:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 406 kB IP 142.250.74.131:0
Size 406 kB (406517 bytes)
Hash 9b8402f0789206a3427c748b7ba7d0a1
c3007b58fd3e663ae28c0c438e7171659054009a
cadb5ae8002a12dd199fdacc61898f5156ab11ae71ff65d0aa24270b05169f36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3061
Expires: Fri, 20 Jan 2023 07:50:03 GMT
Date: Fri, 20 Jan 2023 06:59:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3061
Expires: Fri, 20 Jan 2023 07:50:03 GMT
Date: Fri, 20 Jan 2023 06:59:02 GMT
Connection: keep-alive
manager.eu.smartlook.cloud/rec/setup-recording/website
35.158.164.123200 OK 70 B URL HTTP/1.1 manager.eu.smartlook.cloud/rec/setup-recording/website
IP 35.158.164.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 536ea6acc350b7cd088bb192cc72b759
9c01c4c8d9ee1839d8a6f547219baee07a7de63e
ffda52cd15f4fdd13595223661990ed34c1949a66b38d7a2c8fa02a0712a03e9
POST /rec/setup-recording/website HTTP/1.1
Host: manager.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Origin: https://wazamba.com
Content-Length: 122
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://wazamba.com
Access-Control-Expose-Headers: Retry-After
Content-Encoding: br
Content-Type: application/json; charset=utf-8
Date: Fri, 20 Jan 2023 06:59:02 GMT
Retry-After: 3600
sl-trace-id: tw3eLw8RMtWZqX4bTqXs_
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3061
Expires: Fri, 20 Jan 2023 07:50:03 GMT
Date: Fri, 20 Jan 2023 06:59:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3061
Expires: Fri, 20 Jan 2023 07:50:03 GMT
Date: Fri, 20 Jan 2023 06:59:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F911c2d6f-546b-4343-9ca8-2001dfa99004.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F911c2d6f-546b-4343-9ca8-2001dfa99004.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 363448efae24266acd74f8f0f26205df
6616b8a7804de9eed04210b74d3611b4786b29ef
dcabee58d5ed2010b74a47ee685f52eaa80320b7c989f5cc0ed5421ca9415820
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F911c2d6f-546b-4343-9ca8-2001dfa99004.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6612
x-amzn-requestid: f4b99a6b-863d-4b9c-8824-2221613e4a10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmQ7EJHIAMFRAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b738-1fa55897727622e46ec102ad;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: m3VvfMHSyyRWHJanKUafDZBqffdm_tHvaDf-IYfWukmcptHjV0sr4Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:01:54 GMT
age: 32228
etag: "6616b8a7804de9eed04210b74d3611b4786b29ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5553b06c7dde4dc377f9f4e65bc8ace7
9dca5486485416d1aef199be08a50abd717addc7
33a5d1a21738218e0a6fe16d79045bd390af2e84073330a0a94c03812e1ba3ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 70710215-b8fd-44eb-8b50-f0948f98366c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmQWFNvoAMF3ZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b735-19e7e3865ce991cb5447f0f2;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Fc9dIiT5QQaTowAA6lp8ffJl4Niq3i_iVe54lYhAV52kJ8Q98EMJqQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 21:58:19 GMT
age: 32443
etag: "9dca5486485416d1aef199be08a50abd717addc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff47c2704-afff-4aed-a5b2-fa29afc12772.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff47c2704-afff-4aed-a5b2-fa29afc12772.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24635ff1303f81940cb99bc20648fd13
aeeaee2d4427eb70ebebe8ae6fa2ae9617102577
c8f55d6e6204d428cf2c5217e59ed84fb1e67e4619651fcaab20de469ef64b6b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff47c2704-afff-4aed-a5b2-fa29afc12772.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4039
x-amzn-requestid: 6ed74fa4-edb8-40d2-b335-5a7a9f967589
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6w5OEwLIAMFyxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c761d4-68b17f0a4be774950bde0879;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:04:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kdpizfsiuCXCFc9bXI3MMoNG14h0g1C21YniGWw8WuluZ_46p_YSYQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 03:29:10 GMT
age: 12592
etag: "aeeaee2d4427eb70ebebe8ae6fa2ae9617102577"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
script.hotjar.com/modules.4829238839b92db7e6b6.js
143.204.55.96200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.4829238839b92db7e6b6.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48015)
Hash 33cdf1335ebc1b6d54f0110dc31bd36c
0fb8d71d83bb707ad67943e4fff34423909949dd
7dfc08ff97621de55cfbe9e0235669f54d91ddc83e2d38c5edb69473bc728672
GET /modules.4829238839b92db7e6b6.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68627
date: Wed, 18 Jan 2023 10:13:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "33cdf1335ebc1b6d54f0110dc31bd36c"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HlR7uiIra1Pi1tFen7Q9KCffVrcMBMm3l6plhUZjG2yY7OtqHR3iuQ==
age: 161157
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03bd9522-eeb8-49fc-b9be-5881b7bc5ce5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03bd9522-eeb8-49fc-b9be-5881b7bc5ce5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eeb5713ea23c36906255e88dc10eadbf
896d92a22f676b5946004feb723b094a8a36e09c
eb75a6fcc83d5134137caa6aa110e284a93149faab9557aea8853f9d63f82bc8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03bd9522-eeb8-49fc-b9be-5881b7bc5ce5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12174
x-amzn-requestid: 79fee0c7-be5a-4467-b351-aeb8a7e7d19f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7ULMH_noAMF77g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79a47-7d7d140511fbcb6063868fd3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fenvyWs_eMj4KsJoKfVuu6tB3GIRW-Ar3tx0IYhl1LC667Jv7OjXRA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 07:27:20 GMT
age: 84702
etag: "896d92a22f676b5946004feb723b094a8a36e09c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbb60a79-f6ba-46cb-8679-5da65b53c107.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbb60a79-f6ba-46cb-8679-5da65b53c107.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3638dc76d0638625ac9a31c038df3a44
deff1903d591273a96d538ae77988d8a080e228c
8382af3843ebeca8e5c13fdd60f7fb92b479915416f36686fce40566fd87ce68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbb60a79-f6ba-46cb-8679-5da65b53c107.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10867
x-amzn-requestid: 8d882e21-d4c5-49ac-b76a-198cec065377
