Report - thechance.site/id/wheel2/indosat

Report Overview

Submitted URL
thechance.site/id/wheel2/indosat
IP
212.237.233.86
ASN
#212531 UAB Interneto vizija
Submitted
2023-01-04 22:03:10
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
6
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
pixel.mathtag.com	1199	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	3.6 kB	2.18.172.207
sync.mathtag.com	427	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	641 B	185.29.132.241
voices-kerence.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	863 B	18.193.209.105
wzb-bc-7s.lptrak.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	720 B	1.4 kB	95.101.10.90
sb2widgetsstatic-altenar2.biahosted.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	115 kB	34.120.135.117
logs-01.loggly.com	5969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	291 B	54.236.68.122
match.prod.bidr.io	503	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	801 B	627 B	54.76.69.248
wazamba.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.1 kB	28 kB	45.8.107.169
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
wazamba100.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	550 B	385 B	45.8.106.138
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.70.121
faf4c79a-ee58-4629-85e8-c0f96ed9fa7d.seondnsresolve.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	461 B	1.2 kB	143.204.55.56
sb2integration-altenar2.biahosted.com	320079	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	9.6 kB	104.22.9.90
secure.adnxs.com	396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	2.0 kB	185.83.142.19
rec.smartlook.com	17636	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	767 B	1.2 kB	185.76.9.24
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	74 kB	216.58.211.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	148 kB	142.250.74.74
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	72 kB	172.217.21.168
thechance.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	727 B	740 B	212.237.233.86
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	2.1 kB	104.18.20.226
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	1.2 kB	216.58.207.228
d3mi6d1ao3fzsg.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	777 B	68 kB	54.230.245.231
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	21 kB	142.250.74.14
static.zdassets.com	2154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	10 kB	104.18.70.113
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	681 B	139.45.195.8
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	494 B	32 kB	142.250.74.35
ak.lanopoon.net	167854	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	769 B	2.3 kB	95.101.10.27
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	632 B	54.230.111.39
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	42 kB	34.120.237.76
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	760 B	558 B	216.239.34.36
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	52 kB	54.230.111.75
joxi.imgsrcdata.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	361 kB	104.16.152.45
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	70 kB	143.204.55.96
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	3.1 kB	54.230.245.110
segment.prod.bidr.io	10225	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	929 B	875 B	52.215.107.176
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	37 kB	93.184.220.29
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	39 kB	151.101.129.229
zz.connextra.com	14652	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	29 kB	104.85.191.64
track.adform.net	3564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	3.5 kB	37.157.6.246
wazamba.zendesk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	205 kB	104.16.51.111

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-04 22:02:52	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-04 22:02:52	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-04 22:02:53	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-04 22:02:53	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-04 22:02:54	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-04 22:02:55	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-04	medium	thechance.site/id/wheel2/indosat	Phishing
2023-01-04	medium	thechance.site/id/wheel2/indosat/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (57)

	URL	Size	First Seen	Last Seen
	wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131	438 B	2023-03-08	2023-03-29
Pretty URL wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131 IP 45.8.107.169 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:11:30 Last Seen2023-03-29 23:27:46 Times Seen14 Hash cc7dd7952dfb1445bf4b0b8fa30b7eee 629fd78baf381c83be1149f304d0d358968d50be a7029307002c4d4596f42a33c246377bf94030a90e87134fa1605d83faa1993c Loading...

	wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131	327 B	2023-03-08	2024-01-03
Pretty URL wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131 IP 45.8.107.169 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:11:30 Last Seen2024-01-03 05:30:24 Times Seen74 Hash e7e1896596fc3cb3142e6da9d20d73f8 a7a1fe43a76195394e4db32db92da7681ae3e548 2476c3ed3b81598e3a4867e2ba0df32c4b356783b54c615ad994090770be198b Loading...

	static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11	23 kB	2023-03-07	2023-07-05
Pretty URL static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11 IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:26 Last Seen2023-07-05 14:48:33 Times Seen125 Hash 5cae6ce528dce0c327b2bcbaad459fdb 802aa044d8f09eb89502b5343a1623a5ab0c6c32 c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2 Loading...

	static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js	14 kB	2023-03-09	2023-03-12
Pretty URL static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:40:01 Last Seen2023-03-12 18:34:47 Times Seen1 Hash 0b77084bbe255e38dfc0511ed512b1b9 0b1751f636120a500727bcd09ac4488644933276 8cf9835ab8da9dfe9a2eeb14c12a3a1344f9e3bb0fb90bbb343e49454de8892f Loading...

	wazamba.com/joxi/js/boot/spaceship_wazamba.js?t=1672737240953	5.4 kB	2023-03-09	2023-08-03
Pretty URL wazamba.com/joxi/js/boot/spaceship_wazamba.js?t=1672737240953 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 05:42:52 Last Seen2023-08-03 03:45:06 Times Seen53 Hash 5adb2af3ece56147ac2465cd4e1d3a3f 371325bfe8b0a9db950b3bba55ea06be77a875e7 f222c7ccb99a3f663d45bff261d8890d9de0f04ed501f24900105637198c5ecd Loading...

	www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2	115 kB	2023-03-12	2023-03-12
Pretty URL www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:34:05 Last Seen2023-03-12 14:35:26 Times Seen1 Hash a3a6030c8968b4796163eadff2a63a75 a8990c8eb684b9f6265a1503165dc1705fcd7baa be59dbec846a3d3020538a160f2f12f130186fc6f83d97b3f7df2c71108df53b Loading...

	wazamba.com/joxi/js/v11.1.13/vendor.js	156 kB	2023-03-08	2024-04-21
Pretty URL wazamba.com/joxi/js/v11.1.13/vendor.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:11:30 Last Seen2024-04-21 15:32:19 Times Seen520 Hash 17500d7c07fd0fa3287a3703718f6fdb 793a482412e19f7a5698129b06e13dd3c9a72f52 cc3d5b0dc495b4ea206930c825d968fd785f4838d0aa81a0656ab70d5a59deca Loading...

	wazamba.com/en/api/v2/system/dragon.js	286 B	2023-03-08	2023-03-13
Pretty URL wazamba.com/en/api/v2/system/dragon.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:25:31 Last Seen2023-03-13 03:48:21 Times Seen1 Hash b66e9dd5e600c3a45664327f46b27f57 e39a1ffbfa04c8d94d02f4d25c4042d3e4c0e178 b7c27bab6978f2f759f2629a822c0c2d72453b523a5d850b8e004ba1742510e9 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MCXZLND	205 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MCXZLND IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:30:30 Last Seen2023-03-12 14:47:52 Times Seen1 Hash 8dfc87f7cc92abb18d54f67e1d37c912 97cec29922dc525e0811dd7a3c7466ba81f6ccfa a751eee8546982bf3c34f4077cf2e76e9b19ed3943c8b21a71ccb012ca003adc Loading...

	static.hotjar.com/c/hotjar-2021928.js?sv=6	8.6 kB	2023-03-12	2023-03-12
Pretty URL static.hotjar.com/c/hotjar-2021928.js?sv=6 IP 54.230.111.39 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:30:24 Last Seen2023-03-12 14:30:30 Times Seen1 Hash 9844a72e26e1589e217cd80842a09b5a 03ba21169fc794d5830587b101e09c889e4228b4 7cb9bda93e9fdfe34226e348ddc166189ac10a76dffa99988e2d71b01d30212b Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-81a3de7.js	207 kB	2023-03-08	2023-05-05
Pretty URL static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-81a3de7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:16 Last Seen2023-05-05 09:23:24 Times Seen661 Hash d366c0776c2bacba354d40e564c3d3e6 4d429b667f6483641baf9fef9f915f0f4a03f834 c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 10:33:25 Times Seen37018636 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unpkg.com/swiper@7.4.1/swiper-bundle.min.js	136 kB	2023-03-07	2024-04-18
Pretty URL unpkg.com/swiper@7.4.1/swiper-bundle.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:06 Last Seen2024-04-18 14:40:46 Times Seen1725 Hash 1ed8a578da9d411803b72fa1ed81b2a5 fbd23d0946e1635fc1a6b014727239a06610fddd 8954ae9654aea5d46a68bc5d91c063a3896a0d8a5927822049e4e06a4252b4a6 Loading...

	wazamba.com/joxi/js/v11.1.13/rx.js	144 kB	2023-03-08	2023-06-12
Pretty URL wazamba.com/joxi/js/v11.1.13/rx.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:11:30 Last Seen2023-06-12 19:02:15 Times Seen213 Hash 4a79952407c706d3f27322a8675028c3 e19138f9f38dce7108740ca16e431884ce95b26e 63085e6eb16b2150cc6d8fafdcecab09a45da0610d229fab3522990b7cd820f7 Loading...

	rec.smartlook.com/es6/init.bafede3143fc1e311f15.js	55 kB	2023-03-12	2023-03-12
Pretty URL rec.smartlook.com/es6/init.bafede3143fc1e311f15.js IP 185.76.9.24 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:54:04 Last Seen2023-03-12 15:07:42 Times Seen1 Hash 93d7dfbe4ffa071958cb1e3ff23712d0 e16bc3b3fe810f1f8431b4bbd1b00b3bb81a4fd7 ba49f6bf88e19959361ffaabe6160cb049b54c28f89576dfaf15d60480aff284 Loading...

