telelight.site/th/2023/3/
302 Found 0 B URL HTTP/1.1 telelight.site/th/2023/3/
IP
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /th/2023/3/ HTTP/1.1
Host: telelight.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 28 Jan 2023 01:59:08 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: http://ak.lanopoon.net/4/5087048?var=ed_error
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2304
Expires: Sat, 28 Jan 2023 02:37:32 GMT
Date: Sat, 28 Jan 2023 01:59:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2193
Expires: Sat, 28 Jan 2023 02:35:41 GMT
Date: Sat, 28 Jan 2023 01:59:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 01:43:03 GMT
content-type: application/json
age: 965
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12130
Expires: Sat, 28 Jan 2023 05:21:18 GMT
Date: Sat, 28 Jan 2023 01:59:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Q7hevr+NjpHfC8oReYxiraHxgh4gwmbrDqqW7WAgIjTG+k1tDxLmN7fdC351oD16bLExqgVd/IA=
x-amz-request-id: PK7Z7JSDGF2FB6G1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 01:49:38 GMT
age: 570
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ak.lanopoon.net/4/5087048?var=ed_error
200 OK 9.2 kB URL HTTP/1.1 ak.lanopoon.net/4/5087048?var=ed_error
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12966)
Hash bdcb06319c9db48437e3d5dbe3f5ad17
8bc2cb42b81a0a5be19bda7410bcde040d2c48bd
022d55d5f732bfda06061a9b4c5c9a717db9bbcf0f3ffcb9bca3018cd81d28d9
Analyzer Verdict Alert quad9 Sinkholed
GET /4/5087048?var=ed_error HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
X-Trace-Id: 19a8e74d85cfe49c3f77620c983a1f43
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
Expires: Sat, 28 Jan 2023 01:59:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 28 Jan 2023 01:59:08 GMT
Content-Length: 9201
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: OAID=31b1decb00a94b39a5f938868177de92; expires=Sun, 28 Jan 2024 01:59:08 GMT; path=/
oaidts=1674871148; expires=Sun, 28 Jan 2024 01:59:08 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 01:59:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ab744f1fbf03bf793085117f6691a062
f26ee7a876fee3e80c2521374a4c527d55b17e83
fc5b8cb6f5bd7396921cac6bf1bbd6cb41715cdcd19527ae5310e59eafd07928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC5B8CB6F5BD7396921CAC6BF1BBD6CB41715CDCD19527AE5310E59EAFD07928"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10526
Expires: Sat, 28 Jan 2023 04:54:34 GMT
Date: Sat, 28 Jan 2023 01:59:08 GMT
Connection: keep-alive
my.rtmark.net/img.gif?f=merge&userId=31b1decb00a94b39a5f938868177de92
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=31b1decb00a94b39a5f938868177de92
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=31b1decb00a94b39a5f938868177de92 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ak.lanopoon.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 01:59:08 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=31b1decb00a94b39a5f938868177de92; expires=Sun, 28 Jan 2024 01:59:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash ebb52ae860e35aeb31ba6d5347b8c30f
e8cf327f2307f7da76168a2472137c0b8c45ceab
e5e692eef6fd9c2a4dd9602e3522fd18ec861c80c8f9933b76bec80e50b5c497
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 01:59:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 14:07:11 GMT
Expires: Thu, 02 Feb 2023 14:07:10 GMT
Etag: "e8cf327f2307f7da76168a2472137c0b8c45ceab"
Cache-Control: max-age=475081,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79062088f95b0b49-OSL
ak.lanopoon.net/?z=5087048&syncedCookie=true&rhd=false
302 Moved Temporarily 0 B URL HTTP/1.1 ak.lanopoon.net/?z=5087048&syncedCookie=true&rhd=false
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata medium ET ADWARE_PUP Win32/Adware.Agent.NSU CnC Activity M2
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 470
Origin: http://ak.lanopoon.net
Connection: keep-alive
Referer: http://ak.lanopoon.net/afu.php?zoneid=5087048&var=5087048&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false
Cookie: OAID=31b1decb00a94b39a5f938868177de92; oaidts=1674871148
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
X-Trace-Id: df145a1b1c2adeb59e81517216edce99
Link: <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://voices-kerence.com/836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0&language=en&connectiontype=broadband&cost=0.003748&visitor_id=643018804984815977&rdk=rk3
Access-Control-Allow-Origin: http://ak.lanopoon.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Expires: Sat, 28 Jan 2023 01:59:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 28 Jan 2023 01:59:09 GMT
Connection: keep-alive
Set-Cookie: OAID=31b1decb00a94b39a5f938868177de92; expires=Sun, 28 Jan 2024 01:59:09 GMT; path=/
oaidts=1674871148; expires=Sun, 28 Jan 2024 01:59:09 GMT; path=/
syncedCookie=true; expires=Sat, 04 Feb 2023 01:59:09 GMT; path=/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 01:49:03 GMT
age: 606
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
voices-kerence.com/836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003748&visitor_id=643018804984815977&rdk=rk3
302 Found 0 B URL HTTP/2 voices-kerence.com/836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003748&visitor_id=643018804984815977&rdk=rk3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003748&visitor_id=643018804984815977&rdk=rk3 HTTP/1.1
Host: voices-kerence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 28 Jan 2023 01:59:09 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=wpl5or2vvura497mi5jp5q5a
pragma: no-cache
set-cookie: 836cb829-7893-4133-b820-74b91c0194cf-v4=iyW4o8FWZPuhbimPI1XcvvfMJsimUi3vx6_kg-vpM1w; Max-Age=86400; Expires=Sun, 29-Jan-2023 01:59:09 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=kDskeeCFf8TeiTzz4qNFbYnFRuhywUPFnW8GK5jkzLJwot3uwxWhzlM3MT3PWWiCH92i9cachYRgrRGQe1mXDwjWao6%2BIlfGmmCHBPPR7c2KRNHhGlJp0Fzcw5NgDys%2BhzT5i3M0mE3lbiYtSPVjjQ%3D%3D; Max-Age=31536000; Expires=Sun, 28-Jan-2024 01:59:09 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15653
Expires: Sat, 28 Jan 2023 06:20:02 GMT
Date: Sat, 28 Jan 2023 01:59:09 GMT
Connection: keep-alive
wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=wpl5or2vvura497mi5jp5q5a
307 Temporary Redirect 0 B URL HTTP/2 wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=wpl5or2vvura497mi5jp5q5a
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=2052770&bid=5396&clickid=wpl5or2vvura497mi5jp5q5a HTTP/1.1
Host: wzb-bc-7s.lptrak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://wazamba100.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 28 Jan 2023 01:59:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 28 Jan 2023 01:59:09 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a2052770%2c%22BID%22%3a5396%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674871149472)%5c%2f%22%2c%22CookieTag%22%3a%2253962052770451240919C2023128159%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22577481048%7c1%22%7d%5d; domain=.lptrak.com; expires=Mon, 28-Jan-3022 01:59:09 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=44
X-Firefox-Spdy: h2
wazamba100.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
301 Moved Permanently 0 B URL HTTP/2 wazamba100.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
IP
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396 HTTP/1.1
Host: wazamba100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 28 Jan 2023 01:59:09 GMT
content-length: 0
location: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
vary: Accept-Encoding
server: cloudflare
cf-ray: 7906208c88f9b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eUsPOn7LAlqpkPhAqqjo5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 672kZqHbgZsTlf96Fo/4JMs/eEE=
ocsp.digicert.com/
200 OK 279 B IP
Hash f1ccdb80b832be516997b2a96e46547f
d7a80827a4e87b29ead52a0340570c3626182f19
f8e1f0c396812a9cd0681ce8829f24ed0e982a5273f896dd6a6fff7b666b53a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=118532
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:09 GMT
Etag: "63d3ad71-117"
Expires: Sun, 29 Jan 2023 10:54:41 GMT
Last-Modified: Fri, 27 Jan 2023 10:54:41 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7162
Expires: Sat, 28 Jan 2023 03:58:31 GMT
Date: Sat, 28 Jan 2023 01:59:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7162
Expires: Sat, 28 Jan 2023 03:58:31 GMT
Date: Sat, 28 Jan 2023 01:59:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7162
Expires: Sat, 28 Jan 2023 03:58:31 GMT
Date: Sat, 28 Jan 2023 01:59:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7162
Expires: Sat, 28 Jan 2023 03:58:31 GMT
Date: Sat, 28 Jan 2023 01:59:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b7aa725-5968-4227-af9b-77dd57d6a123.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b7aa725-5968-4227-af9b-77dd57d6a123.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856916fa7de25bdb308c04d0ae58180