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAnVTEfpoAMFgJA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b8ee-6579537e6a82269f4bc99395;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:41:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9KuaPBC5u3bWYidHridxyj8GEYB79yig6zD9FxGCGwXh6zvs7QokA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:01:55 GMT
age: 32227
etag: "deff1903d591273a96d538ae77988d8a080e228c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5195ac5d83278bed049661c0d1aaa4a
74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e
30af8f591b2d4f7c8de7d52ea53bb170ca426ef0550001c7802a7f993a6344df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7111
x-amzn-requestid: d9b5e6b0-3995-4c70-be84-0b1b457b7143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRlHtkIAMFiGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73d-37d253ee68fe1b7e483097dd;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 86-hgCgiYN-PYLZgXJO79kM9Vm6DIiRixaz-kQZFaY0m5481x8GWlw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:04:16 GMT
etag: "74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e"
content-type: image/jpeg
age: 32086
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oe1i0&_p=437681351&_gaz=1&cid=1631285746.1674197941&ul=en-us&sr=1280x1024&_s=1&sid=1674197941&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_3B0B23FDBB6F45A3B37CA16793C95FE1%26clickid%3Dw5jpvhbsntmk7e1m2rrvc4f6%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oe1i0&_p=437681351&_gaz=1&cid=1631285746.1674197941&ul=en-us&sr=1280x1024&_s=1&sid=1674197941&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_3B0B23FDBB6F45A3B37CA16793C95FE1%26clickid%3Dw5jpvhbsntmk7e1m2rrvc4f6%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK>m=2oe1i0&_p=437681351&_gaz=1&cid=1631285746.1674197941&ul=en-us&sr=1280x1024&_s=1&sid=1674197941&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_3B0B23FDBB6F45A3B37CA16793C95FE1%26clickid%3Dw5jpvhbsntmk7e1m2rrvc4f6%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Fri, 20 Jan 2023 06:59:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 071edf406c3e287843fdf4e61ceb9ff7
99cf4c0cb373feeecbdf97df42c8066551f89dfe
127371c4c4a3345b44dfbf97fb93b506d2daf0c0ecfb39317eefd695c8c59d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
104.16.151.45200 OK 34 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
IP 104.16.151.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash db1d31533283422abf8460024b0fa333
12951c08fcc92366278ce2a006f5f257ed9d6f02
b3894f9a38d87b7cb97a3c72744b34540e2d7d1dce7b65ca0e4281eae643f05d
GET /crab/startscreen/bonus-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:02 GMT
content-type: image/webp
content-length: 33602
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35463
content-disposition: inline; filename="bonus-crab-logo.webp"
etag: "630f1d9d-8a87"
expires: Wed, 04 Jan 2023 20:18:27 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 1528785
accept-ranges: bytes
server: cloudflare
cf-ray: 78c5ecd59f891c16-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
104.16.151.45200 OK 152 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
IP 104.16.151.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 152 kB (151608 bytes)
Hash dc8b0375858d38a5a251333a48e60709
1cbf60c6695c7fe37e90ec49c4ad50ff6fa744f7
60136a4825a2602ae8862ef79ac8d103bc069c507ea76a5699233e249fce82ea
GET /crab/backgrounds/start-screen-desktop__single_ball.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:02 GMT
content-type: image/jpeg
content-length: 151608
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origSize=154594, status=webp_bigger
etag: "623b0046-25be2"
expires: Thu, 05 Jan 2023 04:41:28 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
cf-cache-status: HIT
age: 1440696
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c5ecd5af971c16-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
104.16.151.45200 OK 28 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
IP 104.16.151.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash caf2e885906d6d25e4bfb3fbd2048463
ea8c3be612ac1b3ee18dae469a4208388ca788b0
d2dec97fc0ea9d58d4426672070c3f09d5a714451fd2bacff2aef9258211aa35
GET /crab/startscreen/cash-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:02 GMT
content-type: image/webp
content-length: 28536
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=29855
content-disposition: inline; filename="cash-crab-logo.webp"
etag: "630f1da0-749f"
expires: Wed, 04 Jan 2023 20:53:05 GMT
last-modified: Wed, 31 Aug 2022 08:36:48 GMT
vary: Accept
cf-cache-status: HIT
age: 1528785
accept-ranges: bytes
server: cloudflare
cf-ray: 78c5ecd5bfa21c16-OSL
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=1631285746.1674197941>m=2oe1i0&aip=1
64.233.161.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=1631285746.1674197941>m=2oe1i0&aip=1
IP 64.233.161.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK&cid=1631285746.1674197941>m=2oe1i0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Fri, 20 Jan 2023 06:59:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/promo-text.png
104.16.151.45200 OK 20 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/promo-text.png
IP 104.16.151.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 31f9984a6ea4ab039d1ca2be44c40c51
fb0c9dd75d1362fa410877e485ec85c544516cfc
4ee9e1556bae45b29055f28591dc50d54943144a25377eb9ad73cc4b108ff9f6
GET /crab/startscreen/promo-text.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:02 GMT
content-type: image/webp
content-length: 20300
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=21490
content-disposition: inline; filename="promo-text.webp"
etag: "630f1d9d-53f2"
expires: Tue, 10 Jan 2023 05:14:35 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 1528785
accept-ranges: bytes
server: cloudflare
cf-ray: 78c5ecd5bfa51c16-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
104.16.151.45200 OK 125 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
IP 104.16.151.45:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 125 kB (124920 bytes)
Hash 6d37ce026529f6dbc461f0a9e779ed52
ee72985a64bfbbe9259d251148d3b6636cf7c948
370323d75ec8339ce5c5e7bdc8dce370701bb98adc28c180b176fca76a40afd3
GET /crab/backgrounds/start-screen-desktop__animals.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:02 GMT
content-type: image/webp
content-length: 124920
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=152171