	track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid	73 B	2023-03-07	2023-05-03
Pretty URL track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid IP 37.157.6.246 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:34 Last Seen2023-05-03 19:13:45 Times Seen118 Hash df7d49975fb5cdddf287dd8055176197 d2473ad18963e54a6ed4a6f13785ad4d2997aedf 5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv&co=aHR0cHM6Ly93YXphbWJhLmNvbTo0NDM.&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g42yihtjox6u	35 kB	2023-03-12	2023-03-12
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv&co=aHR0cHM6Ly93YXphbWJhLmNvbTo0NDM.&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g42yihtjox6u IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:30:30 Last Seen2023-03-12 14:30:30 Times Seen1 Hash 17ffd9fb46deb178abfac05417c12504 497a489e7d8e26deedbb0576d15d4b535dc24ed1 caed09a522e427272b64698ac94892276e5fe37fbd23ff78aed48881355bffd6 Loading...

	wazamba.com/joxi/js/v2/iban.js	7.5 kB	2023-03-08	2024-04-21
Pretty URL wazamba.com/joxi/js/v2/iban.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:11:30 Last Seen2024-04-21 15:32:19 Times Seen400 Hash 936ccf0f375ac1db8cbc6843f372fdf2 01b318d364ac61261174453c068d7bf7e190e375 da857007bc6a2bb991e782602d7f180aedbebe97346e293fa7efe8a33ddceca4 Loading...

	static.zdassets.com/web_widget/latest/classic/web-widget-8165-81a3de7.js	679 kB	2023-03-08	2023-03-29
Pretty URL static.zdassets.com/web_widget/latest/classic/web-widget-8165-81a3de7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:59:33 Last Seen2023-03-29 23:39:42 Times Seen171 Hash d519ea27f763cb6ec80aeec5b45213a7 25687d177681946b231273ea572440fcc1d09465 dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a Loading...

	wazamba.com/joxi/js/v11.1.13/jquery.js	306 kB	2023-03-08	2024-01-14
Pretty URL wazamba.com/joxi/js/v11.1.13/jquery.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:58:13 Last Seen2024-01-14 21:25:44 Times Seen465 Hash 0d0d9e75eb2d8c52f3aaa0af37a4ee12 b5aaa6269a3931e59c1b68880cab9790de9e507d 94e0435e4c7b7c88a86cd38b754aaed55f92906a9709ebfa66f32ab80e0777ca Loading...

	wazamba.com/joxi/js/v11.1.13/angular182.js	295 kB	2023-03-08	2023-06-12
Pretty URL wazamba.com/joxi/js/v11.1.13/angular182.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:13:41 Last Seen2023-06-12 19:02:15 Times Seen158 Hash 3ada2532198b7702dc7f98bc04b4bcf3 493836780f611bc25fd7365897ae25b12ffb80fc 870046e184063195fff50e88e1171c8ab84dd9bd0dba6fff69dd02d8fd74b1e7 Loading...

	wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131	357 B	2023-03-08	2023-03-29
Pretty URL wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131 IP 45.8.107.169 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:11:30 Last Seen2023-03-29 23:27:46 Times Seen14 Hash e6e70a3c4b29d44a5c63433288da89b1 7a423b6413588f70f78b067b36bb7fbab903b777 f63aad16cbc79ea46e2041fd77e31ceb40f0ef7273b747d47e06d38349d89290 Loading...

	rec.smartlook.com/recorder.js	3.1 kB	2023-03-12	2023-03-12
Pretty URL rec.smartlook.com/recorder.js IP 185.76.9.24 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:54:04 Last Seen2023-03-12 15:07:42 Times Seen1 Hash 9c53a1e3cd5f4d29d58a66c7c767bcb2 ec286c42f857c5e6a45cdd61afe2269402edad11 8d20e992c37179d2f4155bd522d5b8504b7aeedb34d33068b03e288ee9c20bde Loading...

	static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js	504 kB	2023-03-09	2023-03-12
Pretty URL static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:40:01 Last Seen2023-03-12 18:34:47 Times Seen1 Hash c296a94da281fc44d57ec8f4e4cfb0fa a52f14e668ce5f66838e3578c03b738b9a000b86 217a6c6c8470831abbd71e72221d471f4bdc16787537a206d2fb69fa43a60238 Loading...

	ak.lanopoon.net/4/5087048?var=ed_error	929 B	2023-03-12	2023-03-12
Pretty URL ak.lanopoon.net/4/5087048?var=ed_error IP 95.101.10.27 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:30:30 Last Seen2023-03-12 14:30:30 Times Seen1 Hash 26cd7d7311ddce93c5f7427f96ff7049 d69575980457c30cfe579a6be0997141a7975cbb bac82558882ca2b40abe6d2ad000fdcb7710ced367abd41629b4133664db3615 Loading...

	wazamba.com/js/module.js?t=1672737240953	7.2 kB	2023-03-08	2023-03-14
Pretty URL wazamba.com/js/module.js?t=1672737240953 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:11:30 Last Seen2023-03-14 03:53:20 Times Seen1 Hash 1a06aac7cea1e51c7bad7dba3feadb7d 8180f2767b1e8098aa499f41d81dece627813a7b 95b828933c3326cbafa6bcc414bbec275e90e622757d37d2a70fa260f5f73bc9 Loading...

	www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js	413 kB	2023-03-09	2023-05-14
Pretty URL www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:01:54 Last Seen2023-05-14 04:54:45 Times Seen14 Hash 9766c890a2a7ca24558a3029fc4f9433 fbaeb9bb4481486ba863e612da0b883647fad54b a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11 Loading...

	static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js	208 B	2023-03-07	2023-05-05
Pretty URL static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:20 Last Seen2023-05-05 09:23:23 Times Seen312 Hash 659635f5ad1b6653645380f46aa42236 05b8901aa2dff5f67251c9cf655953080177a2d6 53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407 Loading...

	sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1672737240953	13 kB	2023-03-09	2023-09-26
Pretty URL sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1672737240953 IP 104.22.9.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 06:10:54 Last Seen2023-09-26 09:35:21 Times Seen50 Hash cec1cfff96ca7fdfa4def847e8cc33f9 e1d86977d125c835ca772cd9bb81deedab75abe6 5185d11d4e5853089f2edc4cf1302edb0344e98fec601c3762161453153d780d Loading...

	www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv	884 B	2023-03-09	2023-03-12
Pretty URL www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:04:46 Last Seen2023-03-12 14:59:01 Times Seen1 Hash 70a29de2e07c6a4009343d1b4c3b9212 9f558620327a85482efa935970481e92c409c1b1 0210536bcbfb88f6c778df093f2c458c3e170fb5bda4de2ac72f5b1e40e38872 Loading...

	www.googletagmanager.com/gtag/js?id=G-F5V35L3FQK&l=dataLayer&cx=c	212 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-F5V35L3FQK&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:30:24 Last Seen2023-03-12 14:30:30 Times Seen1 Hash f3a7ba9d8fb0b3e9687fcdaca4f3707d 3b007d2d6ae898bf617a777ac44eaba91cf443a5 fd73841711ec8b5fc50844ceb4200cccacabdc17218171d9cf577f6c3c92ccc0 Loading...

	d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.js	38 kB	2023-03-08	2023-03-13
Pretty URL d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.js IP 54.230.245.231 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:11:30 Last Seen2023-03-13 07:12:58 Times Seen1 Hash 7f4d3e7149cec9d4cef65539f7c767f3 6e3d447c6834967ccc335aa55a3cb849c648ffa5 b0465392ae22806156f2bd6d3569ce6397c0cfc2b5bb1cdc1c60ed6c05f4c79a Loading...

	wazamba.com/socket/socket.io.js	69 kB	2023-03-07	2024-04-21
Pretty URL wazamba.com/socket/socket.io.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:41 Last Seen2024-04-21 08:27:45 Times Seen415 Hash 2316d5f067a1f861d2565a592376fea3 a6560c8aed6fc7350e2ca96fcd98211bc18fc235 6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa Loading...

	pixel.mathtag.com/sync/iframe?mt_uuid=d93e63b5-f798-4100-bd99-49e741399f4e&no_iframe=1&mt_adid=256810&source=mathtag	643 B	2023-03-07	2023-03-17
Pretty URL pixel.mathtag.com/sync/iframe?mt_uuid=d93e63b5-f798-4100-bd99-49e741399f4e&no_iframe=1&mt_adid=256810&source=mathtag IP 2.18.172.207 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:42 Last Seen2023-03-17 12:46:46 Times Seen1 Hash dc6f1789f9271ac721dd1a4c46029089 5321f3beb6309a3a8d1cffc3314638418891f78c 4c0963c4a64be36b64d44218fc19d45763a6e8b122ce4085d07e020424e458ef Loading...