72abe5101dc03c35399e6e5aab02328c206f480a
9b8c3380c842aa6de358def0d56263bafec61e37bc951a06c06e6953419e2804
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b7aa725-5968-4227-af9b-77dd57d6a123.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6733
x-amzn-requestid: cd0cc842-d109-42b4-9104-0cb48a964794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkGupoAMF3Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-14b754495bb33b0f5f0cd805;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uljLkKCpEyZIyKev_CU76OjxNnvivx2qeLVkR48liHIJx1GwCqPP_A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:12:59 GMT
age: 13570
etag: "72abe5101dc03c35399e6e5aab02328c206f480a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 14543
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 11576
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01d78e0bafdf4cbe227afc503124bc55
e2d21a694342773ccbace4742c4b047e7ce92e1c
3e9027f35134d811a50144a9b70c6de2dc97cbade941a5364717b403bcaf3eb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4641
x-amzn-requestid: b2e2ba60-21e7-4304-a354-2b49b8162cf2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T5FJGoAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-4b292f801433239340edab33;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: irkZKPRcil7YVMxVJXNkIn18zBSt2JWyxo9ZFMfz6aZer4_lnqG8oA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
etag: "e2d21a694342773ccbace4742c4b047e7ce92e1c"
content-type: image/jpeg
age: 14551
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d04b173ecc22c619998bda87a8f9ce70
9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5
c30fbd2807e36b637bd1382a955c34abb4fe88b99173692530d288fff0986896
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8739
x-amzn-requestid: 591edd56-d422-459f-8934-532106be7e90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_quGvkoAMFWQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44644-5bda946b19b8abc54d324bab;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:46:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yAWADPixWRJsEV9OqvunQGhVHlobpluc-VwHlhq1psEwNh_ignw-dQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:03:05 GMT
etag: "9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5"
content-type: image/jpeg
age: 14164
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 23:03:41 GMT
age: 10528
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash f1ccdb80b832be516997b2a96e46547f
d7a80827a4e87b29ead52a0340570c3626182f19
f8e1f0c396812a9cd0681ce8829f24ed0e982a5273f896dd6a6fff7b666b53a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=118532
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:09 GMT
Etag: "63d3ad71-117"
Expires: Sun, 29 Jan 2023 10:54:41 GMT
Last-Modified: Fri, 27 Jan 2023 10:54:41 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 280 B IP
Hash e49323565051e208f7cbd172dce8c355
036e42fe97d04b991cb7f9b3bdd3ce34a0860216
d6aa3832c4fd9e9128138a2eab69963e705f2c1dd41e4b9446081b43b08260cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5912
Cache-Control: max-age=148204
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:10 GMT
Etag: "63d40a42-118"
Expires: Sun, 29 Jan 2023 19:09:14 GMT
Last-Modified: Fri, 27 Jan 2023 17:30:42 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
wazamba.com/joxi/js/boot/dictionary.js?t=1674816726507
200 OK 1.8 kB URL HTTP/2 wazamba.com/joxi/js/boot/dictionary.js?t=1674816726507
IP
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (2818)
Hash dde5467fe395f6090efdd445f3deeb93
d525413bbd6feeadb7b7a3b690b2f5567d775058
c7981039625b4aa86b6d3e1e20cfa7211ad3f99c7ba3e2602c7403282e8254ca
GET /joxi/js/boot/dictionary.js?t=1674816726507 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4781
access-control-allow-origin: *
etag: W/"63b6a619-12ad"
last-modified: Thu, 05 Jan 2023 10:27:37 GMT
vary: Accept-Encoding
x-cache-status: MISS
cf-cache-status: HIT
age: 42288
server: cloudflare
cf-ray: 7906208f4829b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/swiper@7.4.1/swiper-bundle.min.js
200 OK 39 kB URL HTTP/2 unpkg.com/swiper@7.4.1/swiper-bundle.min.js
IP
File type ASCII text, with very long lines (65279)
Hash 5196779319a5cef548e1780f34232e3f
af2f7421244ffad991fab450952b7b74e56ee5be
cb399e95ced851aeb23b1ff0d1782c4e84fbc797bd7c8dcda7fbd35069581f56
GET /swiper@7.4.1/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:10 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
via: 1.1 fly.io
fly-request-id: 01G4XGYFFRBMSG82JZ2H3KRTZA-fra
cf-cache-status: HIT
age: 20317875
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7906208fa8d8b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
wazamba.com/funid-index.css?t=1674816726507
200 OK 3.7 kB URL HTTP/2 wazamba.com/funid-index.css?t=1674816726507
IP
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (9430), with no line terminators
Hash d85ec4f3b13dc5446d638d157d03dec5
845cfcd71a68e67b00cd0c6ea82f1fb9ee2ef55a
a4c03e00772d98d26a74f9e01c7717710622ad5cb9155dd795339019b55e80aa
GET /funid-index.css?t=1674816726507 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: text/css
cf-ray: 7906208f381cb4ee-OSL
access-control-allow-origin: *
age: 175
etag: W/"63d3dabc-24dd"
last-modified: Fri, 27 Jan 2023 14:07:56 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=9437
cf-revalidated: Sat Jan 28 2023 01:56:14 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1674871034793
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
200 OK 45 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
IP
File type ASCII text, with very long lines (1855)
Hash 52c0ec619250a90e888cb24fe40ca0f4
6b7d0c0b5ccb86931dd1aefb1b571aa3d16be4e6
b3447d57b4482f6fb0d01a1295e958202cce469dac372d876b1ed964a4fcbea2
GET /optimize.js?id=OPT-P6V4PQ2 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 01:59:10 GMT
expires: Sat, 28 Jan 2023 01:59:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
200 OK 40 kB URL HTTP/2 cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1dd40565863f2ae415455e42d42c4b78
baa17234d6315598946be38af807d953720d0e27
cad7e8ebf801cd2644919b76d28ae4d975d145ee376ff37877c0c263690f1fa6
GET /npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:10 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.9.38
x-jsd-version-type: version
etag: W/"23e2d-8Ljb58fTcif9uN6WX1ki2pXIRm0"
x-served-by: cache-fra19156-FRA, cache-bma1679-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20319566
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUB7L3Nt0lTw9vGB3e1dZOMm5vdX1aUr8whrALLR0guirCFjNCT1Pd8mSqXxDFyKKgMUw70NtD5KiGLUtnFlrkxbMNJPz9I%2FG6IK%2BjB%2FUzt2ZPRKYhsF%2FUXr3JHKQzB750A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906208facdcb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.com/_sprite.css?t=1674816726507
200 OK 63 kB URL HTTP/2 wazamba.com/_sprite.css?t=1674816726507
IP
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash b8a12abc2298439b247c62db667f01df
b9aa4cdcb9c4f90d1ea1ac50b27160fce5df4a71
f54997633a324bf64b5d1312120f9b5d023d0284bceb9c8c7302155231dd0241
GET /_sprite.css?t=1674816726507 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: text/css
cf-ray: 7906208f381bb4ee-OSL
access-control-allow-origin: *
age: 175
etag: W/"63d3dabc-2a944"
last-modified: Fri, 27 Jan 2023 14:07:56 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-revalidated: Sat Jan 28 2023 01:56:14 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1674871034797
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
200 OK 71 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
IP
File type Unicode text, UTF-8 text, with very long lines (10683)
Hash 56df9705393492e38114b7081a723940
c524c5f04d4af5e28298d71392459272580b7025
db225ca0fd890e073bd1d568aef366739ca9002ebf65d8f0df79efd8503e6771
GET /gtm.js?id=GTM-MCXZLND HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 01:59:10 GMT
expires: Sat, 28 Jan 2023 01:59:10 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71398
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 8.4 kB IP
Hash 16b35556146ae5c47081a42302f709b0
a318f4bf1ffe4edd9540e8dc86c81c3fab9559a8
bf1167a908fe11d29cb32b80245bbae3ddef47502868fda77f07d56c8fe20892
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 67861
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
200 OK 862 B URL HTTP/2 fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
IP
Hash 104f8147454a06cdc05c8d1e4b370062
183eaeee2361a8df1908783a869dcc18c1187b97
4278b92d194fe71be19ae0b2e765e66bd6738f332db090ace923c4bb5357828b
GET /css2?family=Jost:wght@800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 01:59:10 GMT
date: Sat, 28 Jan 2023 01:59:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP
Hash fdcbb878088fc32f409d13f9a1bfda45
03a7c1a5a5ecd198e4f3f742d07aa847795df0d4
0d3d6dc5b8886e4ad7564d058b8408901f89cfbd062be110179fd9d792917222
POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1674816726507