content-disposition: inline; filename="start-screen-desktop__animals.webp"
etag: "623b0046-2526b"
expires: Thu, 26 Jan 2023 03:26:04 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
vary: Accept
cf-cache-status: HIT
age: 2960
accept-ranges: bytes
server: cloudflare
cf-ray: 78c5ecd5dfcc1c16-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
104.16.151.45200 OK 150 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
IP 104.16.151.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1080, components 3\012- data
Size 150 kB (150149 bytes)
Hash 1292a0631ae7d8704f8ca13b149fb57c
c98f5a6566a16a6eac69cc24fa12dbe3eb6e9b8f
02c32655984641c0f36fde93be7d8bf9c83ab69211f8ebf5e0ae94c2c7ddca8a
GET /crab/backgrounds/start-screen-desktop__balls.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:02 GMT
content-type: image/jpeg
content-length: 150149
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "623b0048-24a85"
expires: Thu, 05 Jan 2023 04:41:28 GMT
last-modified: Wed, 23 Mar 2022 11:11:04 GMT
cf-cache-status: HIT
age: 1694781
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c5ecd5efd91c16-OSL
X-Firefox-Spdy: h2
vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 730971b89ffa8b99e4157f49a4275594
7041ce872cc30e32c6b04a958b0cf810e5fc5651
da09da5b55ce65cdb58f29842d654aa637580d8c4d5d3cddfa08de6d866dcf65
GET /box-ff00c703c3bbdf54ae44ee858d64f69e.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 18 Jan 2023 10:13:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6IG0Xl8ZkjHJObRJCAWeIpo3Cs_cSO-nk8l_QeqjEt2Ve9drVefiqQ==
age: 161156
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 071edf406c3e287843fdf4e61ceb9ff7
99cf4c0cb373feeecbdf97df42c8066551f89dfe
127371c4c4a3345b44dfbf97fb93b506d2daf0c0ecfb39317eefd695c8c59d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a28da497-76e3-40c5-9a17-5c029726d2da.seondnsresolve.com/
143.204.55.56200 OK 633 B URL HTTP/2 a28da497-76e3-40c5-9a17-5c029726d2da.seondnsresolve.com/
IP 143.204.55.56:0
File type JSON data\012- , ASCII text, with very long lines (633), with no line terminators
Hash 11a32d4eda2f99f98a34d4343239a839
52d31f1614da19b5de64203ea3d7bf7dd1191385
a2c24e777ff833d948286d2d342dc2d38fed99dcc9a742be56c57be768ecf91d
POST / HTTP/1.1
Host: a28da497-76e3-40c5-9a17-5c029726d2da.seondnsresolve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 6181
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 633
date: Fri, 20 Jan 2023 06:59:02 GMT
x-amzn-requestid: f99019a5-c4c5-4a36-92c9-39958ff38743
access-control-allow-origin: *
x-amz-apigw-id: fB5ElGBTjoEF28A=
x-amzn-trace-id: Root=1-63ca3bb6-6c4ba3f329b705ba22f086a7;Sampled=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wBSq9UfGHS4OrRQx2xLvLK_7M1Hf2VP4NDn7Loh0FK6JTXQqAKn_Ug==
X-Firefox-Spdy: h2
static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
104.18.72.113200 OK 53 kB URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
IP 104.18.72.113:0
File type ASCII text, with very long lines (23416), with no line terminators
Hash 732be347dbd7ccc1f880dd55eb15d436
39abfba612f3fc6b469fbae9bc14b2f87d2f5ce9
8732763cf48ba73bfc5fea27eca2d4b8641d0a558cebd48c3de5665de4095cb5
GET /ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:02 GMT
content-type: application/javascript
x-amz-id-2: wgG7/9HV3bQU7I+Ah2oxXUAZdsiNm8K0kv1pWTY+aklOBknmm9BSQ/1PjHsieIHLFxOvYSIc1no=
x-amz-request-id: 8ZFJD0E6K2PJH837
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 41
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTzoat55zhZZJTPGe6EMpMQcCdeiCfwt78t%2B5gH75kfNHFGYhffnltDWtuGdksBe%2FHuUx6igj1zrs59MqKugaDj%2F2R35QiXzdP%2BSMTV8m6FD8CDuU85jg3ojXusR1XM7ANCbWPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78c5ecd62ffeb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 5204abc42b22edd6adb203871afdaf0b
bbf00677fe644b6d0ec1d3926a0465e9824cab57
0161d8f69e41b77765e84c0be3f662221a9ebf28bf333d625ddaca756105d68d
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 06:59:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 21:07:19 GMT
Expires: Fri, 20 Jan 2023 21:07:19 GMT
ETag: "bbf00677fe644b6d0ec1d3926a0465e9824cab57"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
142.250.74.35200 OK 25 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
IP 142.250.74.35:0
Hash f49eff60a1846802d00a28be367dd577
ebd99a7171881100a6853b6138e11624573f1b40
645b12b6bbac151ae7ec8eb236e44d44c8b3d8464cd87de1c02f2e64de03665c
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24262
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 22:06:34 GMT
expires: Thu, 18 Jan 2024 22:06:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/css
age: 118349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
54.236.129.133200 OK 19 B URL HTTP/1.1 logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
IP 54.236.129.133:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b5efa112ce475f8bf73086a68521ea2e
4c4e7a9e8feb3e4595b4baf2db4466df001afa61
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
POST /inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger HTTP/1.1
Host: logs-01.loggly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 358
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 20 Jan 2023 06:59:03 GMT
Content-Type: text/html
Content-Length: 19
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (636)
Size 164 kB (163892 bytes)
Hash f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:41:18 GMT
expires: Wed, 17 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 227865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 33060
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
Hash 95481f0537cf528d3191e7157de38345
bfb7697a43ff63796d2d0f2399ad17053fd9e029
0164ce99dd9f5cac4cecae9bd7a3226600839a02ebd9d2b6e038f2fd8ef4ac73
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:40:43 GMT
expires: Fri, 19 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 51500
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:48:55 GMT
expires: Tue, 24 Jan 2023 18:48:55 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 216608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
104.85.191.64200 OK 20 B URL HTTP/2 zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
IP 104.85.191.64:0
Hash 163be0a88c70ca629fd516dbaadad96a
c8830ccf3a863e489ca37f4da572bad0e05d077b
ac73670af3abed54ac6fb4695131f4099be9fbe39d6076c5d0264a6bbdae9d83
POST /Wazamba/dcs/tagController/tagData/6db8c7e6cdeb HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 44