	static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js	26 kB	2023-03-07	2023-03-17
Pretty URL static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:43 Last Seen2023-03-17 12:46:35 Times Seen1 Hash 10d9a30eac6ed106c66673278428cd9d 2d6510b70e1ffdd89ba91f64ab6e5f2072167831 94e4c3b6896b0a02d7f59fec061ad80600f4487a0003effb51ac476ab964f0de Loading...

	wazamba.com/js/require.js?t=1672737240953	22 kB	2023-03-12	2023-03-12
Pretty URL wazamba.com/js/require.js?t=1672737240953 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:34:05 Last Seen2023-03-12 14:59:01 Times Seen1 Hash 2beafd93aa845d557ad3c07de97ee9d6 70c9d6bf8de69c77ef21c910448b569a32d43e17 616caf624c4bf10e6f7cc67bb2bc270a63fb2ceb72092483a8636ed36f301a9a Loading...

	b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js	3.2 kB	2023-03-12	2023-03-12
Pretty URL b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js IP 54.230.111.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:30:30 Last Seen2023-03-12 14:30:30 Times Seen1 Hash c7b8c1e43c09dfd99264dcd527f1f9d2 acd5a73766a2466956db7e3ad3b217a18096bf26 aaea75a4ee42004628e6ee743969ec6978448a999045e9483fcaedc857ee7ae0 Loading...

	wazamba.com/joxi/js/boot/dictionary.js?t=1672737240953	2.9 kB	2023-03-10	2023-03-12
Pretty URL wazamba.com/joxi/js/boot/dictionary.js?t=1672737240953 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 02:37:20 Last Seen2023-03-12 17:42:35 Times Seen1 Hash 8e9987581dacf1b6d61efe2084099fe2 17e9676133bde98ef3626635d6e0bdb2f5df49e4 977245b117de74471f337b56f6d12421969d278677f36e4c732bf0fbba8edae9 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv&co=aHR0cHM6Ly93YXphbWJhLmNvbTo0NDM.&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g42yihtjox6u	69 B	2023-03-07	2024-04-23
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv&co=aHR0cHM6Ly93YXphbWJhLmNvbTo0NDM.&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g42yihtjox6u IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-23 09:19:52 Times Seen99246 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	wazamba.com/templates.js?t=1672737240953	575 kB	2023-03-12	2023-03-12
Pretty URL wazamba.com/templates.js?t=1672737240953 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:34:05 Last Seen2023-03-12 14:59:01 Times Seen1 Hash 1944931b06b932add357ac497a442150 710727cb0bae075d9dc00db1c966c07c3de8a557 218c7903e0ccb328b0423bf8c2174e210a24109e1d2c344484b67d9b21857d34 Loading...

	wazamba.com/joxi/js/crab/sdk/launch.v2.js?t=1672869771604	1.5 kB	2023-03-10	2023-03-13
Pretty URL wazamba.com/joxi/js/crab/sdk/launch.v2.js?t=1672869771604 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 03:24:50 Last Seen2023-03-13 00:47:04 Times Seen1 Hash 9fe82b512eaafcadf405b4e73da74d49 35444b38108d3015fe046321f45654afaed3df38 0d5e9d04cebfd9c777a22dd3285042a690fec8bdcb136351b95120c4d167728e Loading...

	zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage	47 kB	2023-03-08	2023-03-29
Pretty URL zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage IP 104.85.191.64 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:11:30 Last Seen2023-03-29 23:27:46 Times Seen14 Hash 84d7885e26f63ff6247e2b06ef1c38e1 8ec1161ad104141fe300ee452a84aa14267ddebf 5d56a8db893e67214c5f05276bea18bf684b7a62f108c7fdaec1101987a8b78a Loading...

	pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=	1.5 kB	2023-03-12	2023-03-12
Pretty URL pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= IP 2.18.172.207 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:30:30 Last Seen2023-03-12 14:30:30 Times Seen1 Hash 5a60620cf777f8aedb92adbfe7f052b8 b323c6138e81239e74b9586a978598f3c8a13a18 e9ac0233c48a17fc75659f04dde3687825ac06bd2d8967193e798e024f59fba4 Loading...

	cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js	147 kB	2023-03-08	2023-08-16
Pretty URL cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:25:23 Last Seen2023-08-16 22:43:19 Times Seen171 Hash c7f58ffb3382c703e7a844c56c1e7bd2 f0b8dbe7c7d37227fdb8de965f5922da95c8466d 6d40a68ee2c7db0c92336d4b020a40430e1989090120d33984db6d4df5b9a855 Loading...

	wazamba.com/joxi/js/v11.1.13/gsap.js	186 kB	2023-03-08	2023-06-12
Pretty URL wazamba.com/joxi/js/v11.1.13/gsap.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:11:30 Last Seen2023-06-12 19:02:15 Times Seen85 Hash a1eae9541beabd6dfece705abb29e055 1fcd8817929f30a006f0972b4cfed114cc54317a ec8dcb2fbf6d3e6e2fb1f73b472a3835abacbc457b5aae2e12e7169d6e6614e8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1d8533a4fb344159c56557e4adea0c82	16 kB	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash 1d8533a4fb344159c56557e4adea0c82 866ad1804bc5f2cd4cd95e73a0684b33b70a13d1 b2114ca8069486d06bb9a9a5f5547e7cfe4fe5ef5447857d285247e2d41bf138 Loading...

	#2 Eval - f17da402be637e58f3ed8aa5c2d3e204	15 kB	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 14:30:30 Last Seen2023-03-12 14:30:30 Times Seen1 Hash f17da402be637e58f3ed8aa5c2d3e204 b42750856d88ed8ce5450ad36585a75a5670a788 e0d1eba29d825e4b2dfa64ac11167abe3ae52cb3609f676f2735e09ab6b49e98 Loading...

	#3 Eval - ce82b9c5e2dee28e0b0886f8c5ba6ebd	79 B	2023-03-08	2024-04-21
Pretty Observations First Seen2023-03-08 22:11:30 Last Seen2024-04-21 15:32:19 Times Seen372 Hash ce82b9c5e2dee28e0b0886f8c5ba6ebd d2a87d147ef58e7e13da37d4196f4d36c0507566 7fa48c8b9bc44b31ad198428298922bbb7f6d9025e4219548f7db88ce37cce2d Loading...

	#4 Eval - 9027de80c706edfca79202845a6c7552	22 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash 9027de80c706edfca79202845a6c7552 2c1e881e00159b49b7b241bd17f93c1788773d2a 77363f7986be93a204a91ba121d26532ec35e7bc651b2cbd5ebf69096ed33f78 Loading...

	#5 Eval - d276a813167b497c4a90d8fd4821c67b	64 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash d276a813167b497c4a90d8fd4821c67b 49c6aeaf4992e439e2b89ff75e95f90c685fb815 115c2cd05cb70229863899ca2e056679642ce900998f36d057f93d4c40332a56 Loading...

	#6 Eval - 3546a3cbd082296d178d798889142a9d	22 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash 3546a3cbd082296d178d798889142a9d 79a87def07861d9335bd36a9f5a15e653acf882e 394d9c39a1fb60f7b8bc78d73d3bfde8cba8a5e839a15101f37fe539d8983623 Loading...

		Size	First Seen	Last Seen
	#1 Write - cda5be5e8dbddacf3f49dfdaf2aa0783	172 B	2023-03-08	2023-03-29
Pretty Observations First Seen2023-03-08 22:11:30 Last Seen2023-03-29 23:27:46 Times Seen14 Hash cda5be5e8dbddacf3f49dfdaf2aa0783 8c8d684a4b00ce772da5645d39b2a12556c599a8 3995b0be2aa43760a90c5714f26da1f6c33d9d7a5130eb9aee1d534af9cf469a Loading...

	#2 Write - af918ebb1eb182b5a0d5cebbf2a0c12e	228 B	2023-03-08	2023-03-29
Pretty Observations First Seen2023-03-08 22:11:30 Last Seen2023-03-29 23:27:46 Times Seen14 Hash af918ebb1eb182b5a0d5cebbf2a0c12e 90d68de49cb948346d4c9164071a56ede3714ca0 e386c5030ef24d51c8b38274cd25f206765fff7328222a64ec2b8c03fa6a185c Loading...

	#3 Write - 605fc91cfccf4e72af0c38051ece7c72	147 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:28:42 Last Seen2023-05-06 00:11:34 Times Seen79 Hash 605fc91cfccf4e72af0c38051ece7c72 f001853e5f4efdaca5e86af7bb73a818f519f05c d9a659e344fc1b019f5857ebabb9f774aaf9dc6541e725593412c3a5fc9b068b Loading...

	#4 Write - fc1be604b162de892a149b40fbbeed0b	226 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:28:42 Last Seen2023-05-06 00:11:34 Times Seen89 Hash fc1be604b162de892a149b40fbbeed0b 73a73ccb81fb66bd2b49936e2d85cf7a49031adc 6303ed4a7c8859b4def4e26273466612559fa8a79269a5586b8471a3c27a63f5 Loading...