200 OK 115 kB URL HTTP/2 sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1674816726507
IP
File type ASCII text, with very long lines (64976)
Size 115 kB (115113 bytes)
Hash 405140d9d79daad90d80107220660447
0dd4ad754c6426d6b1c054861ebd18a889fb6fb6
10f6956f69b13a2cbea083ed0416d37415e80f0b44afea4503225933594b0668
GET /altenarWSDK.js?build=1674816726507 HTTP/1.1
Host: sb2widgetsstatic-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsPPSb1KyuFyfJkDnYEviYGF8gb3Q9jErbm0o99V5gAVfC4CQjD3yst-5FrTd7A2pUKWte2f1J1dfs2budxIQIeAPZHuWuO
x-goog-generation: 1674543702123891
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 115113
x-goog-meta-goog-reserved-file-mtime: 1674543679
content-encoding: gzip
x-goog-hash: crc32c=nmjldg==, md5=QFFA2dedqtkNgBByIGYERw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 115113
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Sat, 28 Jan 2023 01:59:10 GMT
expires: Sat, 28 Jan 2023 01:59:10 GMT
cache-control: no-cache,max-age=0
last-modified: Tue, 24 Jan 2023 07:01:42 GMT
etag: "405140d9d79daad90d80107220660447"
content-type: application/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
wazamba.com/js/require.js?t=1674816726507
200 OK 49 kB URL HTTP/2 wazamba.com/js/require.js?t=1674816726507
IP
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (22187), with no line terminators
Hash c88a585ab91f2b0adc2629f9ac41cc7a
62ff8a40128cbe009d6f0d0fe39be050b564d4ed
2b9819460f8f6072d40cb0d482add46435ab92fe7c595b207b5f6a45d8cbb092
GET /js/require.js?t=1674816726507 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:10 GMT
content-type: application/javascript
cf-ray: 7906208f482ab4ee-OSL
access-control-allow-origin: *
age: 175
etag: W/"63d3dabc-56ad"
last-modified: Fri, 27 Jan 2023 14:07:56 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-revalidated: Sat Jan 28 2023 01:56:14 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1674871034793
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1674816726507
200 OK 22 kB URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1674816726507
IP
Hash ab22bfb7e50738828afd8e20460a1ce4
b9331e537ff61179cb3f79ff1b22339c35fafc97
9d1319f025bfb4c3d548231d3ec484675758356cfe49914779dcfb8565d9c470
GET /api/Integration/wazamba?build=1674816726507 HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:10 GMT
content-type: text/plain; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79062092ce3ab523-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP
Hash fdcbb878088fc32f409d13f9a1bfda45
03a7c1a5a5ecd198e4f3f742d07aa847795df0d4
0d3d6dc5b8886e4ad7564d058b8408901f89cfbd062be110179fd9d792917222
POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
200 OK 17 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
IP
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2771)
Hash b3076ab7433f4fa9f8e717b83ba3f9b0
65acfa773288d49b160b824868a94e9b0e728386
726cc5a5bfc3d5ccde8dd2a9a7dc5059a4833c6d6980364d627f1ebac818628d
GET /dcs/tagController/tag/6db8c7e6cdeb/landingpage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-length: 16608
server: istio-envoy
content-encoding: gzip
x-envoy-upstream-service-time: 2
cache-control: must-revalidate, max-age=257
expires: Sat, 28 Jan 2023 02:03:27 GMT
date: Sat, 28 Jan 2023 01:59:10 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 622311873d3819b9911301b09bc2d43c
9f08d648e40479aa12da033da15b80a15017c739
6138674cec17da8b7bb02bf0686bf3e7aefa2bce6a5f844ebd80e10b665818b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash 04da9b971debb2f7cd15b45b030a131f
bb6ff92b10f25c5e8185ebe1e35f9e614aac45b8
ccaf84c80a6fcd5ff4d8011d4c02661cef38001fa9adf87d2d32f97a4a5b4542
GET /recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 28 Jan 2023 01:59:10 GMT
date: Sat, 28 Jan 2023 01:59:10 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7e6bdd5493bae7913b5f1dae90898c01
069427a4c61e09a4e024d113f8a08a74c4b421f7
56aa9c378dea6f8e20f271cd797ce5753c616efe1f63b3b21a8e9afc442b9ab8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:10 GMT
Last-Modified: Sat, 28 Jan 2023 00:14:43 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
200 OK 105 kB URL HTTP/2 track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
IP
Size 105 kB (104753 bytes)
Hash 71a2bfd8dcff7806a760be4d4792192c
03cf52fb14029f1ba16c649e8bc6f528efd407b7
374a7d59528d03a22ced6fbb6f2e576b3a40ed02077c50491c8bb71142774d64
GET /Serving/Cookie/?adfaction=getjs;adfcookname=uid HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 01:59:10 GMT
content-type: text/javascript; charset=utf-8
content-length: 180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 426 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
Size 426 kB (426459 bytes)
Hash 62b66e43b462bdc0589faf2546bb08e6
bcb65e2f3e1427314c2b3a86cbf3cd4e9a65b0dc
48d45819d3de140a6a990ff91c330fbf1f63db0ff64e3853254b1dc27cb8a309
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 01:46:59 GMT
expires: Sat, 28 Jan 2023 03:46:59 GMT
cache-control: public, max-age=7200
age: 732
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wazamba.com/joxi/js/boot/spaceship_wazamba.js?t=1674816726507
200 OK 165 kB URL HTTP/2 wazamba.com/joxi/js/boot/spaceship_wazamba.js?t=1674816726507
IP
ASN #209242 Cloudflare London, LLC
Size 165 kB (165193 bytes)
Hash f7f14c001d44e4795e19680f234f620b
c2633c0da4b62cbdcd98180fe81262f1259a4613
b7123267ff0cc4660d5bded87a2649181fa099562f1d14cc51316f24572b93ed
GET /joxi/js/boot/spaceship_wazamba.js?t=1674816726507 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 13:35:34 GMT
vary: Accept-Encoding
etag: W/"63972e26-14f5"
access-control-allow-origin: *
x-cache-status: HIT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7906208f3821b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1679160009.1674871152>m=2oe1p0&aip=1&z=507927894
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1679160009.1674871152>m=2oe1p0&aip=1&z=507927894
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1679160009.1674871152>m=2oe1p0&aip=1&z=507927894 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 01:59:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.dcdf252a9a6cf097c357.js
200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.dcdf252a9a6cf097c357.js
IP
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 4ab050de5a6437b8d1f5955ab1dbfb07
498e55a41dc3df84cf825bd946a1300a04b38677
87cbfe168c8537c46132cab67a16afe706796b7f301ac8dc5bd8f9ea847e4a72
GET /modules.dcdf252a9a6cf097c357.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68336
date: Fri, 27 Jan 2023 09:04:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4ab050de5a6437b8d1f5955ab1dbfb07"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VFjYPfscDSYm4MM13Mg1j5DqOY7NzyKGzM8j-AlVoNkGMF7cXRU1bg==
age: 60906
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash ecbec772cbaf4200998f1d842963b912
d4023ce395a0aec031d371f9d29c81ffdc017925
33e98b9d40a96f78f672161635be6d9bbe1c0d91445533f491340435f4481e34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5917
Cache-Control: max-age=135615
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:11 GMT
Etag: "63d3d911-117"
Expires: Sun, 29 Jan 2023 15:39:26 GMT
Last-Modified: Fri, 27 Jan 2023 14:00:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash ecbec772cbaf4200998f1d842963b912
d4023ce395a0aec031d371f9d29c81ffdc017925
33e98b9d40a96f78f672161635be6d9bbe1c0d91445533f491340435f4481e34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5917
Cache-Control: max-age=135615
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:11 GMT
Etag: "63d3d911-117"
Expires: Sun, 29 Jan 2023 15:39:26 GMT
Last-Modified: Fri, 27 Jan 2023 14:00:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
200 OK 28 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash caf2e885906d6d25e4bfb3fbd2048463
ea8c3be612ac1b3ee18dae469a4208388ca788b0
d2dec97fc0ea9d58d4426672070c3f09d5a714451fd2bacff2aef9258211aa35
GET /crab/startscreen/cash-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:11 GMT
content-type: image/webp
content-length: 28536
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=29855
content-disposition: inline; filename="cash-crab-logo.webp"
etag: "630f1da0-749f"
expires: Wed, 04 Jan 2023 20:53:05 GMT
last-modified: Wed, 31 Aug 2022 08:36:48 GMT
vary: Accept
cf-cache-status: HIT
age: 2201994
accept-ranges: bytes
server: cloudflare
cf-ray: 7906209938131c06-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
200 OK 152 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 152 kB (151608 bytes)
Hash dc8b0375858d38a5a251333a48e60709
1cbf60c6695c7fe37e90ec49c4ad50ff6fa744f7
60136a4825a2602ae8862ef79ac8d103bc069c507ea76a5699233e249fce82ea
GET /crab/backgrounds/start-screen-desktop__single_ball.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:11 GMT
content-type: image/jpeg
content-length: 151608
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origSize=154594, status=webp_bigger