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-origin: https://wazamba.com
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Fri, 20 Jan 2023 06:59:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 20 Jan 2023 06:59:03 GMT
content-length: 20
set-cookie: CxtId=2da09706-158a-456b-99d8-e131ddeafc45; Domain=.connextra.com; Expires=Sun, 19-Jan-2025 06:59:03 GMT; Path=/; Secure
Wazamba=P%7Clandingpage%7C1%7C202301200659; Domain=.connextra.com; Expires=Sat, 20-Jan-2024 06:59:03 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
2.18.172.207200 OK 1.4 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP 2.18.172.207:0
Hash 15c22fa3b9e634a14ba622ac9ff2d7a5
6f56019686e4a000b3a31524431f813932c5f780
ea1253845c6a1494c5f55d75e22b7b609cbdd5f3a63eb1ea3de10c8d287f5653
GET /event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1439
Access-Control-Allow-Origin: *
Server: MT3 357 2feb0b5 master cdg-pixel-x28 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 20 Jan 2023 06:59:02 GMT
Date: Fri, 20 Jan 2023 06:59:03 GMT
Connection: keep-alive
Set-Cookie: uuid=68a563ca-3bb7-4400-a5c9-d2056aff20a1; domain=.mathtag.com; path=/; expires=Sat, 17-Feb-2024 06:59:03 GMT; SameSite=None; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dbd4b7870ac703a50e1a2829564a3482
ab1ce07af0d509dcfcfdb33a1afeffbc46ab20b2
00532e6a4a5707f18f3e14e5a5fdc51490b1dd21f989e4ec9fd1dc9793aed384
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5568
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 06:59:04 GMT
Last-Modified: Fri, 20 Jan 2023 05:26:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/seg?add=31078906&t=2
37.252.173.215307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=31078906&t=2
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=31078906&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 20 Jan 2023 06:59:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
AN-X-Request-Uuid: 865534c0-8d57-48dc-ae63-a95af6ac1ce2
Set-Cookie: uuid2=7794153008798567092; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 20-Apr-2023 06:59:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
185.29.134.244302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP 185.29.134.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 20 Jan 2023 06:59:04 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 357 2feb0b5 master cdg-pixel-x29 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=f95163ca-3bb8-4d00-b50e-fb5a2dfda9c4; domain=.mathtag.com; path=/; expires=Sat, 17-Feb-2024 06:59:04 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/f95163ca-3bb8-4d00-b50e-fb5a2dfda9c4
Expires: Fri, 20 Jan 2023 06:59:03 GMT
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
37.252.173.215200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP 37.252.173.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 20 Jan 2023 06:59:04 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 21be7a41-8c73-420c-bbe3-24e78b7a57b0
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 992b444481185e68618cc5bc7548ad4c
dc7e408e8f15217c934ee0d940db3bf35372f966
2aacd896e3a40decfab32a5f495d17c57319d10c8848b320881dc72814851da7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141951
Date: Fri, 20 Jan 2023 06:59:04 GMT
Etag: "63c9b271-1d7"
Expires: Sat, 21 Jan 2023 22:24:55 GMT
Last-Modified: Thu, 19 Jan 2023 21:13:21 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DMgtOIMVmVuLipXtoXYTZDBkSs_w_2iDtMlfG9ie-wLMZpsP8fsNcQ==
Age: 4294
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
54.228.37.152303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
IP 54.228.37.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 20 Jan 2023 06:59:04 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 20 Jan 2023 07:09:04 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 50d63952d2ad275377f88b48e9c1e89a
9af9b05e9ab90b4129cdffba9c1384cf29330a34
c1f4a9ae174e30e9de36193695a4de187dd766b8d9d68329bc88de9cad0d6798
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 06:59:04 GMT
Etag: "63c9288f-1d7"
Last-Modified: Fri, 20 Jan 2023 06:05:03 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wExX0WqbLCzQxaGMF1jUZvArT2EOW-z_ygiINOhD6i1xHreLcgh3pA==
Age: 3241
match.prod.bidr.io/cookie-sync/geniussports
54.229.240.67303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP 54.229.240.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 20 Jan 2023 06:59:04 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 20 Jan 2023 07:09:04 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
pixel.mathtag.com/sync/iframe?mt_uuid=68a563ca-3bb7-4400-a5c9-d2056aff20a1&no_iframe=1&mt_adid=256810&source=mathtag
2.18.172.207200 OK 677 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=68a563ca-3bb7-4400-a5c9-d2056aff20a1&no_iframe=1&mt_adid=256810&source=mathtag
IP 2.18.172.207:0
File type HTML document text\012- HTML document, ASCII text
Hash d40dcbee218af49abbd15f61f5da0ffd
e3ec85d9073fa1cc0be1fed18344a6d4a2076e9d
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
GET /sync/iframe?mt_uuid=68a563ca-3bb7-4400-a5c9-d2056aff20a1&no_iframe=1&mt_adid=256810&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 677
Access-Control-Allow-Origin: *
Server: MT3 357 2feb0b5 master cdg-pixel-x30 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 20 Jan 2023 06:59:03 GMT
Date: Fri, 20 Jan 2023 06:59:04 GMT
Connection: keep-alive
sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=light
172.67.28.232200 OK 4.7 kB URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=light
IP 172.67.28.232:0
Hash d97eff6697541b9d737fb64fe248a59f
cb428a35d85161fd6250c079c855608970143246
35919b793b85a11a4c9d9acc6fd43fd6429dda491919c1b5f0eb0fab90b055f6
GET /api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=light HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:04 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c5ece29cf5fabc-OSL
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1
172.67.28.232200 OK 9.3 kB URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1
IP 172.67.28.232:0
Hash 5dc75b7d1b87fa2dd4c400e213173775
6178286bcac486855eb7c57504b3bac2a887a74f
bb211bc63a9056b8c1b39c836b16c453a2d708a772f52926dc973a47904de4da
GET /api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:04 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c5ece29a21b509-OSL
X-Firefox-Spdy: h2
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
54.228.37.152200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