	#5 Write - be697b6dfc757d76713a72a0aced3741	190 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:06:21 Last Seen2023-05-06 00:11:34 Times Seen161 Hash be697b6dfc757d76713a72a0aced3741 6ebc97158e27218a733b71e28bab1d52c30c2afb 743f6492a5beb847167322304f93922a25b48b4fda556b6039418e53930e9df1 Loading...

HTTP Transactions (106)

URL IP Response Size

thechance.site/id/wheel2/indosat

212.237.233.86

301 Moved Permanently

248 B

URL HTTP/1.1
thechance.site/id/wheel2/indosat
IP
212.237.233.86:0
ASN
#212531 UAB Interneto vizija

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
248 B (248 bytes)
Hash
fbf6822e27a50aedb6ff60f2113d6e65
d9d4fd34c698a20f1a035a992d4be8d4f92e5f3a
009eac9797ffeeaf8f2a881beb5f8eb85bc1187dbee8d314b09e5b542ef248b0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /id/wheel2/indosat HTTP/1.1
Host: thechance.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 04 Jan 2023 22:02:58 GMT
Server: Apache
Location: http://thechance.site/id/wheel2/indosat/
Content-Length: 248
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11396
Expires: Thu, 05 Jan 2023 01:12:54 GMT
Date: Wed, 04 Jan 2023 22:02:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4848
Expires: Wed, 04 Jan 2023 23:23:46 GMT
Date: Wed, 04 Jan 2023 22:02:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7903
Expires: Thu, 05 Jan 2023 00:14:41 GMT
Date: Wed, 04 Jan 2023 22:02:58 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 04 Jan 2023 21:36:23 GMT
content-type: application/json
age: 1595
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: J2NAU/I3kBc4yrqojHnSB1vV7PE08EFDa3stY+GbAl29M4s7LfoN4xikTdQ6NfIQOvONvxdwxIqiGxVgZCa55A==
x-amz-request-id: DXZDASHPZW2EQAD1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 04 Jan 2023 21:59:17 GMT
age: 221
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

thechance.site/id/wheel2/indosat/

212.237.233.86

302 Found

0 B

URL HTTP/1.1
thechance.site/id/wheel2/indosat/
IP
212.237.233.86:0
ASN
#212531 UAB Interneto vizija

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /id/wheel2/indosat/ HTTP/1.1
Host: thechance.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 04 Jan 2023 22:02:58 GMT
Server: Apache
Location: //ak.lanopoon.net/4/5087048?var=ed_error
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 22:02:58 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ak.lanopoon.net/4/5087048?var=ed_error

95.101.10.27

200 OK

927 B

URL HTTP/1.1
ak.lanopoon.net/4/5087048?var=ed_error
IP
95.101.10.27:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (481)
Size
927 B (927 bytes)
Hash
7d44679823d09c13040988bf739231a7
76a5a583afa6f7323233d021fc94ed9ebbb9bbcb
d9d119b9f3100cfb86c4a7b5974503f2182eaa22b80c0953c6e85201360cdc96

HTTP Headers

GET /4/5087048?var=ed_error HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=67a38f6d1c914f5a85c70c792b4cae0a; oaidts=1672869577
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
X-Trace-Id: 05ae41c47b88116f8e54637f843516df
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
Expires: Wed, 04 Jan 2023 22:02:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 04 Jan 2023 22:02:58 GMT
Content-Length: 927
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: OAID=67a38f6d1c914f5a85c70c792b4cae0a; expires=Thu, 04 Jan 2024 22:02:58 GMT; path=/
oaidts=1672869577; expires=Thu, 04 Jan 2024 22:02:58 GMT; path=/

voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003727&visitor_id=634624451711078501&rdk=rk1

18.193.209.105

302 Found

0 B

URL HTTP/2
voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003727&visitor_id=634624451711078501&rdk=rk1
IP
18.193.209.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003727&visitor_id=634624451711078501&rdk=rk1 HTTP/1.1
Host: voices-kerence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e156c3f3-11b0-4914-affc-c6259ac63ded-v4=CO82wac0AmrpU6kwkkdfoGPzlMinV3xCUjf9wgz3dq8; cc-v4=m4YZejGiiZDI2BhTNiAT16pwDw0Fhi8P6RXZKs7e9lHH69SiuSh%2BxjN6svDPk91tFzrtbOfv6hTChDyPC7SGGglGkF5SoPgQOhE8UcVdhjoRCITT00pp5L2NsVQRTe6u6r3b7jgxppIZ4f5jo0m%2BnA%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 04 Jan 2023 22:02:59 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://wzb-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=waor4r4i2dactull2ekt3bdc
pragma: no-cache
set-cookie: e156c3f3-11b0-4914-affc-c6259ac63ded-v4=tBjuhAJ5pO-7ltdwma4xpmfX-TaF4a6IYgYd6DsS-8Q; Max-Age=86400; Expires=Thu, 05-Jan-2023 22:02:59 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=yJyfAsYCEN%2FwWyeZXczqsIZa50iTlFfOZPSHcBQZWDeZW1SpGjwlfQMXoNelo07hzOOaApYURB6vEOhPR1gyFJ%2BApwwkKAnyJ6%2BvSXx9TSvM%2BkAQOVbMNgeV%2FfhSx5jr6OF724S4R4eXJounIlhs6Q%3D%3D; Max-Age=31536000; Expires=Thu, 04-Jan-2024 22:02:59 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
631e8c7c595491975010d5f58e1fe35f
2a7ffcd480377c4fe4aa2fc34c9f2361bcf64173
43cfdbcae84f5c45c484f4f9c4f009f643d69b2c58b38f192670d84fc275d4e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43CFDBCAE84F5C45C484F4F9C4F009F643D69B2C58B38F192670D84FC275D4E7"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4096
Expires: Wed, 04 Jan 2023 23:11:15 GMT
Date: Wed, 04 Jan 2023 22:02:59 GMT
Connection: keep-alive

my.rtmark.net/img.gif?f=merge&userId=67a38f6d1c914f5a85c70c792b4cae0a

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=67a38f6d1c914f5a85c70c792b4cae0a
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /img.gif?f=merge&userId=67a38f6d1c914f5a85c70c792b4cae0a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Cookie: ID=67a38f6d1c914f5a85c70c792b4cae0a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 22:02:59 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=67a38f6d1c914f5a85c70c792b4cae0a; expires=Thu, 04 Jan 2024 22:02:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ak.lanopoon.net/favicon.ico

95.101.10.27

204 No Content

0 B

URL HTTP/1.1
ak.lanopoon.net/favicon.ico
IP
95.101.10.27:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=67a38f6d1c914f5a85c70c792b4cae0a; oaidts=1672869577

HTTP/1.1 204 No Content
Pragma: public
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=2592000
Date: Wed, 04 Jan 2023 22:02:59 GMT
Connection: keep-alive

wzb-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=waor4r4i2dactull2ekt3bdc

95.101.10.90

307 Temporary Redirect

0 B

URL HTTP/2
wzb-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=waor4r4i2dactull2ekt3bdc
IP
95.101.10.90:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=waor4r4i2dactull2ekt3bdc HTTP/1.1
Host: wzb-bc-7s.lptrak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a2052770%2c%22BID%22%3a5396%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1672869577670)%5c%2f%22%2c%22CookieTag%22%3a%2253962052770451240919C2023142159%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://wazamba100.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 04 Jan 2023 22:02:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 04 Jan 2023 22:02:59 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a2052770%2c%22BID%22%3a5396%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1672869577670)%5c%2f%22%2c%22CookieTag%22%3a%2253962052770451240919C2023142159%22%7d%2c%7b%22PID%22%3a1360468%2c%22BID%22%3a9131%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1672869779472)%5c%2f%22%2c%22CookieTag%22%3a%2291311360468451240919C202314222%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22568630379%7c1%22%7d%5d; domain=.lptrak.com; expires=Fri, 04-Jan-3022 22:02:59 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=41
X-Firefox-Spdy: h2

wazamba100.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131

45.8.106.138

301 Moved Permanently

0 B

URL HTTP/2
wazamba100.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131
IP
45.8.106.138:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131 HTTP/1.1
Host: wazamba100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Wed, 04 Jan 2023 22:02:59 GMT
content-length: 0
location: https://wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131
vary: Accept-Encoding
server: cloudflare
cf-ray: 784742fa79beb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 04 Jan 2023 21:08:11 GMT
age: 3288
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5345
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:02:59 GMT
Last-Modified: Wed, 04 Jan 2023 20:33:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1b242494a84974a1d863369f1040903d
8aea8d813b7baf4739d0d5b78a3dfcd45cdf8112
6dd1778114a6daffa1f598095c11f8824cd1dcf66012727ad6b94fd4548e3c51

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5554
Cache-Control: max-age=152672
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:00 GMT
Etag: "63b59343-118"
Expires: Fri, 06 Jan 2023 16:27:32 GMT
Last-Modified: Wed, 04 Jan 2023 14:54:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

push.services.mozilla.com/

54.148.70.121

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.70.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8C3eyMHwenJJmgb4cYPqHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3hYyx2M3k9oWByX3MDjZJRTNXgw=

cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js

151.101.129.229

200 OK

38 kB

URL HTTP/2
cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (38325 bytes)
Hash
0880c171f6c1061e1a2de7c892645c86
39b9c3eedf84507430791a2f17e03a4bc4b891be
e02180112a0dee98478682fa68ebef088ef1ca2cd3052ca783212478833151a3