etag: "623b0046-25be2"
expires: Thu, 05 Jan 2023 04:41:28 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
cf-cache-status: HIT
age: 2113905
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7906209928121c06-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
200 OK 150 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1080, components 3\012- data
Size 150 kB (150149 bytes)
Hash 1292a0631ae7d8704f8ca13b149fb57c
c98f5a6566a16a6eac69cc24fa12dbe3eb6e9b8f
02c32655984641c0f36fde93be7d8bf9c83ab69211f8ebf5e0ae94c2c7ddca8a
GET /crab/backgrounds/start-screen-desktop__balls.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:11 GMT
content-type: image/jpeg
content-length: 150149
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "623b0048-24a85"
expires: Thu, 05 Jan 2023 04:41:28 GMT
last-modified: Wed, 23 Mar 2022 11:11:04 GMT
cf-cache-status: HIT
age: 2367990
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7906209958181c06-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash ecbec772cbaf4200998f1d842963b912
d4023ce395a0aec031d371f9d29c81ffdc017925
33e98b9d40a96f78f672161635be6d9bbe1c0d91445533f491340435f4481e34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129698
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:11 GMT
Etag: "63d3d911-117"
Expires: Sun, 29 Jan 2023 14:00:49 GMT
Last-Modified: Fri, 27 Jan 2023 14:00:49 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash ecbec772cbaf4200998f1d842963b912
d4023ce395a0aec031d371f9d29c81ffdc017925
33e98b9d40a96f78f672161635be6d9bbe1c0d91445533f491340435f4481e34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129698
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:11 GMT
Etag: "63d3d911-117"
Expires: Sun, 29 Jan 2023 14:00:49 GMT
Last-Modified: Fri, 27 Jan 2023 14:00:49 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 60 kB IP
File type gzip compressed data, max compression\012- data
Hash d3ca5394f09f9eaf5f48fc61683d1d1d
884caaf0d66bbb227d19aa16b83d01faa1368a07
ba52fa8596ea64f02f3f078460f10b94d3e9c4455679e5d9a081b1948586d782
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:11 GMT
Etag: "63d3d911-117"
Server: ECS (amb/6BBE)
Content-Length: 279
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
200 OK 125 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 125 kB (124920 bytes)
Hash 6d37ce026529f6dbc461f0a9e779ed52
ee72985a64bfbbe9259d251148d3b6636cf7c948
370323d75ec8339ce5c5e7bdc8dce370701bb98adc28c180b176fca76a40afd3
GET /crab/backgrounds/start-screen-desktop__animals.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:11 GMT
content-type: image/webp
content-length: 124920
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=152171
content-disposition: inline; filename="start-screen-desktop__animals.webp"
etag: "623b0046-2526b"
expires: Thu, 26 Jan 2023 03:26:04 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
vary: Accept
cf-cache-status: HIT
age: 968722
accept-ranges: bytes
server: cloudflare
cf-ray: 7906209988241c06-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/promo-text.png
200 OK 20 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/promo-text.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 31f9984a6ea4ab039d1ca2be44c40c51
fb0c9dd75d1362fa410877e485ec85c544516cfc
4ee9e1556bae45b29055f28591dc50d54943144a25377eb9ad73cc4b108ff9f6
GET /crab/startscreen/promo-text.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:11 GMT
content-type: image/webp
content-length: 20300
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=21490
content-disposition: inline; filename="promo-text.webp"
etag: "630f1d9d-53f2"
expires: Tue, 10 Jan 2023 05:14:35 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 2201994
accept-ranges: bytes
server: cloudflare
cf-ray: 79062099882a1c06-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
200 OK 34 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash db1d31533283422abf8460024b0fa333
12951c08fcc92366278ce2a006f5f257ed9d6f02
b3894f9a38d87b7cb97a3c72744b34540e2d7d1dce7b65ca0e4281eae643f05d
GET /crab/startscreen/bonus-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:11 GMT
content-type: image/webp
content-length: 33602
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35463
content-disposition: inline; filename="bonus-crab-logo.webp"
etag: "630f1d9d-8a87"
expires: Wed, 04 Jan 2023 20:18:27 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 2201994
accept-ranges: bytes
server: cloudflare
cf-ray: 79062099882b1c06-OSL
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oe1p0&_p=402698239&_gaz=1&cid=1679160009.1674871152&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674871151&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_3486F199C6004609A63C1427D2B8D071%26clickid%3Dwpl5or2vvura497mi5jp5q5a%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oe1p0&_p=402698239&_gaz=1&cid=1679160009.1674871152&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674871151&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_3486F199C6004609A63C1427D2B8D071%26clickid%3Dwpl5or2vvura497mi5jp5q5a%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK>m=2oe1p0&_p=402698239&_gaz=1&cid=1679160009.1674871152&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674871151&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_3486F199C6004609A63C1427D2B8D071%26clickid%3Dwpl5or2vvura497mi5jp5q5a%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Sat, 28 Jan 2023 01:59:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=1679160009.1674871152>m=2oe1p0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=1679160009.1674871152>m=2oe1p0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK&cid=1679160009.1674871152>m=2oe1p0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Sat, 28 Jan 2023 01:59:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 3.7 kB IP
Hash a2703074c109ef622220453438fb0269
6a26c23503652b3b08b81266db542e5f7ed5dcce
358d2f65d270be3cb84c1592e522df21e70d2086c6e6754e9bb4e65e86401e66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
200 OK 94 kB URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
IP
File type ASCII text, with very long lines (23416), with no line terminators
Hash 5d8e551069063453b6f94854130e4fce
9735ed3cad9c1e791c97ee9a8eb70cc335a1fa9a
996ade1d073c4a0b598bd60f4aa8cfff2da11f4412efc46e715994bc4d849142
GET /ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:11 GMT
content-type: application/javascript
x-amz-id-2: VYKORFZEK8ncQjbBiiAK6oiTYdRdkzwPfaxRM/jinB20cI8N0LqXAF6x6uRMZJVhRKA1YH5Ltb2qBhbqYLdq5g==
x-amz-request-id: EBZ4ZRD66V3TGNXR
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 30
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohiWipN4FtnY4Qc8l4iDx1By9BD2MATY9ic7i9HScCHV9btfFQ6so6Le1%2Bs25zm5In3XN%2FjXfa7t9j98rCeg8o3wx9UrWtCnKLhIW3bZ5MBDxwZ2qWfLbUoSqynGBaH09%2BSQpMk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 790620996d4d1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
200 OK 1.8 kB IP
Hash b78fc36c1be0594353f6c424b056e8d1
34c991081b54ee1ccaee9ca584516d45d7414a20
9f97cee35eb611f8c08dbf51dd02de6c1043d55740433fe560fd6ba7452049e6
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 01:59:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 21:28:20 GMT
Expires: Sat, 28 Jan 2023 21:28:20 GMT
ETag: "34c991081b54ee1ccaee9ca584516d45d7414a20"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
200 OK 19 B URL HTTP/1.1 logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash b5efa112ce475f8bf73086a68521ea2e
4c4e7a9e8feb3e4595b4baf2db4466df001afa61
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
POST /inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger HTTP/1.1
Host: logs-01.loggly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 358
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 01:59:11 GMT
Content-Type: text/html
Content-Length: 19
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
200 OK 20 B URL HTTP/2 zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
IP
Hash 163be0a88c70ca629fd516dbaadad96a
c8830ccf3a863e489ca37f4da572bad0e05d077b
ac73670af3abed54ac6fb4695131f4099be9fbe39d6076c5d0264a6bbdae9d83
POST /Wazamba/dcs/tagController/tagData/6db8c7e6cdeb HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 44
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-origin: https://wazamba.com
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Sat, 28 Jan 2023 01:59:12 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 28 Jan 2023 01:59:12 GMT
content-length: 20
set-cookie: CxtId=920ef3b6-8c40-46a9-beb5-2e3ddbe57b55; Domain=.connextra.com; Expires=Mon, 27-Jan-2025 01:59:12 GMT; Path=/; Secure
Wazamba=P%7Clandingpage%7C1%7C202301280159; Domain=.connextra.com; Expires=Sun, 28-Jan-2024 01:59:12 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
200 OK 1.4 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP
Hash 9c87215becfdac11b9d7548d1c842ce0
2f5c3ba48a3baefed3413874566300fe3174593d
d7b350e49d93db3592b070c1e227f5a38b5738d320a517d60cab097589595505
GET /event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1439
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master cdg-pixel-x34 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 28 Jan 2023 01:59:11 GMT
Date: Sat, 28 Jan 2023 01:59:12 GMT
Connection: keep-alive
Set-Cookie: uuid=d4cf63d4-8170-4800-aedf-79926a6b211d; domain=.mathtag.com; path=/; expires=Sun, 25-Feb-2024 01:59:12 GMT; SameSite=None; Secure
ocsp.digicert.com/
200 OK 471 B IP
Hash 3a781ceb35b8e3aea35ce9854296eb48
27ed35b1b329d2422967b62958d28d4a9f8afbf5
d0f1a72b57f1d65b34e9ad00d38118bd9835dd51b437fada8a571078b5cacf0f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4674
Cache-Control: max-age=162464
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:13 GMT
Etag: "63d446cf-1d7"
Expires: Sun, 29 Jan 2023 23:06:57 GMT
Last-Modified: Fri, 27 Jan 2023 21:49:03 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/seg?add=31078906&t=2
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=31078906&t=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=31078906&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 28 Jan 2023 01:59:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
AN-X-Request-Uuid: 04f2c3ca-3903-4f5b-bc0e-5ea1cd5430bf
Set-Cookie: uuid2=9053523535393065558; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 28-Apr-2023 01:59:13 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sat, 28 Jan 2023 01:59:13 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master cdg-pixel-x35 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=cb4363d4-8171-4200-9734-586f117a2818; domain=.mathtag.com; path=/; expires=Sun, 25-Feb-2024 01:59:13 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/cb4363d4-8171-4200-9734-586f117a2818
Expires: Sat, 28 Jan 2023 01:59:12 GMT
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 28 Jan 2023 01:59:13 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 326f1a7c-6488-4dee-9b01-4e616116d505
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9dca30eedfac46ba9a042151aef817f9
cdf1a151322e64458e9a368bc83254880bff08af
bd3f869d7dd868b3005e70cf696e437187144ee855f0654d1614e2f45459c948
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123816
Date: Sat, 28 Jan 2023 01:59:13 GMT
Etag: "63d3b492-1d7"
Expires: Sun, 29 Jan 2023 12:22:49 GMT
Last-Modified: Fri, 27 Jan 2023 11:25:06 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oOIVQrqzjrk0I-FK5e6DN3wS5dHkC0flWtdIn53dL4dlvLUPZcNAsw==
Age: 3463
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 003afa10ac3daeb97616319aaf2d2da3
49730b7691ced8c0571f5d80d35b3a1840aa2ee4
cfc0b4b19bc55cc60f48fa34c611d90b37b49fc4787bd7bfa46a2965a2eff1fc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 01:59:13 GMT
Last-Modified: Sat, 28 Jan 2023 01:00:25 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aI78XYp_DMIuxHIfvrdX68ZjtbYFMSxA5gmYwPXyQs1psUhAOEqaug==
Age: 3528
match.prod.bidr.io/cookie-sync/geniussports
303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 28 Jan 2023 01:59:13 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sat, 28 Jan 2023 02:09:13 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 28 Jan 2023 01:59:13 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sat, 28 Jan 2023 02:09:13 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
pixel.mathtag.com/sync/iframe?mt_uuid=d4cf63d4-8170-4800-aedf-79926a6b211d&no_iframe=1&mt_adid=256810&source=mathtag
200 OK 677 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=d4cf63d4-8170-4800-aedf-79926a6b211d&no_iframe=1&mt_adid=256810&source=mathtag
IP
File type HTML document text\012- HTML document, ASCII text
Hash d40dcbee218af49abbd15f61f5da0ffd
e3ec85d9073fa1cc0be1fed18344a6d4a2076e9d
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
GET /sync/iframe?mt_uuid=d4cf63d4-8170-4800-aedf-79926a6b211d&no_iframe=1&mt_adid=256810&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 677
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master cdg-pixel-x13 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 28 Jan 2023 01:59:12 GMT
Date: Sat, 28 Jan 2023 01:59:13 GMT
Connection: keep-alive
vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
200 OK 4.3 kB URL HTTP/2 vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 14af74f343fd9b531b6d49368e3b1544
5bac323e18c1bc351433793129dc96606e381608
824145d08163b67c07fd74d7aa344176ffa0657bc6fd446ef1473a88c00c8402
GET /box-fc6c0cda90900662e5160cde908b3e86.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 27 Jan 2023 09:04:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "c34915675a9e912c93dac934322be7d1"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IeNw-v29mNARh9Qs2oyvOpC4NEzQ6LCPQUlimec6Y_Ylrpwrfsur7Q==
age: 60907
X-Firefox-Spdy: h2
1285b431-9b61-44f5-a12c-2576c020ae2c.seondnsresolve.com/
200 OK 633 B URL HTTP/2 1285b431-9b61-44f5-a12c-2576c020ae2c.seondnsresolve.com/
IP
File type JSON data\012- , ASCII text, with very long lines (633), with no line terminators
Hash ad678bc80252ccf916d32b9c44262a41
7bde8061956843e9940540878e915728b79ca1fe
847b2219a16ff60bddc70014f534bc105af5a77243c6318094358b19754d2da7
POST / HTTP/1.1
Host: 1285b431-9b61-44f5-a12c-2576c020ae2c.seondnsresolve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 6181
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 633
date: Sat, 28 Jan 2023 01:59:13 GMT
x-amzn-requestid: d094ba5c-45f4-44c7-95aa-41c0e8c3a407
access-control-allow-origin: *
x-amz-apigw-id: fbkpyHazDoEF0Rw=
x-amzn-trace-id: Root=1-63d48171-1d6dc29a70e1a5ff1b7a6049;Sampled=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JhAoviRFGi8mKaGQBjRFdmnwjf1SOpb7JxZu9aPVzTkvgaNfyCsWEg==
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1
200 OK 9.3 kB URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1
IP
Hash 29580928ab5b7563ed2ca62a9b6628c1
3d2eff5b774f0b7409ed485ea0f2fe64c899bf12
1cc59cafa54a3dbae8da92f2fb2cb43e4cabea1adcaf24d0929aba4921fb775a
GET /api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:13 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 790620a67cd7b4fa-OSL
X-Firefox-Spdy: h2
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Sat, 28 Jan 2023 01:59:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 28 Jan 2023 01:59:13 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
zz.connextra.com/sync/data/uid/6c883bd680/cb4363d4-8171-4200-9734-586f117a2818
200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/cb4363d4-8171-4200-9734-586f117a2818
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/6c883bd680/cb4363d4-8171-4200-9734-586f117a2818 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Sat, 28 Jan 2023 01:59:13 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 28 Jan 2023 01:59:13 GMT
content-length: 64
set-cookie: CxtId=daaae8e8-12c2-4296-ad68-6f9e432c06d8; Domain=.connextra.com; Expires=Sun, 28-Jan-2024 01:59:13 GMT; Path=/; Secure
ex_uuid=6c883bd680%2Ccb4363d4-8171-4200-9734-586f117a2818; Domain=.connextra.com; Expires=Sun, 28-Jan-2024 01:59:13 GMT; Path=/; Secure
X-Firefox-Spdy: h2
zz.connextra.com/sync/data/uid/508a5e2dd5/
200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/508a5e2dd5/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Sat, 28 Jan 2023 01:59:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 28 Jan 2023 01:59:14 GMT
content-length: 64
set-cookie: CxtId=1caedaf6-6794-4480-b236-2583ca510a82; Domain=.connextra.com; Expires=Sun, 28-Jan-2024 01:59:13 GMT; Path=/; Secure
X-Firefox-Spdy: h2
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=d4cf63d4-8170-4800-aedf-79926a6b211d&no_iframe=1&mt_adid=256810&source=mathtag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master cdg-pixel-x34 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 28 Jan 2023 01:59:13 GMT
Date: Sat, 28 Jan 2023 01:59:14 GMT
Connection: keep-alive
Set-Cookie: uuid=739763d4-8172-4600-a1f4-02f51aa7ca3b; domain=.mathtag.com; path=/; expires=Sun, 25-Feb-2024 01:59:14 GMT; SameSite=None; Secure
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 01:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 01:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 01:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 01:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 01:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
204 No Content 0 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetAuth/SignIn HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Sat, 28 Jan 2023 01:59:14 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
204 No Content 0 B URL HTTP/2 sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetBonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Sat, 28 Jan 2023 01:59:14 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