IP 54.228.37.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 20 Jan 2023 06:59:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
37.252.173.215200 OK 3.5 kB URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
IP 37.252.173.215:0
Hash 5f40a190bbb66992cdc6228c987cd778
d04c8d008be2d8995bb3dbd562f0c37d78d585da
7cdf2f509f32741cac7ae61c4891113a5d9da91ae6fa39cf25fb6795d92b8b31
GET /bounce?%2Fseg%3Fadd%3D31078906%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 20 Jan 2023 06:59:05 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: c861d9f6-c72b-4822-9e17-364f7401936f
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2In:m<QRB!]tbP6j2F-XstGt!@E3Z%+1H#; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 20-Apr-2023 06:59:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
54.229.240.67303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP 54.229.240.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 20 Jan 2023 06:59:05 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
zz.connextra.com/sync/data/uid/6c883bd680/f95163ca-3bb8-4d00-b50e-fb5a2dfda9c4
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/f95163ca-3bb8-4d00-b50e-fb5a2dfda9c4
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/6c883bd680/f95163ca-3bb8-4d00-b50e-fb5a2dfda9c4 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Fri, 20 Jan 2023 06:59:05 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 20 Jan 2023 06:59:05 GMT
content-length: 64
set-cookie: CxtId=078dec99-f26d-4ee2-84db-800977a2ff9f; Domain=.connextra.com; Expires=Sat, 20-Jan-2024 06:59:05 GMT; Path=/; Secure
ex_uuid=6c883bd680%2Cf95163ca-3bb8-4d00-b50e-fb5a2dfda9c4; Domain=.connextra.com; Expires=Sat, 20-Jan-2024 06:59:05 GMT; Path=/; Secure
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 1f4cf5752b0d7c01a3aefe7d88057bb5
d81341a0cc7de6fe2aa7dfc8ac8ff3e436a63f58
f520c40864a0d77d6f4e270055b8fc370fe136b70260d20b8fd75c0d6cb04539
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 06:59:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 22:44:30 GMT
Expires: Fri, 20 Jan 2023 22:44:30 GMT
ETag: "d81341a0cc7de6fe2aa7dfc8ac8ff3e436a63f58"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 1f4cf5752b0d7c01a3aefe7d88057bb5
d81341a0cc7de6fe2aa7dfc8ac8ff3e436a63f58
f520c40864a0d77d6f4e270055b8fc370fe136b70260d20b8fd75c0d6cb04539
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 06:59:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 22:44:30 GMT
Expires: Fri, 20 Jan 2023 22:44:30 GMT
ETag: "d81341a0cc7de6fe2aa7dfc8ac8ff3e436a63f58"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
104.18.72.113200 OK 11 kB URL HTTP/2 ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
IP 104.18.72.113:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (31298), with no line terminators
Hash 1ca42745159d5438cdd11637f7544b28
d2e7d2bdb5a424dc9eb5ce279d815856e22ea44b
76c726edada42de0dd6a9fd08d74d987869dff76e36506ee3361f75c3236b3cb
GET /compose/36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:05 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"61070eb40c6e84d82373687d498157b0"
x-request-id: 78b3f80e0e7eb4f7-SEA, 78b3f80e0e7eb4f7-SEA
x-runtime: 0.002459
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nf53WH8FMwCb0XvT%2Bd1x0luyWUHXGK025nAApAPYSG6qcX2hGUKEfq097%2B%2FdZQp9YgTW%2F0kcj3ke1dCzHG51LrBYH34Rva%2F1JHHwDBc%2BErcPr3%2B6fjVINNNA64EsDmsyJvo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78c5ece4e94fb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 1f4cf5752b0d7c01a3aefe7d88057bb5
d81341a0cc7de6fe2aa7dfc8ac8ff3e436a63f58
f520c40864a0d77d6f4e270055b8fc370fe136b70260d20b8fd75c0d6cb04539
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 06:59:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 22:44:30 GMT
Expires: Fri, 20 Jan 2023 22:44:30 GMT
ETag: "d81341a0cc7de6fe2aa7dfc8ac8ff3e436a63f58"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
2.18.172.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 2.18.172.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=68a563ca-3bb7-4400-a5c9-d2056aff20a1&no_iframe=1&mt_adid=256810&source=mathtag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 357 2feb0b5 master cdg-pixel-x26 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 20 Jan 2023 06:59:04 GMT
Date: Fri, 20 Jan 2023 06:59:05 GMT
Connection: keep-alive
Set-Cookie: uuid=289c63ca-3bb9-4d00-a69a-480ecda21668; domain=.mathtag.com; path=/; expires=Sat, 17-Feb-2024 06:59:05 GMT; SameSite=None; Secure
zz.connextra.com/sync/data/uid/508a5e2dd5/
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/508a5e2dd5/
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
expires: Fri, 20 Jan 2023 06:59:05 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 20 Jan 2023 06:59:05 GMT
content-length: 64
set-cookie: CxtId=b7ac4a9f-60f5-494a-9831-ade7990790f2; Domain=.connextra.com; Expires=Sat, 20-Jan-2024 06:59:05 GMT; Path=/; Secure
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
34.110.191.112204 No Content 0 B URL HTTP/2 sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
IP 34.110.191.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetBonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Fri, 20 Jan 2023 06:59:05 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
34.110.191.112204 No Content 0 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
IP 34.110.191.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetAuth/GetSystemParameters HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Fri, 20 Jan 2023 06:59:05 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
34.110.191.112200 OK 168 B URL HTTP/2 sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
IP 34.110.191.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4bb0d8e93664d62c57f559f97ceae40a
590fbdb8542ffc1771c62e09c8b8aaf4b2fc03ff
52b5a77257d63de4bf03810962dda90f839a54b0bc4ce03103e35bd1a60fc151
POST /api/WidgetBonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 77
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Fri, 20 Jan 2023 06:59:05 GMT
content-type: application/json; charset=utf-8
content-length: 168
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
34.110.191.112200 OK 343 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
IP 34.110.191.112:0
File type JSON data\012- , ASCII text, with very long lines (343), with no line terminators
Hash ed6466415bd9c228749ca2f1d0536401
351a7721a22223d56eb393aa3c42f3931bd9f988
589c127437987a330578f8cd7135ede1fb7402cbfea8ae45434dc3e29adb57cb