HTTP Headers

GET /npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.9.38
x-jsd-version-type: version
etag: W/"23e2d-8Ljb58fTcif9uN6WX1ki2pXIRm0"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 04 Jan 2023 22:03:00 GMT
age: 5586344
x-served-by: cache-fra-eddf8230084-FRA, cache-bma1656-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 38325
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a430d46fb27196c8b03f382c1bafbb23
0b31940d1067eb87c24c6d356689d7f9f90231a6
3e9cd331b1c2c1eca94ff12ec1b685e1c1c1909e30e8b3cf4493dc6eac786df8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.7 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.7 kB (1651 bytes)
Hash
30583152fac958e84b31b8972dba747f
f1e1cbce1eccd9af04d86d61f8f5bcd6b651bedb
a46c596a207bc1629a7f0fb401439360301d81bbc3f42c34b58d2819a49b1096

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 22:03:00 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "6B4653D99CF1655498F2D1AED56F0B27634D560B"
Expires: Thu, 05 Jan 2023 09:00:00 GMT
Last-Modified: Wed, 04 Jan 2023 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2362
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784742fe1f5cb4e8-OSL

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

6.4 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
6.4 kB (6390 bytes)
Hash
0a0266120add51086cec17a1f8978409
02c6e39a31f41f104b0e11fdc7daa00ab23f21ea
6680c7fa9b1e92b25902ed6030eeca6312f8afebec87bbfa93ce33086324c817

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

53 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
53 kB (52767 bytes)
Hash
d273b8b8b9bc0e4aec32c0ecc3245850
dc24307d97be76ec1e2227995a9d9205be563067
29fd4d76093094f02b173c9946b0b9a2b965b8019abd96ef7b5b7f80c6aa97ac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext

142.250.74.74

200 OK

52 kB

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
52 kB (51602 bytes)
Hash
d641fed4ce6ecacb97c579d25b89558f
c5dca2fc5da74b30d94cb3e90a3b04a982c2295f
9745c9b60f7ffd4ffe5de11ee51a3ecc65021efcf70a6ee2e0e1b4b24c55c88e

HTTP Headers

GET /css?family=Montserrat:400,500,600,700,800,900&amp;subset=cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 22:03:00 GMT
date: Wed, 04 Jan 2023 22:03:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Pacifico&display=swap

142.250.74.74

200 OK

94 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Pacifico&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
94 kB (93690 bytes)
Hash
ef42eda27d4d056bbf76475f819790f8
d6040af58e22e3d791b548c0b296fb052864c831
767c9f6a9cf189b20d27ffab79d6449dc63c7a0c8b58cf5fe7add19190d8e292

HTTP Headers

GET /css2?family=Pacifico&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 22:03:00 GMT
date: Wed, 04 Jan 2023 22:03:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-MCXZLND

172.217.21.168

200 OK

71 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (10683)
Size
71 kB (71126 bytes)
Hash
d20ba395e50c1136b18e32896d0c0275
ba86805f06196d43091d98863f23051c2ef0ab02
9bca550b9d8847082a0986a797e374dcc6ccb07a1017f30f9929106245e9fc4c

HTTP Headers

GET /gtm.js?id=GTM-MCXZLND HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 04 Jan 2023 22:03:01 GMT
expires: Wed, 04 Jan 2023 22:03:01 GMT
cache-control: private, max-age=900
last-modified: Wed, 04 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71126
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1672737240953

34.120.135.117

200 OK

114 kB

URL HTTP/2
sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1672737240953
IP
34.120.135.117:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (64976)
Size
114 kB (114295 bytes)
Hash
845a17d89140d3a3f5c618d3ac4fd02d
0a1e7b9f5dcc0426affd02e38696e232c14fe3f9
cb2e5cdda2c9402bc52d63044e286abe925cd5d1de7121ef8621cf503a3e75a5

HTTP Headers

GET /altenarWSDK.js?build=1672737240953 HTTP/1.1
Host: sb2widgetsstatic-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtaXWXJczEtwusJeamaKE88p5VAFOvLZQLzrygi4A2iwUvYAkum3JDkzW22gr1pF4h2fALGp_cbp7pVDAzeQzdy
x-goog-generation: 1672123526502985
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 114295
x-goog-meta-goog-reserved-file-mtime: 1672123508
content-encoding: gzip
x-goog-hash: crc32c=SKtaIQ==, md5=hFoX2JFA06P1xhjTrE/QLQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 114295
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Wed, 04 Jan 2023 22:03:01 GMT
expires: Wed, 04 Jan 2023 22:03:01 GMT
cache-control: no-cache,max-age=0
age: 0
last-modified: Tue, 27 Dec 2022 06:45:26 GMT
etag: "845a17d89140d3a3f5c618d3ac4fd02d"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5235
Expires: Wed, 04 Jan 2023 23:30:16 GMT
Date: Wed, 04 Jan 2023 22:03:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5235
Expires: Wed, 04 Jan 2023 23:30:16 GMT
Date: Wed, 04 Jan 2023 22:03:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5235
Expires: Wed, 04 Jan 2023 23:30:16 GMT
Date: Wed, 04 Jan 2023 22:03:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5235
Expires: Wed, 04 Jan 2023 23:30:16 GMT
Date: Wed, 04 Jan 2023 22:03:01 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
20f48f0bf82a790a4257502d9e87f814
29f465ed3d1ca732eae70c5aae1a6d3321e20560
b9a503261aad67d26e4f1cc40c7c0d6119cf171146e48bf5263b049dc245d6ab

HTTP Headers

POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13546 bytes)
Hash
235b1a6e2b61b3068bf7a8e7a2607634
0df6f090574996e472064765c6f27b6b8e012414
6e6061581018dc0ec494631e7861cf2e44f82ac94d1b0056679555ff6dae5f8e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13546
x-amzn-requestid: 6758cca7-bc06-43dd-8545-3e05aa760218
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3p7GYjIAMFw7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49fd8-038317190f3df26f13c9d961;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:36:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bd9lXnkYfZ28KrtDdZfx0VFZtXhau4MXsyxh1gyirwjurN6NEQ7psQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:54:34 GMT
age: 507
etag: "0df6f090574996e472064765c6f27b6b8e012414"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
7.6 kB (7649 bytes)
Hash
24f815a42df3f5d19166e8a02973ed25
8c4b3ce40b3b84f72328a897ecc8eb94a6b5db2d
c5a8e278e02cd5424d86d071b0b7d4fc2faaa04b13bcfe3a53b4f8c90ac90ff7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7126
x-amzn-requestid: 48f19ee3-5b35-438b-b088-91297ef2c816
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eMUhEG5wIAMFu5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4ce06-08436eaf7f54288c4a258770;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 00:53:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z3YUeSR6ZBHfxf2lswIkBhlBSdSuwLkDx60bSkYA2MVUqnsvUHkfkg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 05:08:25 GMT
age: 60876
etag: "34b2acc4195a5e36f0acbd10669219c7ef14a5fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8148 bytes)
Hash
0f7ef195ef59caf6b47f13ceae04987f
dbff30aac035b502e27a3a538dbdfd475d3fc1d4
b31c198d6b76827201a870da6f9fe9b28c2cffe0d3f7f3d8e0530223ea8fc9d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8148
x-amzn-requestid: 7712cf7e-ea08-47da-876a-ba70c723b68b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL33cHXsIAMFhhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a02f-3c965abb517a33ce31cbdf4c;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uewfbP4HGaxKGJvwzflOdcSEMBOoZGcED7HAVL1ohRso3plRPSJjjg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:50:18 GMT
age: 763
etag: "dbff30aac035b502e27a3a538dbdfd475d3fc1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8307 bytes)
Hash
c820340d5ed98c9573754e3a749bf40c
09d31b45d4cc16c4d321e616e5445d9ba921a1ba
2a69c58358ae763ddef6603f783d7d25c465ff4d3777e6bd540c1b673381813a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8307
x-amzn-requestid: 37c27710-0d63-49f5-b929-87fa6fc9d654
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eKbG0GL1oAMFZCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b40bc5-2a3a53235b7c4f9c21dcb51e;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 11:04:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SEpv7jTgKBOEfRLOfLuDOmiadNqYRsIFfVthmVndwcA55BGXLYTV5Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 03:33:07 GMT
age: 66594
etag: "09d31b45d4cc16c4d321e616e5445d9ba921a1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1672737240953

104.22.9.90

200 OK

9.2 kB

URL HTTP/2
sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1672737240953
IP
104.22.9.90:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
9.2 kB (9234 bytes)
Hash
2ff5e5d5e50822517437bddd4d791e40
b6292ee54ac7846969da658951dcd043cb8dc934
ebfb00b67f89a59690a6023bd12b8800e40f3c58a459e636bc549c92e7582766