204 No Content 0 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetAuth/GetSystemParameters HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Sat, 28 Jan 2023 01:59:14 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
200 OK 72 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 390406eff768f9cbbffd928bb5cafdb7
618a24b27a6620e8499ac5942ac55e6cfd7fb593
56e2df3addeca698a846301e56be8dda12116c795db1f03ef6242b849be12f43
POST /api/WidgetAuth/SignIn HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 99
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Sat, 28 Jan 2023 01:59:14 GMT
content-type: application/json; charset=utf-8
content-length: 72
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
200 OK 168 B URL HTTP/2 sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 4bb0d8e93664d62c57f559f97ceae40a
590fbdb8542ffc1771c62e09c8b8aaf4b2fc03ff
52b5a77257d63de4bf03810962dda90f839a54b0bc4ce03103e35bd1a60fc151
POST /api/WidgetBonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 77
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Sat, 28 Jan 2023 01:59:14 GMT
content-type: application/json; charset=utf-8
content-length: 168
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
200 OK 343 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
IP
File type JSON data\012- , ASCII text, with very long lines (343), with no line terminators
Hash ed6466415bd9c228749ca2f1d0536401
351a7721a22223d56eb393aa3c42f3931bd9f988
589c127437987a330578f8cd7135ede1fb7402cbfea8ae45434dc3e29adb57cb
POST /api/WidgetAuth/GetSystemParameters HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 77
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Sat, 28 Jan 2023 01:59:14 GMT
content-type: application/json; charset=utf-8
content-length: 343
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 01:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 01:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
vc.hotjar.io/sessions/2021928?s=0.25&r=0.001463452777332619
204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/2021928?s=0.25&r=0.001463452777332619
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/2021928?s=0.25&r=0.001463452777332619 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Sat, 28 Jan 2023 01:59:14 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jrn3rzNUqYEhIz4FTGL1VSEytRzEE9o26ofbs-z2kzZ65BRVqsa3Jw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 38b8ebe8184941069c10379b7441a62e
1db1fea07a39f5d4116f97d43b90ee3675990934
c7f3ff1b2755c6b1815e03f6fa16a3134acaa1a0a279e5bf104806fd5f365aae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99435
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 01:59:14 GMT
Etag: "63d362dd-118"
Expires: Sun, 29 Jan 2023 05:36:29 GMT
Last-Modified: Fri, 27 Jan 2023 05:36:29 GMT
Server: nginx
Content-Length: 280
sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=light
200 OK 46 kB URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=light
IP
Hash 9c58235c75d5694365edac15a52e2fcd
e4ccd1b8869ada41e0cb77f4e6472933bfe4fb7b
bf2d9a8211a802f5c5375334cd60655c4957e4370983415dae654e7d70d42cca
GET /api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=light HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:13 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 790620a61989b511-OSL
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&countryCode=NO&sportId=0&eventCount=7
200 OK 31 kB URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&countryCode=NO&sportId=0&eventCount=7
IP
Hash 359ced1e7abe5c9167137bca0f5cc692
e1f14a1b1936ec7b936e3871bb2629e4284abbcc
d66b4c1416737d0fa0288e0c1348bca37fa3e4bc506fc1b75634039d0c105816
GET /api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&countryCode=NO&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:14 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 790620abb84bb4fa-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/web-widget-framework-59b8a859ce8a473d961c.js
200 OK 59 kB URL HTTP/2 static.zdassets.com/web_widget/latest/web-widget-framework-59b8a859ce8a473d961c.js
IP
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 01403824f0368833013147679d52a417
e5246e2d03c96c36bf17ee30cdc98cbbeae0dbdd
65f207368dbcb6b7ce86b32c795b38f42d7616c877b974dffc5d7bd126735a75
GET /web_widget/latest/web-widget-framework-59b8a859ce8a473d961c.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:14 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: eqi5IJQsZltOEPYX18LZfa9yHAtGFvEXQO7zmTiGIn0VvD4F0CwBVgdFmBuHSbbKdhbjAWDPQGE=
x-amz-request-id: JT3WC3ZCPKE9H3EG
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:03:21 GMT
etag: W/"6337d08bfec6eec8c5e9f218e1ca6471"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:03:19 GMT
x-amz-version-id: .eV5Z5rLMQLzZziY1JqjOEi.7xRQkb6M
cf-cache-status: HIT
age: 95181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqmvPIyHHvU7o2c41VfgfGDHG83vGx%2F7Za8nUmk4Il8OqAmmhC9%2FNsBQbPixLn%2F%2FoN4rqKqQpbW8LPXBz4MvYokB3WLq0rhmF6FCP6gIeV7bVOdBGSAeuRakLFCcKkVyw4g9AWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 790620aaba5e1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
200 OK 68 B URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Mon, 02 Jan 2023 16:43:26 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7ZQaHOCl9J_8T7FNVmmBb5zTMqDtOGUropvvK8-YAB-Nj1eGnqbciw==
age: 2193350
X-Firefox-Spdy: h2
wazamba.com/socket/?lang=no&EIO=3&transport=websocket
101 Switching Protocols 92 B URL HTTP/1.1 wazamba.com/socket/?lang=no&EIO=3&transport=websocket
IP
ASN #209242 Cloudflare London, LLC
Hash bfb27170337d20bc85232134b6bd31a0
89cb09aaef998602acb99bdf77768cddea3fed60
0fbfb0603fc96bf8ea395551e9d94d127162f2719db3d049f12340a6be2ab032
GET /socket/?lang=no&EIO=3&transport=websocket HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wazamba.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: krw/mKGHv0hK+rOuimRcIg==
Connection: keep-alive, Upgrade
Cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; data=b2702f63bcf5b135e5b03a59bdf797f2; _ga_F5V35L3FQK=GS1.1.1674871151.1.0.1674871152.59.0.0; _ga=GA1.2.1679160009.1674871152; _gid=GA1.2.687029404.1674871152; _gat_UA-131568742-1=1; _hjSessionUser_2021928=eyJpZCI6ImEwMGUwNjJkLTQ3ZTctNTYwMy1iNzUzLTU2NTkzMmJkMWQ4MyIsImNyZWF0ZWQiOjE2NzQ4NzExNTE4ODcsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2021928=eyJpZCI6IjlhZWE0ZjM2LWU1NDUtNGUzNy1iNzhkLTg1YTc4Y2YzMTU0NyIsImNyZWF0ZWQiOjE2NzQ4NzExNTQ1OTgsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 28 Jan 2023 01:59:15 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: v/qFkzpvUPAyR6E1Sy5v+HpLM9o=
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790620b02aeab4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wazamba.zendesk.com/embeddable/config
200 OK 13 kB URL HTTP/2 wazamba.zendesk.com/embeddable/config
IP
File type JSON data\012- , ASCII text, with very long lines (716), with no line terminators
Hash 96865a48d6e5ce5705472b08eff5afb3
869d1267aa71fb7b9ef2f9cdd80b989dc3f6ecfd
b4033db7e908ee4fbc445e9996c1818250f7c77874e38ce03f4c9c2d9a235bc7
GET /embeddable/config HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:15 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-55866f4ccc-ptmfn
x-request-id: 790620addb1cb51d-DUB
x-runtime: 0.001600
vary: Origin, Accept-Encoding
x-cached: MISS
last-modified: Sat, 28 Jan 2023 01:55:51 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEnil0OZTXzXykc9NDxniyUNOA7MgtlU6UeE9WgtSZ0sGagm2cbyoRViKdm71cMaRg%2FteOuY5SBHyfWOin%2FufxrRO2Me4KtMRiEF0VnHCPdFd821v3jf6gTwR3HvSy1aYiobd00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=9c2c25a7bc6c7ff4081cb69a84e961368b65e46f-1674871155; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 790620addb1cb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-classic-3789e01.js
200 OK 8.7 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-classic-3789e01.js
IP
File type ASCII text, with very long lines (13518), with no line terminators
Hash 69b9f9e2316b56d88897831bbd51a2eb
7a35e96dbdb0dc4cdf65e54c3cdf432a8ec535ef
0bea28495948541f53ab44f2d1756c980d25e022598f98de6dff72997dde22b0
GET /web_widget/latest/classic/web-widget-classic-3789e01.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:15 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: eLswCNR3+snNcmV5ZA7Ixw7RaFFn72sxVkOTwb5i9yiZY1h6sRTeKvt92DowGYacQvMhKNBkx/g=
x-amz-request-id: JT3Y1BVRACV79AY6
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:06:01 GMT
etag: W/"d1e5f0b356064ff6680a59d127c5d617"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:06:00 GMT
x-amz-version-id: m2N7HE7DqdZwJoIBBUB1awf6lJoYOXK8
cf-cache-status: HIT
age: 95181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKC2QdsTqonb6eH0w%2F0KPfFFcZih5YCt5EfAMqBCjRj0f5iJ8KL8ntOEQsOvDnqpyXrtLOl6r4yViL%2F8WAKlr%2Bta99ESd13yoF5up3DztIC7zTdWfk3ZeZe1aFL0SWHsPkoPJ3g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 790620b26c771c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-8165-3789e01.js