POST /api/WidgetAuth/GetSystemParameters HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 77
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Fri, 20 Jan 2023 06:59:05 GMT
content-type: application/json; charset=utf-8
content-length: 343
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 1f4cf5752b0d7c01a3aefe7d88057bb5
d81341a0cc7de6fe2aa7dfc8ac8ff3e436a63f58
f520c40864a0d77d6f4e270055b8fc370fe136b70260d20b8fd75c0d6cb04539
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 06:59:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 22:44:30 GMT
Expires: Fri, 20 Jan 2023 22:44:30 GMT
ETag: "d81341a0cc7de6fe2aa7dfc8ac8ff3e436a63f58"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 1f4cf5752b0d7c01a3aefe7d88057bb5
d81341a0cc7de6fe2aa7dfc8ac8ff3e436a63f58
f520c40864a0d77d6f4e270055b8fc370fe136b70260d20b8fd75c0d6cb04539
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 06:59:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 22:44:30 GMT
Expires: Fri, 20 Jan 2023 22:44:30 GMT
ETag: "d81341a0cc7de6fe2aa7dfc8ac8ff3e436a63f58"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sb2frontend-altenar2.biahosted.com/api/widget/GetUpcoming?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
172.67.28.232200 OK 2.8 kB URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetUpcoming?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
IP 172.67.28.232:0
File type JSON data\012- , ASCII text, with very long lines (15463), with no line terminators
Hash 3a8c686f8f0704000e3c40f5fea88757
2ac59f7a6c0f12101bcebf1451feeb9d5d67078a
d96a3f3ad2be44ccdc2d6920615c194c1c42e14903773c00b747005cbd4125bb
GET /api/widget/GetUpcoming?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:06 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c5ecec3ce1b509-OSL
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
34.110.191.112204 No Content 0 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
IP 34.110.191.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetAuth/SignIn HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Fri, 20 Jan 2023 06:59:06 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
34.110.191.112200 OK 72 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
IP 34.110.191.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 390406eff768f9cbbffd928bb5cafdb7
618a24b27a6620e8499ac5942ac55e6cfd7fb593
56e2df3addeca698a846301e56be8dda12116c795db1f03ef6242b849be12f43
POST /api/WidgetAuth/SignIn HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 99
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Fri, 20 Jan 2023 06:59:06 GMT
content-type: application/json; charset=utf-8
content-length: 72
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
172.67.28.232200 OK 8.0 kB URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
IP 172.67.28.232:0
File type JSON data\012- , ASCII text, with very long lines (26126), with no line terminators
Hash 803a935152ebd7f69b4abf0f6c3bce4c
108127570ac67925038ea1fc13a1e07156ac75a3
08a2cc00cfdc7d4a018ab819700ca4567955360fe43118dc70f8fe6ed90babe0
GET /api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:06 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c5eceb7c28b509-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 13:09:06 GMT
expires: Wed, 17 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 237001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
54.230.111.42200 OK 68 B URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP 54.230.111.42:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Mon, 02 Jan 2023 16:43:26 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a0fiGOeAyAz6W3pr9Yj3TtuZruvuqf016RcGbXLFzcIpNE0z7b6DEw==
age: 1520142
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/d42b4f828e09b707dba6afc1ee8fe8c1-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
54.230.111.42200 OK 46 kB URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/d42b4f828e09b707dba6afc1ee8fe8c1-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
IP 54.230.111.42:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 375b5b5bcd1d5179f5b789e4c28ca6df
f52bfd097b13f83fa43714f59786efa4082f55a1
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
GET /sealassets/d42b4f828e09b707dba6afc1ee8fe8c1-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 46382
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c5e09f482b9b8f-FRA
date: Fri, 20 Jan 2023 06:59:07 GMT
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
x-cache: RefreshHit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SeNrrEKh3rTkDrusWlZnFU0OwS4xgjOBOQRlwzgFbeRcjkXF8wcxRQ==
X-Firefox-Spdy: h2
wazamba.zendesk.com/embeddable/config
104.16.51.111200 OK 411 B URL HTTP/2 wazamba.zendesk.com/embeddable/config
IP 104.16.51.111:0
File type JSON data\012- , ASCII text, with very long lines (716), with no line terminators
Hash 2ea4ce05fd8da5ff3f4982d47d0b33f2
80f408693472163b96e95a63cbb6b35bd28153dc
b6a845e7dc7c567ea51308293285bd760c08ad51765fe3b191a856ea8eaec4ce
GET /embeddable/config HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:07 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-55866f4ccc-h7pvx
x-request-id: 78c5ecf3e93eb4f4-ARN
x-runtime: 0.001573
vary: Origin, Accept-Encoding
x-cached: MISS
last-modified: Fri, 20 Jan 2023 06:52:40 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLWgvE3bEFCRlM8x9F7htWOmcu3H1qMmT1lRKaIhVXZwTOXVJ4Qxodz5G8XBUYiBiApSGroZt3JFPqPSrgR7%2FkmBeTIuBKgPjFBpb9fxg3MonhwA3kB7y3kQMSq9UwYW7WC62SQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=2ceea1bc7c79868ad639600405a38d6aedbfbe17-1674197947; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78c5ecf3e93eb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
54.230.111.42200 OK 1.3 kB URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
IP 54.230.111.42:0
File type ASCII text, with very long lines (3271), with no line terminators
Hash c3863402563159dbd32a4a1e24c30501
f082e946253e4b63c8a35610741f1f0ac72814a8
c9df73f6471653a0e8a46c67d055f79dcf190d8c2d48c1f1965f2fa7a47ee399
GET /apg-seal.js HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Fri, 20 Jan 2023 06:59:07 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"cc7-jGfsBkEXgamjTq0JruqUZngmmLE"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c5ecf3bbab9b7d-FRA
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kfDEdozJSswXYxB3L-UQvvJJmghCgeJLrB4-ETF9P6Xy7I9W1kaSnA==
X-Firefox-Spdy: h2