HTTP Headers

GET /api/Integration/wazamba?build=1672737240953 HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:01 GMT
content-type: text/plain; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78474304fd6efac8-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://fonts.googleapis.com/
Connection: keep-alive

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 07:08:09 GMT
expires: Sat, 30 Dec 2023 07:08:09 GMT
cache-control: public, max-age=31536000
age: 485692
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a6cdf191deb0e291350d9d91d9ab97a7
fb82c911866268a7d33d2743dbe0328199c7121a
414acc6f6d050d52d88f9706e71d6a0e3eceb4dc41edcce74ec63eb63d8fb1cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv

216.58.207.228

200 OK

583 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
583 B (583 bytes)
Hash
dffa4cd32dff0a7f6d9f30e6aff1162a
40d06bc27f3c15a8e1ba50e59859cbb7f22a7795
e5336a1644148eb438c7c45abd4d7f41613f770989b0729ecf625a38f6942718

HTTP Headers

GET /recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
expires: Wed, 04 Jan 2023 22:03:01 GMT
date: Wed, 04 Jan 2023 22:03:01 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

6.9 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
6.9 kB (6899 bytes)
Hash
b45eda14f9c82cd05ea94cf7fe11a206
cef98f8cf3875848380ddf7a226f5015b657a775
6705d7bf38ffdb31c26a8cd679588ba384ab80e8fc5aea41413cc1797de94b97

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

faf4c79a-ee58-4629-85e8-c0f96ed9fa7d.seondnsresolve.com/

143.204.55.56

200 OK

633 B

URL HTTP/2
faf4c79a-ee58-4629-85e8-c0f96ed9fa7d.seondnsresolve.com/
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (633), with no line terminators
Size
633 B (633 bytes)
Hash
ac01dee49ec1d7c5f5fe5ccfd5735167
8a0fb13be98287996e03f42214820a9432f974a4
b70a45a7ffa0efc5fc8169953d0f0d637d7aa49747c0bb850b64210d18d476c0

HTTP Headers

POST / HTTP/1.1
Host: faf4c79a-ee58-4629-85e8-c0f96ed9fa7d.seondnsresolve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 6181
Origin: https://wazamba.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
content-type: application/json
content-length: 633
date: Wed, 04 Jan 2023 22:03:02 GMT
x-amzn-requestid: 69c84a0a-81b5-49b4-a19f-2d3a52694868
access-control-allow-origin: *
x-amz-apigw-id: ePOfkHQCjoEFZSA=
x-amzn-trace-id: Root=1-63b5f796-7000272d47447fe44aa8905b;Sampled=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Gb0-AOFdTjFUWUS5VI-fFhppNXakfm2A2fQTW32IDascjRiOItCcMA==
X-Firefox-Spdy: h2

d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.js

54.230.245.231

200 OK

49 kB

URL HTTP/1.1
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.js
IP
54.230.245.231:0
ASN
#16509 AMAZON-02

File type
data
Size
49 kB (48665 bytes)
Hash
ac2c73a4adacbd29981ef93c873a78e3
cc386a1f417f479f4fe63da925fda133b9a15bb8
de5e7a7a3e533d3d33665a7d92520306df1f144acfe6741117e9c827242f3997

HTTP Headers

GET /webpush/1/webpush.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 38381
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 12:25:30 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 04 Jan 2023 20:26:08 GMT
ETag: "7f4d3e7149cec9d4cef65539f7c767f3"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: clsk6zPQ0Uzl1PaQLXAJo9eHuLz_aznZNIAXlCj6SMIclT3GG895Iw==
Age: 5815

d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.css

54.230.245.231

200 OK

19 kB

URL HTTP/1.1
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.css
IP
54.230.245.231:0
ASN
#16509 AMAZON-02

File type
data
Size
19 kB (18562 bytes)
Hash
7149c42359776d44aa51a189463731c2
b741614a890f0aae36a9a2b471ce5bb44b2f04f3
7b5e7f1b57ef767c972650c5e12dd010b4ebef166b75f2f4ca3ba8d4a2078875

HTTP Headers

GET /webpush/1/webpush.css HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 16571
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 12:25:29 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 04 Jan 2023 10:59:13 GMT
ETag: "14e2bc37863315233df178043f69a7c6"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uuzRjSGe4D0PWBuUtzMoXKAdx-TlMv1dPoAo9Q61kr8981_hS2nZjw==
Age: 39830

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5b242a40836c36d69bdbb701f10a29a8
4cd6b65adca7e693565a00c3c96c1aa216f64a43
2a6bf956d4d46d4e993c6de713d4b74de8963132e316727ef060a559f792b26e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2616
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:02 GMT
Last-Modified: Wed, 04 Jan 2023 21:19:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage

104.85.191.64

200 OK

27 kB

URL HTTP/2
zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
IP
104.85.191.64:0
ASN
#16625 AKAMAI-AS

File type
data
Size
27 kB (26892 bytes)
Hash
dbf39b8ac032f4162f4607d983657c2f
629d48bb67fc2e0ff3ec6aad2304da0eddcb3309
35ea1b732f4677a2d4e9f3796494ec08606f9673042d09728cf1a0e582911f92

HTTP Headers

GET /dcs/tagController/tag/6db8c7e6cdeb/landingpage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-length: 16608
server: istio-envoy
content-encoding: gzip
x-envoy-upstream-service-time: 3
vary: Accept-Encoding
cache-control: must-revalidate, max-age=241
expires: Wed, 04 Jan 2023 22:07:03 GMT
date: Wed, 04 Jan 2023 22:03:02 GMT
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
data
Size
20 kB (20190 bytes)
Hash
69d0b95cadd8d8e2f6f37c55d257503c
2dd10a6ff334ed4fe9b12f9cf5d647e33dbc0b07
37d192c7b44de2f82900c8f9ca3f905f083bb499bc341c164f238389a22b5139

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 04 Jan 2023 21:34:02 GMT
expires: Wed, 04 Jan 2023 23:34:02 GMT
cache-control: public, max-age=7200
age: 1740
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid

37.157.6.246

200 OK

3.1 kB

URL HTTP/2
track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
IP
37.157.6.246:0
ASN
#198622 Adform A/S

File type
data
Size
3.1 kB (3054 bytes)
Hash
9980b8402faa9d78a0cf0b01655d283c
4a1f0e25ad0324a8f79b782cb3cd583748fbc87b
d3e702785367723a691933a7d349f1f4139247d707db619a14888f4af9509002

HTTP Headers

GET /Serving/Cookie/?adfaction=getjs;adfcookname=uid HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 22:03:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

30 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
30 kB (29824 bytes)
Hash
c3d9baf079590c31ba88c55c0db23874
8ba2b1a0eef3ab7ac09a195b9521de8750a5702f
ab449464d6de6f99a66222e5fec394dc287adaa7ffe9f27232d7b705400473e3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 855
Cache-Control: max-age=144722
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:03 GMT
Etag: "63b58692-118"
Expires: Fri, 06 Jan 2023 14:15:05 GMT
Last-Modified: Wed, 04 Jan 2023 14:00:50 GMT
Server: ECS (amb/6BC1)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
18d87eae0f6a96d5f701448754b1e6b6
672a39df5e3711d8ae5bebdfb493121e0693f63d
cae29249a075b9935113bac73da5fe6d2b1d1b7599b291b86424056250588681

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4627
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:03 GMT
Etag: "63b58692-118"
Last-Modified: Wed, 04 Jan 2023 20:45:56 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

1.6 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
Applesoft BASIC program data, first line number 91\012- data
Size
1.6 kB (1552 bytes)
Hash
7852555dba78a120fdca8d3b1c618d34
cddc6ae5b89319abf875c8dd65f18f10d6764fab
1b9b79e35766af95572ac1eb7fe842d6207a424bdb1a23d1060cd8fc469d035e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 856
Cache-Control: max-age=144722
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:03 GMT
Etag: "63b58692-118"
Expires: Fri, 06 Jan 2023 14:15:05 GMT
Last-Modified: Wed, 04 Jan 2023 14:00:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11

104.18.70.113

200 OK

7.2 kB

URL HTTP/2
static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (23416), with no line terminators
Size
7.2 kB (7246 bytes)
Hash
f35198556f0a876c2e0489950878b06b
b909d1d5c567d17febf3e5e3121ead39be057062
e51c07fef76a59a439502e4c1324902fdd878e9f5ea79557795d8490c3f225f6

HTTP Headers

GET /ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:02 GMT
content-type: application/javascript
x-amz-id-2: 2vczt6VEQAujZh2Sn1saK7Q0yPHQMRKRQuuC+kOwLnJ40itjD1HXfy2Id85tVz8wD4O1ArN10VQ=
x-amz-request-id: 4MARQ9YY8PDZ70A8
x-amz-replication-status: PENDING
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 26
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw9ERoh1Iv4NBPcERmR01G8OPRuz8pVpB6DTW%2BagZu1gsGPE7%2F%2BU3ZMVNUkPkJS4eQ%2FsLSfrzfNJeBGzCgkOF2XKg2btYE%2BCCjHjBA%2FOYTswX9NAtyCd2gIui1b0Lx8DL%2BQ1T7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7847430d38e6b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png