200 OK 194 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-8165-3789e01.js
IP
File type ASCII text, with very long lines (65307)
Size 194 kB (193952 bytes)
Hash abc9a56e333349dc33fbc780f7421888
291a6975bb1aa4d99463f24fec3adfbe1a91948f
6378befccdc9caca7a32e77965b51516dedcac5fb1786b4446b9a1d32fca265b
GET /web_widget/latest/classic/web-widget-8165-3789e01.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:15 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 3l2QEFjOGn7gb5wcEFZ79CHuLKV6LBOJqsvqW7I3b1li7jGSnO5id5UI8PWsvDT0+Je8O5wuQp0=
x-amz-request-id: NQRJJAQT92KAX1GC
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:06:01 GMT
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:06:00 GMT
x-amz-version-id: XkgxmNKTmDVQU4edOT7cokqmxhL.gbuw
cf-cache-status: HIT
age: 95181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cHRcqiHm%2FtkPV5r21qSIgK0O1rusDvJZfe%2F9nzACYCJ2xRBmFBJElnZ0Qki95U0Npmj%2F8zpd6JddcCapN0mwDqvcpdhhYo3nlyCwh3Pu3HBwbd62lWtW2EyKRFbUypen435UAo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 790620b35cba1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 17d1574f13b37f1b73f645d82da2fbf7
3da8a75d0f03e653d1068d812580d2de0086c76b
f65d7c22fde0079269164c3b1b78ec612c3e84a4181be0dc067e82edf9cdeccf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90182
Date: Sat, 28 Jan 2023 01:59:16 GMT
Etag: "63d33487-1d7"
Expires: Sun, 29 Jan 2023 03:02:18 GMT
Last-Modified: Fri, 27 Jan 2023 02:18:47 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gaKPJDjOUdqk_ktPXXNYoajcKePW62gXwkG52dMK5AB2dOjaIi4UhQ==
Age: 2611
static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-3789e01.js
200 OK 52 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-3789e01.js
IP
File type ASCII text, with very long lines (65307)
Hash 01de515d0b2165438b68ff43f7178a78
a5822f99906c1186e00ee72b0b62fedcd860d390
c0527e879b29a10db7ddae7eddf4cc86d3af78e3a6cc32e7c795da44bd6812c4
GET /web_widget/latest/classic/web-widget-chat-sdk-3789e01.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:16 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 0ZgGA3JH6miO60x+iV4oIGzYcSSrgEETqXHpElm9WEf4+AkLl/9h8tz3a37VriCoG8UCSkz0VtI=
x-amz-request-id: NQRGRC1FM4X7GEDR
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:06:01 GMT
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:06:00 GMT
x-amz-version-id: PEXg4EmT1iygpaMR18z9QrcVS8A_Z3Ep
cf-cache-status: HIT
age: 95181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM84CSgEi13F3Q21gfrBNsd%2B3JUE5L9ziSsucS6oZJGJxupxCn80BmK01UANVoDpLstejzxTxFb0nXcXt%2BDjAIg5lPDWj4z9xlmlUqEwF0PzQSUSrlES4%2BieWbx6ZmjWoMex560%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 790620b6ad891c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c940c8885425819c74584ac84dbd6be1
a6b8537c3e9a639f3b962de49edf04631155f39f
49825e8c20721fa40ba96fa202fc0805eb0e9b031b477b903b84dbb0ddd67e4d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 01:59:16 GMT
Last-Modified: Sat, 28 Jan 2023 00:10:58 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kR3m8Xg3AjIvAbCHcu4YYnt08emPQjz8Px5WFoHTrQg0nzpJLJRWWg==
Age: 6498
widget-mediator.zopim.com/s/W/ws/ycnMxtpoBr0EK9jT/c/1674871156904
101 Switching Protocols 0 B URL HTTP/1.1 widget-mediator.zopim.com/s/W/ws/ycnMxtpoBr0EK9jT/c/1674871156904
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/ycnMxtpoBr0EK9jT/c/1674871156904 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wazamba.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Eti+q/lV9+ALyXulSy0/wg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 28 Jan 2023 01:59:16 GMT
Connection: upgrade
Set-Cookie: AWSALB=NBmVF90P0Q7RMoNUnFDs/l7TE8pbK3WCr+k05KrE++Sx/65Q50TnZrGx0lAPptx0EIMcWoDW5lye3bD0k8gxJf7EI3dfKNVhX9We/2zcUz3hAUcM99Bh6T8WCZ5d; Expires=Sat, 04 Feb 2023 01:59:16 GMT; Path=/
AWSALBCORS=NBmVF90P0Q7RMoNUnFDs/l7TE8pbK3WCr+k05KrE++Sx/65Q50TnZrGx0lAPptx0EIMcWoDW5lye3bD0k8gxJf7EI3dfKNVhX9We/2zcUz3hAUcM99Bh6T8WCZ5d; Expires=Sat, 04 Feb 2023 01:59:16 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: u4sRvmVQJpwhCWMgm1uJ+VP7xRg=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8744995437fb5a3fa77a14c2e72ac6f
f8ad682561dd204e1193bd6ea1fb7e8eccd51610
76445eced51bce8532ffd0ef6131b5c6d8f38a15267bcad99767795f9191efd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10213
x-amzn-requestid: f95cebd1-4305-4dda-b750-4801a441a6a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkFR5oAMFQQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-59ba391e439557731d323660;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1NYK_m9n3VxzpG0TVuBCrI8hKMNfAfWYC2Jbjr5JpHd4XlzYaQi0Pw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:10 GMT
age: 15006
etag: "f8ad682561dd204e1193bd6ea1fb7e8eccd51610"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c808e0-eda9-4074-b1ed-65637dbd4ba9.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c808e0-eda9-4074-b1ed-65637dbd4ba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 940946e65210c717266c3a64751f1b72
f0e66aeef0c72865d565f48b563f66a184b758a9
1d031b8a530a1e6d84d79fae891f023e1ab7646596c00c57d83cfffce1f6fdf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c808e0-eda9-4074-b1ed-65637dbd4ba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5742
x-amzn-requestid: b22fd8a5-eefc-494e-a304-75b69eef069d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPFr2GsdoAMFpqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8318-69b5e7c726fa92134d08c775;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:04:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _v22JZf26Ru1GosUney59kegdHWXkI1HT1yLPBZQzNrETZMdos834w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 04:39:18 GMT
age: 76799
etag: "f0e66aeef0c72865d565f48b563f66a184b758a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wazamba.com/joxi/js/v11.1.13/vendor.js
200 OK 0 B URL HTTP/2 wazamba.com/joxi/js/v11.1.13/vendor.js
IP
ASN #209242 Cloudflare London, LLC
GET /joxi/js/v11.1.13/vendor.js HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
etag: W/"628b4a0e-26135"
last-modified: Mon, 23 May 2022 08:47:10 GMT
vary: Accept-Encoding
x-cache-status: HIT
cf-cache-status: HIT
age: 2656192
server: cloudflare
cf-ray: 7906208f4833b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.com/joxi/js/v11.1.13/angular182.js
200 OK 0 B URL HTTP/2 wazamba.com/joxi/js/v11.1.13/angular182.js
IP
ASN #209242 Cloudflare London, LLC
GET /joxi/js/v11.1.13/angular182.js HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
etag: W/"628b4a0d-4814e"
last-modified: Mon, 23 May 2022 08:47:09 GMT
vary: Accept-Encoding
x-cache-status: HIT
cf-cache-status: HIT
age: 2656192
server: cloudflare
cf-ray: 7906208f4835b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.com/christmas-promo/styles.css?t=1674816726507
200 OK 0 B URL HTTP/2 wazamba.com/christmas-promo/styles.css?t=1674816726507
IP
ASN #209242 Cloudflare London, LLC
GET /christmas-promo/styles.css?t=1674816726507 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: text/css
cf-ray: 7906208f381db4ee-OSL
access-control-allow-origin: *
age: 175
etag: W/"63d3dabc-a384"
last-modified: Fri, 27 Jan 2023 14:07:56 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=41860
cf-revalidated: Sat Jan 28 2023 01:56:14 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1674871034794
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.com/dvs-page/styles.css?t=1674816726507
200 OK 0 B URL HTTP/2 wazamba.com/dvs-page/styles.css?t=1674816726507
IP
ASN #209242 Cloudflare London, LLC
GET /dvs-page/styles.css?t=1674816726507 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: text/css
cf-ray: 7906208f381eb4ee-OSL
access-control-allow-origin: *
age: 175
etag: W/"63d3dabc-2cf5"
last-modified: Fri, 27 Jan 2023 14:07:56 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=11509
cf-revalidated: Sat Jan 28 2023 01:56:14 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1674871034802
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
200 OK 0 B URL HTTP/2 ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
IP
GET /compose/36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:14 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"5995a6fcb40e0960b2ec15a1eabdf4d1"
x-request-id: 78fd28b988940afa-ARN, 78fd28b988940afa-ARN
x-runtime: 0.002486
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nV26ZaHYcvgbOM55jPduIooSSAZwxIf1meL4yDj4bQeSvdKsPl1E9zzvWY11m6etbzjNamvwhksmn3widG8BB8VQgQwOVdKx24SnK88Gp5jq%2F8v6%2FEpJYQboP53NDBZyXVY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 790620a6bf57b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
200 OK 0 B URL HTTP/2 wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
IP
ASN #209242 Cloudflare London, LLC
GET /no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: text/html
cf-ray: 7906208e2f5bb4ee-OSL
age: 175