wazamba.com/socket/?lang=no&EIO=3&transport=polling&t=OND-LIA&sid=VfB2rNw9RtVOBYigACSi
45.8.107.169200 OK 3 B URL HTTP/2 wazamba.com/socket/?lang=no&EIO=3&transport=polling&t=OND-LIA&sid=VfB2rNw9RtVOBYigACSi
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with no line terminators
Hash 9b9065b3ba2c3c87f1e30fdf998d791e
cc471c1ac39e9f79d65111b47de18d7bf187f1ed
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
GET /socket/?lang=no&EIO=3&transport=polling&t=OND-LIA&sid=VfB2rNw9RtVOBYigACSi HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3B0B23FDBB6F45A3B37CA16793C95FE1&clickid=w5jpvhbsntmk7e1m2rrvc4f6&MSID=2052770&BID=5396
Connection: keep-alive
Cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; data=d9c0a91395af3b43e0b755e8b3342994; _ga_F5V35L3FQK=GS1.1.1674197941.1.0.1674197941.60.0.0; _ga=GA1.2.1631285746.1674197941; _gid=GA1.2.1198537149.1674197942; _gat_UA-131568742-1=1; _hjSessionUser_2021928=eyJpZCI6ImIzOGFjZTM4LWQ2ZjgtNTk0NS04MmI0LWJkYjc5NjYxYjZmMCIsImNyZWF0ZWQiOjE2NzQxOTc5NDE5NDgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2021928=eyJpZCI6Ijc4NzI4YzZiLTUyZDYtNDI1Mi04N2I1LWZhMDkxY2NiMmQ0MCIsImNyZWF0ZWQiOjE2NzQxOTc5NDQ1MDMsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; io=VfB2rNw9RtVOBYigACSi
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:08 GMT
content-type: text/plain; charset=UTF-8
content-length: 3
access-control-allow-origin: *
set-cookie: io=VfB2rNw9RtVOBYigACSi; Path=/; HttpOnly
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c5ecf788c0b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJkZXBhcnRtZW50cyI6eyJlbmFibGVkIjpbXSwic2VsZWN0IjoiY3VyYWNhbyArIE5PIn19LCJjb2xvciI6eyJ0aGVtZSI6IiM2RTM5MjNzIn19fSwiYnVpZCI6ImNjM2UzYjU4ZTQ2ODQyNGE5YmZkNTUxNWYxNDJiZjllIiwic3VpZCI6IjFjNGJjZmVkY2IwZDQ5ZWRhOTYxMGQyNTMxOGI4Y2EwIiwidmVyc2lvbiI6ImM3NzJiOTUiLCJ0aW1lc3RhbXAiOiIyMDIzLTAxLTIwVDA2OjU5OjA3Ljc2MVoiLCJ1cmwiOiJodHRwczovL3dhemFtYmEuY29tL25vLz9idGFnPTY1ODkxNV8zQjBCMjNGREJCNkY0NUEzQjM3Q0ExNjc5M0M5NUZFMSZjbGlja2lkPXc1anB2aGJzbnRtazdlMW0ycnJ2YzRmNiZNU0lEPTIwNTI3NzAmQklEPTUzOTYifQ%3D%3D
104.16.51.111200 OK 0 B URL HTTP/2 wazamba.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJkZXBhcnRtZW50cyI6eyJlbmFibGVkIjpbXSwic2VsZWN0IjoiY3VyYWNhbyArIE5PIn19LCJjb2xvciI6eyJ0aGVtZSI6IiM2RTM5MjNzIn19fSwiYnVpZCI6ImNjM2UzYjU4ZTQ2ODQyNGE5YmZkNTUxNWYxNDJiZjllIiwic3VpZCI6IjFjNGJjZmVkY2IwZDQ5ZWRhOTYxMGQyNTMxOGI4Y2EwIiwidmVyc2lvbiI6ImM3NzJiOTUiLCJ0aW1lc3RhbXAiOiIyMDIzLTAxLTIwVDA2OjU5OjA3Ljc2MVoiLCJ1cmwiOiJodHRwczovL3dhemFtYmEuY29tL25vLz9idGFnPTY1ODkxNV8zQjBCMjNGREJCNkY0NUEzQjM3Q0ExNjc5M0M5NUZFMSZjbGlja2lkPXc1anB2aGJzbnRtazdlMW0ycnJ2YzRmNiZNU0lEPTIwNTI3NzAmQklEPTUzOTYifQ%3D%3D
IP 104.16.51.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJkZXBhcnRtZW50cyI6eyJlbmFibGVkIjpbXSwic2VsZWN0IjoiY3VyYWNhbyArIE5PIn19LCJjb2xvciI6eyJ0aGVtZSI6IiM2RTM5MjNzIn19fSwiYnVpZCI6ImNjM2UzYjU4ZTQ2ODQyNGE5YmZkNTUxNWYxNDJiZjllIiwic3VpZCI6IjFjNGJjZmVkY2IwZDQ5ZWRhOTYxMGQyNTMxOGI4Y2EwIiwidmVyc2lvbiI6ImM3NzJiOTUiLCJ0aW1lc3RhbXAiOiIyMDIzLTAxLTIwVDA2OjU5OjA3Ljc2MVoiLCJ1cmwiOiJodHRwczovL3dhemFtYmEuY29tL25vLz9idGFnPTY1ODkxNV8zQjBCMjNGREJCNkY0NUEzQjM3Q0ExNjc5M0M5NUZFMSZjbGlja2lkPXc1anB2aGJzbnRtazdlMW0ycnJ2YzRmNiZNU0lEPTIwNTI3NzAmQklEPTUzOTYifQ%3D%3D HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:08 GMT
content-length: 0
access-control-allow-origin: *
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
x-request-id: 78c5ecf90eb1b4f4-ARN
last-modified: Fri, 20 Jan 2023 06:59:08 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj%2Bs6VBykoODaa68q4GMk5%2FA%2B8SxlKTT5Fv0O9WhiHFFQY9LWsIlGaGGivCvIqw2M6KDJWCr0wZ7gAdhDxUgwLOKPm%2BeOFqP8vdE64G19RU2DAPfM7sYFhor17Z9z%2BKARQIqPfQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=23fdd5cf02111f5c12ce46f8736d01a0c1c2c014-1674197948; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78c5ecf90eb1b4f4-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 16319499771f628e30cc6d8ccfae70ef
e70f8526c2dba42d0eea339a1e05e50213f08d50
96675adf1edb6f8cd39c60383d2b70217be72786c78bfb3e44b4bf63ea25b773
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124005
Date: Fri, 20 Jan 2023 06:59:08 GMT
Etag: "63c97b99-1d7"
Expires: Sat, 21 Jan 2023 17:25:53 GMT
Last-Modified: Thu, 19 Jan 2023 17:19:21 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iCVmQJ7wyMm-a8YHRvPa1xhreRFjUJCkji9KCkELV7f89V94p0gchA==
Age: 392
static.zdassets.com/web_widget/latest/classic/web-widget-classic-c772b95.js
104.18.72.113200 OK 204 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-classic-c772b95.js
IP 104.18.72.113:0
File type ASCII text, with no line terminators
Size 204 kB (203480 bytes)
Hash e12ca0d3df9137e3e71f494c83ad3994
2b6e697f15314fb0dc31c764da91e4a8db3f147d
e56591f79eb572153703027fd5d5607dd9b5e8c75d9fd48f1255e516051b3f54
GET /web_widget/latest/classic/web-widget-classic-c772b95.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:07 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: QQP0x9XbhB5Dk0riyJ2Pf2/hCrkW1LdRrUO0HwYc6FwdVMTj776JL4VVlafER2dB3nfuB+T5WiE=
x-amz-request-id: SMYGN16Y410TVGQ5
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 08:33:00 GMT
etag: W/"cd4729daed11132efcc597973fc717b3"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 16 Jan 2024 08:32:59 GMT
x-amz-version-id: 0QaNwqgOUsm.0YUSER1MEc2b.uBhA3aM
cf-cache-status: HIT
age: 189134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXVVKtaKjPdiwiiHlwuhUFXBIiBFS2bA2N6BR6u59Eflt34UlZqTglQDvJrFGOxRuL925cGO1Ir%2FCDxM9JKHKPb7wKXlZg01%2FP2uamQVJPygBRJTr2uvDKgdDNlxYRo1OKgZzXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78c5ecf6cc72b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
IP 142.250.74.74:0
GET /css2?family=Jost:wght@800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 06:59:01 GMT
date: Fri, 20 Jan 2023 06:59:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2021928.js?sv=6
143.204.55.98200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2021928.js?sv=6
IP 143.204.55.98:0
GET /c/hotjar-2021928.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 06:58:38 GMT
cache-control: max-age=60
etag: W/ad8f4f6a25d4a0c8c61f2baadf1b58c8
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YHqa-D04gQtjQrbLbdKHUXoVeqrb2cyIWVnXCk1qjwTwkwc5hfm7Rw==
age: 24
X-Firefox-Spdy: h2
unpkg.com/swiper@7.4.1/swiper-bundle.min.js
104.16.123.175200 OK 0 B URL HTTP/2 unpkg.com/swiper@7.4.1/swiper-bundle.min.js
IP 104.16.123.175:0
GET /swiper@7.4.1/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:01 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
via: 1.1 fly.io