104.16.152.45

200 OK

28 kB

URL HTTP/2
joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
IP
104.16.152.45:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
28 kB (28536 bytes)
Hash
caf2e885906d6d25e4bfb3fbd2048463
ea8c3be612ac1b3ee18dae469a4208388ca788b0
d2dec97fc0ea9d58d4426672070c3f09d5a714451fd2bacff2aef9258211aa35

HTTP Headers

GET /crab/startscreen/cash-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:03 GMT
content-type: image/webp
content-length: 28536
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=29855
content-disposition: inline; filename="cash-crab-logo.webp"
etag: "630f1da0-749f"
expires: Wed, 04 Jan 2023 20:53:05 GMT
last-modified: Wed, 31 Aug 2022 08:36:48 GMT
vary: Accept
cf-cache-status: HIT
age: 200626
accept-ranges: bytes
server: cloudflare
cf-ray: 7847430fecd10b4d-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
18d87eae0f6a96d5f701448754b1e6b6
672a39df5e3711d8ae5bebdfb493121e0693f63d
cae29249a075b9935113bac73da5fe6d2b1d1b7599b291b86424056250588681

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 415
Cache-Control: max-age=144282
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:03 GMT
Etag: "63b58692-118"
Expires: Fri, 06 Jan 2023 14:07:45 GMT
Last-Modified: Wed, 04 Jan 2023 14:00:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
18d87eae0f6a96d5f701448754b1e6b6
672a39df5e3711d8ae5bebdfb493121e0693f63d
cae29249a075b9935113bac73da5fe6d2b1d1b7599b291b86424056250588681

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5998
Cache-Control: max-age=149865
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:03 GMT
Etag: "63b58692-118"
Expires: Fri, 06 Jan 2023 15:40:48 GMT
Last-Modified: Wed, 04 Jan 2023 14:00:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png

104.16.152.45

200 OK

34 kB

URL HTTP/2
joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
IP
104.16.152.45:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
34 kB (33602 bytes)
Hash
db1d31533283422abf8460024b0fa333
12951c08fcc92366278ce2a006f5f257ed9d6f02
b3894f9a38d87b7cb97a3c72744b34540e2d7d1dce7b65ca0e4281eae643f05d

HTTP Headers

GET /crab/startscreen/bonus-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:03 GMT
content-type: image/webp
content-length: 33602
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35463
content-disposition: inline; filename="bonus-crab-logo.webp"
etag: "630f1d9d-8a87"
expires: Wed, 04 Jan 2023 20:18:27 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 200626
accept-ranges: bytes
server: cloudflare
cf-ray: 7847430ffce40b4d-OSL
X-Firefox-Spdy: h2

joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg

104.16.152.45

200 OK

125 kB

URL HTTP/2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
IP
104.16.152.45:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
125 kB (124920 bytes)
Hash
6d37ce026529f6dbc461f0a9e779ed52
ee72985a64bfbbe9259d251148d3b6636cf7c948
370323d75ec8339ce5c5e7bdc8dce370701bb98adc28c180b176fca76a40afd3

HTTP Headers

GET /crab/backgrounds/start-screen-desktop__animals.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:03 GMT
content-type: image/webp
content-length: 124920
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=152171
content-disposition: inline; filename="start-screen-desktop__animals.webp"
etag: "623b0046-2526b"
expires: Thu, 29 Dec 2022 18:35:52 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
vary: Accept
cf-cache-status: HIT
age: 1645795
accept-ranges: bytes
server: cloudflare
cf-ray: 784743100cee0b4d-OSL
X-Firefox-Spdy: h2

joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg

104.16.152.45

200 OK

150 kB

URL HTTP/2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
IP
104.16.152.45:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1080, components 3\012- data
Size
150 kB (150149 bytes)
Hash
1292a0631ae7d8704f8ca13b149fb57c
c98f5a6566a16a6eac69cc24fa12dbe3eb6e9b8f
02c32655984641c0f36fde93be7d8bf9c83ab69211f8ebf5e0ae94c2c7ddca8a

HTTP Headers

GET /crab/backgrounds/start-screen-desktop__balls.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:03 GMT
content-type: image/jpeg
content-length: 150149
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "623b0048-24a85"
expires: Thu, 05 Jan 2023 04:41:28 GMT
last-modified: Wed, 23 Mar 2022 11:11:04 GMT
cf-cache-status: HIT
age: 366622
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743101cfb0b4d-OSL
X-Firefox-Spdy: h2

joxi.imgsrcdata.com/crab/startscreen/promo-text.png

104.16.152.45

200 OK

21 kB

URL HTTP/2
joxi.imgsrcdata.com/crab/startscreen/promo-text.png
IP
104.16.152.45:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
21 kB (21081 bytes)
Hash
c221ef85ff737e70bcf29f2a9ab92001
2dc3b67767ec53504599e3f3467a25e8eb06b58c
abe21006bf4d8547f0427089cd8d605d57c452da6e33d0aeed21a92f40cf31f8

HTTP Headers

GET /crab/startscreen/promo-text.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:03 GMT
content-type: image/webp
content-length: 20300
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=21490
content-disposition: inline; filename="promo-text.webp"
etag: "630f1d9d-53f2"
expires: Tue, 10 Jan 2023 05:14:35 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 200626
accept-ranges: bytes
server: cloudflare
cf-ray: 784743101cfe0b4d-OSL
X-Firefox-Spdy: h2

script.hotjar.com/modules.352fddba5b21bbfc3a08.js

143.204.55.96

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.352fddba5b21bbfc3a08.js
IP
143.204.55.96:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48638)
Size
69 kB (68894 bytes)
Hash
3256c76707175033b83ffe82f89b32ec
d33e93f001d08e0449fde66b60493900f8f5c62e
cdb9b4030412de584b24a407d6186cd5971df1b3fb3168d819c8d9b9e5927bdf

HTTP Headers

GET /modules.352fddba5b21bbfc3a08.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
content-type: application/javascript
content-length: 68894
date: Thu, 22 Dec 2022 08:07:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3256c76707175033b83ffe82f89b32ec"
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TuSu3xebgTvFC9vgXSLlxmCqUVHR4wkve1qnrIt147YXWwo4Ar2qjg==
age: 1173358
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
974e444c7b66a760e0fdec04b8bebb82
23d1de086afcfbdedbd5c60fcef69c88b840b448
458cf84b0a13820b027dfeafe101e87d2cc692fc998dc0347268df5afd816aca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK&gtm=2oebu0&_p=1385990742&_gaz=1&cid=410186603.1672869569&ul=en-us&sr=1280x1024&_s=1&sid=1672869569&sct=1&seg=1&dl=https%3A%2F%2Fwazamba.com%2Fno%2Fseasons%2Fchristmas%3Fbtag%3D658915_7308AE6F482A47EAB48850B80275DB34%26clickid%3Dwaor4r4i2dactull2ekt3bdc%26MSID%3D1360468%26BID%3D9131&dt=&en=page_view&up.Acc_Id=Not%20Login

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK&gtm=2oebu0&_p=1385990742&_gaz=1&cid=410186603.1672869569&ul=en-us&sr=1280x1024&_s=1&sid=1672869569&sct=1&seg=1&dl=https%3A%2F%2Fwazamba.com%2Fno%2Fseasons%2Fchristmas%3Fbtag%3D658915_7308AE6F482A47EAB48850B80275DB34%26clickid%3Dwaor4r4i2dactull2ekt3bdc%26MSID%3D1360468%26BID%3D9131&dt=&en=page_view&up.Acc_Id=Not%20Login
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-F5V35L3FQK&gtm=2oebu0&_p=1385990742&_gaz=1&cid=410186603.1672869569&ul=en-us&sr=1280x1024&_s=1&sid=1672869569&sct=1&seg=1&dl=https%3A%2F%2Fwazamba.com%2Fno%2Fseasons%2Fchristmas%3Fbtag%3D658915_7308AE6F482A47EAB48850B80275DB34%26clickid%3Dwaor4r4i2dactull2ekt3bdc%26MSID%3D1360468%26BID%3D9131&dt=&en=page_view&up.Acc_Id=Not%20Login HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Wed, 04 Jan 2023 22:03:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

secure.adnxs.com/seg?add=31078906&t=2

185.83.142.19

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=31078906&t=2
IP
185.83.142.19:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=31078906&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 04 Jan 2023 22:03:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
AN-X-Request-Uuid: a8d0e8a4-dd44-4ecb-a58d-852a3a031c57
Set-Cookie: uuid2=2126185064057140197; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 04-Apr-2023 22:03:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2

185.83.142.19

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
IP
185.83.142.19:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D31078906%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 04 Jan 2023 22:03:04 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 397c7e92-12e4-4a62-867d-47febfba43fc
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVHm^U'o!]tbP6j2F-XstGt!@D]p$j3o:; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 04-Apr-2023 22:03:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
62d0ac5f02419d294f88376eea5a9b83
123e27572b1066251f8b2074796ad6bfd63f634f
728d60aa82584f04f0913a205168d89dba43cfc95014c01c630808644d763b3b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136819
Date: Wed, 04 Jan 2023 22:03:04 GMT
Etag: "63b56210-1d7"
Expires: Fri, 06 Jan 2023 12:03:23 GMT
Last-Modified: Wed, 04 Jan 2023 11:25:04 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9W0ZgNP_01lXewTYGZT2XWF6esP_7RdCU02G9VzgwYC9ASo3rQ4sqg==
Age: 2299