last-modified: Fri, 27 Jan 2023 14:07:56 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-revalidated: Sat Jan 28 2023 01:56:14 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1674871034744
content-security-policy: frame-ancestors 'self' wazamba.com m.wazamba.com
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.com/joxi/js/v11.1.13/moment.js
200 OK 0 B URL HTTP/2 wazamba.com/joxi/js/v11.1.13/moment.js
IP
ASN #209242 Cloudflare London, LLC
GET /joxi/js/v11.1.13/moment.js HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
etag: W/"628b4a0e-3c80f"
last-modified: Mon, 23 May 2022 08:47:10 GMT
vary: Accept-Encoding
x-cache-status: HIT
cf-cache-status: HIT
age: 2656192
server: cloudflare
cf-ray: 7906208f381fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2021928.js?sv=6
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2021928.js?sv=6
IP
GET /c/hotjar-2021928.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sat, 28 Jan 2023 01:59:11 GMT
cache-control: max-age=60
etag: W/f30f416d5a303adce647e34dcdc3afa6
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: et0ZqEi_koRsvud7tkzTPvGy2dSean6Kshe6DPKSj9LkqCjxN-EKIg==
age: 27
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Pacifico&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Pacifico&display=swap
IP
GET /css2?family=Pacifico&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 01:59:10 GMT
date: Sat, 28 Jan 2023 01:59:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
wazamba.com/joxi/js/v11.1.13/jquery.js
200 OK 0 B URL HTTP/2 wazamba.com/joxi/js/v11.1.13/jquery.js
IP
ASN #209242 Cloudflare London, LLC
GET /joxi/js/v11.1.13/jquery.js HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
etag: W/"628b4a10-4a95f"
last-modified: Mon, 23 May 2022 08:47:12 GMT
vary: Accept-Encoding
x-cache-status: HIT
cf-cache-status: HIT
age: 2656192
server: cloudflare
cf-ray: 7906208f482bb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rec.smartlook.com/es6/init.c36e00133f2cc8652f50.js
200 OK 0 B URL HTTP/2 rec.smartlook.com/es6/init.c36e00133f2cc8652f50.js
IP
ASN #60068 Datacamp Limited
GET /es6/init.c36e00133f2cc8652f50.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:11 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"63d3d00f-dbcb"
last-modified: Fri, 27 Jan 2023 13:22:23 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1706362623
server: CDN77-Turbo
x-77-nzt: AblMCQ0Y1cX/8K0AAA
x-77-nzt-ray: c0a4cc28f34a7b856f81d463843ceb06
x-cache: HIT
x-age: 44528
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
wazamba.com/preloader.css?t=1674816726507
200 OK 0 B URL HTTP/2 wazamba.com/preloader.css?t=1674816726507
IP
ASN #209242 Cloudflare London, LLC
GET /preloader.css?t=1674816726507 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: text/css
cf-ray: 7906208f3817b4ee-OSL
access-control-allow-origin: *
age: 175
etag: W/"63d3dabc-604"
last-modified: Fri, 27 Jan 2023 14:07:56 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=1540
cf-revalidated: Sat Jan 28 2023 01:56:14 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1674871034784
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.com/joxi/js/v11.1.13/rx.js
200 OK 0 B URL HTTP/2 wazamba.com/joxi/js/v11.1.13/rx.js
IP
ASN #209242 Cloudflare London, LLC
GET /joxi/js/v11.1.13/rx.js HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
etag: W/"628b4a10-230bc"
last-modified: Mon, 23 May 2022 08:47:12 GMT
vary: Accept-Encoding
x-cache-status: HIT
cf-cache-status: HIT
age: 2656192
server: cloudflare
cf-ray: 7906208f4834b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-5324-3789e01.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-5324-3789e01.js
IP
GET /web_widget/latest/classic/web-widget-5324-3789e01.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:15 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 5iEbvRNjpo2HmT4W8W8hFe7XYYzerZGVBZIzH0czqdD7jh+Yk56/4A4Nv4FXTOQ5ijvn38d10mg=
x-amz-request-id: NQRPZ93Y070WT5KM
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:06:01 GMT
etag: W/"a0d9b904197466a0a807d792b0b139b6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:06:00 GMT
x-amz-version-id: wdUhzTP_PBU4zLulSlUyuH.2qRiLFsd2
cf-cache-status: HIT
age: 95181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mg8unf5QxtGl8JM%2FkDiP%2BHt4KW6VK%2F5cOdN1Qv8fcA6B9xFFnKSvAM1QQ0v9sn5DtAcyqdbFkrsG4Fe%2FJr8VcN0aeMtw12mxzpV%2FW268U7ygID0iizjEzbXEkPge7Ot3D%2BtoqDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 790620b35cbb1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-3789e01.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-3789e01.js
IP
GET /web_widget/latest/classic/web-widget-locales/classic/en-us-json-3789e01.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:16 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: jfwJvHHzFgjdja4+CPMSOxBkcjcXp795SI8fDTNhhhGYiIrVlnyHYidESYBPHtzkgUtkSQf1rIQ=
x-amz-request-id: NQRHHVX9JX9FQGXW
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:06:03 GMT
etag: W/"89b68f56c96d15075b04b0ea633eabf1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:06:02 GMT
x-amz-version-id: o.UUg_NpAHuxy6_PcLSLI7hLSFjsoUT1
cf-cache-status: HIT
age: 95180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2uVvuypLHCg9%2FeGQ7IIQUs2D8zF4ssTC7bH8v4hnIvIiDZe658AhjQT2QI23AY%2F4liHVBcLj8n1L8hB3AqIjyyr8ngbj7nqxwCjh4viTLNPeZ38cL0tVRpBwd4XUJo%2B6%2FlO%2FIY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 790620b63d701c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.seondf.com/js/v4/agent.js
200 OK 0 B URL HTTP/2 cdn.seondf.com/js/v4/agent.js
IP
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seondf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
cache-control: max-age=14400
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r3vBq8zJ-CY-NYQu_l7H4C5pSplwPeCF8zFIyJyqVW6saqZZag2g2w==
cf-cache-status: HIT
age: 891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXqibOdMyu3Hmvkv2muWkXuNvATKLlnAcR5zemPIJDRzhpd5swUKPNRzJHqyiUIXX3jwoMww77rb%2FtW%2FZiH1I3ZCMFQEtjiKSIu%2Bk2QYHDbJTGqvz%2BFezH%2FpYpAntvDhUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906208fbe8bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.com/joxi/js/v11.1.13/gsap.js
200 OK 0 B URL HTTP/2 wazamba.com/joxi/js/v11.1.13/gsap.js
IP
ASN #209242 Cloudflare London, LLC
GET /joxi/js/v11.1.13/gsap.js HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
etag: W/"628b4a0d-2d86f"
last-modified: Mon, 23 May 2022 08:47:09 GMT
vary: Accept-Encoding
x-cache-status: HIT
cf-cache-status: HIT
age: 2656192
server: cloudflare
cf-ray: 7906208f4832b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-3789e01.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-3789e01.js
IP
GET /web_widget/latest/classic/web-widget-chat-incoming-message-notification-3789e01.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:18 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: bWjsovKjRCekYYLQbkX5CJqj4I4RdaBrb2p4amftObEwQibIuAVIZZCi5lDVCSxXoyuK2wNuGfo=
x-amz-request-id: XZJWHCF5Q7CG9GTG
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:06:01 GMT
etag: W/"659635f5ad1b6653645380f46aa42236"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:06:00 GMT
x-amz-version-id: PTkQfFoeUt2llEzxwBYnSfB39O35UzsZ
cf-cache-status: HIT
age: 95182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtTWeK73zI5xazBAcRBwJ0lO38bLPbTUtsrkueYs1KK%2BrS460wpu6K8SU2OK7appB5NNDRnIH5W9SkWqqpnWSGnsIBhfiZdJ%2BBTKYnJg5E6DetWoEu5v3FIhuhezbp9vES80vtM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 790620c1e8bd1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&countryCode=NO&sportId=0&eventCount=7
200 OK 0 B URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&countryCode=NO&sportId=0&eventCount=7
IP
GET /api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&countryCode=NO&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:14 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 790620ab7818b4fa-OSL
X-Firefox-Spdy: h2
wazamba.com/en/api/v2/system/dragon.js
200 OK 0 B URL HTTP/2 wazamba.com/en/api/v2/system/dragon.js
IP
ASN #209242 Cloudflare London, LLC
GET /en/api/v2/system/dragon.js HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_3486F199C6004609A63C1427D2B8D071&clickid=wpl5or2vvura497mi5jp5q5a&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 01:59:09 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7906208f3828b4ee-OSL
access-control-allow-origin: *
age: 766
expires: 0
last-modified: Sat, 28 Jan 2023 01:46:23 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
access-control-expose-headers: X-Device-Type,X-Device-Name
cf-revalidated: Sat Jan 28 2023 01:46:23 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1674870983869
pragma: no-cache
request-id: feapi-9c7248b4-8da8-477b-b260-007d4f1e25d8
x-device-name: Other
x-device-type: desktop
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
194.135.87.97
142.250.74.132
37.252.171.52
104.18.70.113
2.18.172.207
37.157.4.25
185.29.134.244
45.8.106.138
54.73.239.30
104.85.191.64