fly-request-id: 01G4XGYFFRBMSG82JZ2H3KRTZA-fra
cf-cache-status: HIT
age: 19644666
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78c5eccb5deb0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/web-widget-framework-73f767e20e4f3af7aaf1.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/web-widget-framework-73f767e20e4f3af7aaf1.js
IP 104.18.72.113:0
GET /web_widget/latest/web-widget-framework-73f767e20e4f3af7aaf1.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:07 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: mq7czFgK6QKJS/nFTuwHvLtJrEhiEe7yk5CEfB3+pjYtbQNBEQ6ET7ZWVLgN1sba/JZ6g9VZMd0=
x-amz-request-id: SMYTEQGHD383CCFV
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 08:30:18 GMT
etag: W/"cf9c6cdd1ca55fd360e7bdc92359938a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 16 Jan 2024 08:30:17 GMT
x-amz-version-id: sTOcIduw73kbIjRTJdem6uITZKCYLKb7
cf-cache-status: HIT
age: 189135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9srjcX5Kz9uVcZO8rRgPtmQYAN5BQiqVJ3MVNHpCS05bR7P0C1sHGMs5DBXIH2JkyoZCcRjdEc%2FRzpwqLqbVVO%2BSwXkjG9mosvVqZscsq98dVxCQAgYcPYhh0b4OHfCpiOjUA0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78c5ecf2aea8b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
IP 142.250.74.74:0
GET /css2?family=Montserrat:wght@500;600;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 06:59:01 GMT
date: Fri, 20 Jan 2023 06:59:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.seondf.com/js/v4/agent.js
188.114.96.1200 OK 0 B URL HTTP/2 cdn.seondf.com/js/v4/agent.js
IP 188.114.96.1:0
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seondf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
cache-control: max-age=14400
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lfQSyMfl5FDv_gdFig_llGMw_73yEfPcalep6M8YWplz6gDXPCEe8g==
cf-cache-status: HIT
age: 2284
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q27diFKkaqUlSRNc2TfA0qL74TklMfw8%2FAvrNcwQ11u8P0lDG9counioi2zlEsE1q6rG9IOIT%2Bm93%2FhG%2BNv9u8R1O5HtlzNGHRzQQPXn7osKJQovZB06uEzJ4klWn2MAow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c5eccacf24fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
142.250.74.78200 OK 0 B URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
IP 142.250.74.78:0
GET /optimize.js?id=OPT-P6V4PQ2 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 20 Jan 2023 06:59:01 GMT
expires: Fri, 20 Jan 2023 06:59:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-5324-c772b95.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-5324-c772b95.js
IP 104.18.72.113:0
GET /web_widget/latest/classic/web-widget-5324-c772b95.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:08 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: scblkZB9uH8C6Q1qVh8Xf3V/zdsc/JTs12pHn2YHBzFCrYonjb5PFr1YZ2puBvqgh67Pe/0djTU=
x-amz-request-id: PSWF8PC52WWY3M9A
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 08:33:00 GMT
etag: W/"c640715c3c3469328df6d4a6055a3b4d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 16 Jan 2024 08:32:59 GMT
x-amz-version-id: IXLUl2rcvVQkUT9QLeRAJkT38pr5eccT
cf-cache-status: HIT
age: 189135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXJjBQbAsY9LBRHPk%2F9LU542HPJY5ooK7ZPHocrEDet0XPVL0wjwbN5G5CpWnwm3336GquPhwTXK0FGVD6lDZhUd3ls1xZj62Zis4M3ZSLZL36GVqVDZzZV5m4ILolIMXtHZ%2FxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78c5ecf71cc6b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
104.16.85.20200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
IP 104.16.85.20:0
GET /npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:00 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.9.38
x-jsd-version-type: version
etag: W/"23e2d-8Ljb58fTcif9uN6WX1ki2pXIRm0"
x-served-by: cache-fra19156-FRA, cache-bma1679-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 19646356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuWGqUvOq5V5eCJS%2ByMCKXNgZIkJNDxpef0rPm6Pb%2FaE0WuuQdZaAOprcFg50TenS2QIF2kjjY79v8byFpb3DQfdGkat5HFVNGOPE3RQgtE8n7vMcFT2qbpbGkqIBI79xtI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c5eccabc62b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Pacifico&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Pacifico&display=swap
IP 142.250.74.74:0
GET /css2?family=Pacifico&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 06:59:01 GMT
date: Fri, 20 Jan 2023 06:59:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
172.67.28.232200 OK 0 B URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
IP 172.67.28.232:0
GET /api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:06 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c5eceb9c3cb509-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-c772b95.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-c772b95.js
IP 104.18.72.113:0
GET /web_widget/latest/classic/web-widget-chat-sdk-c772b95.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:08 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: /KCwPdTPZp0xM8RHe2C1+LW9XV074BH0XvHKWyPevDm/QqxZIbADi/JBQLlwZnYnsLS6vFzzOeA=
x-amz-request-id: PSWEX4TFT10J45P5
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 08:33:00 GMT
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 16 Jan 2024 08:32:59 GMT
x-amz-version-id: aEYs1oc.wzczz7xGMcMZluWEl0_1Xhh0
cf-cache-status: HIT
age: 189133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tELsj0lmdvDaDfoqi3LY93Ahrv4d40mXG3gb8ZP%2BNE2AnLr5otNZ0LVhuEiGLVsvMy%2Bqt96fy43s8p1lQMU9dEJohYiDnxjYy1SOvuo%2BJGQLGqzJRKAA2puyoG5odGyKxkbfmqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78c5ecf94f72b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
wazamba.com/no/?btag=658915_3B0B23FDBB6F45A3B37CA16793C95FE1&clickid=w5jpvhbsntmk7e1m2rrvc4f6&MSID=2052770&BID=5396
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/no/?btag=658915_3B0B23FDBB6F45A3B37CA16793C95FE1&clickid=w5jpvhbsntmk7e1m2rrvc4f6&MSID=2052770&BID=5396
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /no/?btag=658915_3B0B23FDBB6F45A3B37CA16793C95FE1&clickid=w5jpvhbsntmk7e1m2rrvc4f6&MSID=2052770&BID=5396 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 06:59:00 GMT
content-type: text/html
cf-ray: 78c5ecc9bc541c02-OSL
age: 121
last-modified: Wed, 18 Jan 2023 14:26:10 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-revalidated: Fri Jan 20 2023 06:56:59 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1674197879142
content-security-policy: frame-ancestors 'self' wazamba.com m.wazamba.com
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2