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b46060cb5c5d2269611888c255476fa6
fc0306421d5dd073b165a248714c9547e63f22d0
c6a6daff2a10f37cbd4496deedf734e9c0c4bd0d01512ec6bbb08166400245a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87728
Date: Wed, 04 Jan 2023 22:03:04 GMT
Etag: "63b49a69-1d7"
Expires: Thu, 05 Jan 2023 22:25:12 GMT
Last-Modified: Tue, 03 Jan 2023 21:13:13 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: e2yqy4iecW3RCvBDQTKylL3rv_ln7FkR_OvmXh_FaLijskjwCpTkZg==
Age: 4319

logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger

54.236.68.122

200 OK

19 B

URL HTTP/1.1
logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
IP
54.236.68.122:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
b5efa112ce475f8bf73086a68521ea2e
4c4e7a9e8feb3e4595b4baf2db4466df001afa61
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261

HTTP Headers

POST /inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger HTTP/1.1
Host: logs-01.loggly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 358
Origin: https://wazamba.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 22:03:04 GMT
Content-Type: text/html
Content-Length: 19
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP

pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=

2.18.172.207

200 OK

1.5 kB

URL HTTP/1.1
pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP
2.18.172.207:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
1.5 kB (1493 bytes)
Hash
5a60620cf777f8aedb92adbfe7f052b8
b323c6138e81239e74b9586a978598f3c8a13a18
e9ac0233c48a17fc75659f04dde3687825ac06bd2d8967193e798e024f59fba4

HTTP Headers

GET /event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1493
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master cdg-pixel-x30 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 04 Jan 2023 22:03:03 GMT
Date: Wed, 04 Jan 2023 22:03:04 GMT
Connection: keep-alive
Set-Cookie: uuid=d93e63b5-f798-4100-bd99-49e741399f4e; domain=.mathtag.com; path=/; expires=Thu, 01-Feb-2024 22:03:04 GMT; SameSite=None; Secure

segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=

52.215.107.176

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
IP
52.215.107.176:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/1.1 303 See Other
Date: Wed, 04 Jan 2023 22:03:04 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Wed, 04 Jan 2023 22:13:04 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ca462caeebdf1d4dcc73b558359d64cb
e6deb70d265ee58d2a526e3c11c2daff3bb326a3
f2f7a9373c1910b585a51e53a20187d63a4d6953ab0bc45224778c3e14c4bbfd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 881
Cache-Control: max-age=86440
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:04 GMT
Etag: "63b4a2cf-1d7"
Expires: Thu, 05 Jan 2023 22:03:44 GMT
Last-Modified: Tue, 03 Jan 2023 21:49:03 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

pixel.mathtag.com/sync/iframe?mt_uuid=d93e63b5-f798-4100-bd99-49e741399f4e&no_iframe=1&mt_adid=256810&source=mathtag

2.18.172.207

200 OK

713 B

URL HTTP/1.1
pixel.mathtag.com/sync/iframe?mt_uuid=d93e63b5-f798-4100-bd99-49e741399f4e&no_iframe=1&mt_adid=256810&source=mathtag
IP
2.18.172.207:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document, ASCII text
Size
713 B (713 bytes)
Hash
f853f2ecf3f2d763c4057f4ff5c3e4e8
0f9ca6de16aa4261f1202443311462a81717dd85
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

HTTP Headers

GET /sync/iframe?mt_uuid=d93e63b5-f798-4100-bd99-49e741399f4e&no_iframe=1&mt_adid=256810&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master cdg-pixel-x10 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 04 Jan 2023 22:03:03 GMT
Date: Wed, 04 Jan 2023 22:03:04 GMT
Connection: keep-alive

zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb

104.85.191.64

200 OK

20 B

URL HTTP/2
zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
IP
104.85.191.64:0
ASN
#16625 AKAMAI-AS

File type
data
Size
20 B (20 bytes)
Hash
163be0a88c70ca629fd516dbaadad96a
c8830ccf3a863e489ca37f4da572bad0e05d077b
ac73670af3abed54ac6fb4695131f4099be9fbe39d6076c5d0264a6bbdae9d83

HTTP Headers

POST /Wazamba/dcs/tagController/tagData/6db8c7e6cdeb HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 43
Origin: https://wazamba.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
content-type: text/plain
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-origin: https://wazamba.com
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-encoding: gzip
x-envoy-upstream-service-time: 3
expires: Wed, 04 Jan 2023 22:03:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 04 Jan 2023 22:03:04 GMT
content-length: 20
set-cookie: CxtId=489e3c79-513d-433c-89a2-792b82b7b0e2; Domain=.connextra.com; Expires=Fri, 03-Jan-2025 22:03:04 GMT; Path=/; Secure
Wazamba=P%7Clandingpage%7C1%7C202301042203; Domain=.connextra.com; Expires=Thu, 04-Jan-2024 22:03:04 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1

52.215.107.176

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
IP
52.215.107.176:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Wed, 04 Jan 2023 22:03:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b815e7b1a5f00b7cff7f2a68bb723f77
c944dc7284f4758dfebbd1b8ab4b7b327259f651
f1701c75e48206c4405afcd5a60ae3141ff4db9f811ec9ab4cdd9090af666f26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

match.prod.bidr.io/cookie-sync/geniussports

54.76.69.248

303 See Other

0 B

URL HTTP/1.1
match.prod.bidr.io/cookie-sync/geniussports
IP
54.76.69.248:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/1.1 303 See Other
Date: Wed, 04 Jan 2023 22:03:04 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Wed, 04 Jan 2023 22:13:04 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D

185.29.132.241

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP
185.29.132.241:0
ASN
#30419 MEDIAMATH-INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/1.1 302 Moved Temporarily
Date: Wed, 04 Jan 2023 22:03:04 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master zrh-pixel-x9 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=733063b5-f799-4500-8402-be59ce0db5eb; domain=.mathtag.com; path=/; expires=Thu, 01-Feb-2024 22:03:05 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/733063b5-f799-4500-8402-be59ce0db5eb
Expires: Wed, 04 Jan 2023 22:03:03 GMT

pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0

2.18.172.207

200 OK

0 B

URL HTTP/1.1
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP
2.18.172.207:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=d93e63b5-f798-4100-bd99-49e741399f4e&no_iframe=1&mt_adid=256810&source=mathtag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master cdg-pixel-x27 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 04 Jan 2023 22:03:03 GMT
Date: Wed, 04 Jan 2023 22:03:04 GMT
Connection: keep-alive
Set-Cookie: uuid=a40463b5-f798-4a00-8cc9-60d3576dbac5; domain=.mathtag.com; path=/; expires=Thu, 01-Feb-2024 22:03:04 GMT; SameSite=None; Secure

zz.connextra.com/sync/data/uid/6c883bd680/733063b5-f799-4500-8402-be59ce0db5eb

104.85.191.64

200 OK

64 B

URL HTTP/2
zz.connextra.com/sync/data/uid/6c883bd680/733063b5-f799-4500-8402-be59ce0db5eb
IP
104.85.191.64:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02

HTTP Headers

GET /sync/data/uid/6c883bd680/733063b5-f799-4500-8402-be59ce0db5eb HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Wed, 04 Jan 2023 22:03:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 04 Jan 2023 22:03:04 GMT
content-length: 64
set-cookie: CxtId=1f3ec195-feb6-4b65-bb2d-4eab1f0313a0; Domain=.connextra.com; Expires=Thu, 04-Jan-2024 22:03:04 GMT; Path=/; Secure
ex_uuid=6c883bd680%2C733063b5-f799-4500-8402-be59ce0db5eb; Domain=.connextra.com; Expires=Thu, 04-Jan-2024 22:03:04 GMT; Path=/; Secure
X-Firefox-Spdy: h2

b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png

54.230.111.75

200 OK

3.0 kB

URL HTTP/2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type
data
Size
3.0 kB (2960 bytes)
Hash
fdf6c2f8a13c0fbd9643f57d0de317eb
5db324d98975c681d31380775e62a852650459e8
7e618295947b322497f60a95cbfcb05eda36d7dfabb6c7866b06ee8138769422

HTTP Headers

GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 68
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Dec 2022 13:28:29 GMT
cache-control: no-cache, no-store, must-revalidate
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 68LQE8FRFzPbadU-YpEjVMLlfFDmoA9qOnEEBKtCuSGl_GuL2hqz6Q==
age: 2111937
X-Firefox-Spdy: h2

b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js

54.230.111.75

200 OK

1.3 kB

URL HTTP/2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3189), with no line terminators
Size
1.3 kB (1290 bytes)
Hash
b8f917a004c831767d84bedb9e24def7
9fd9888a05e1162faca1d92ea7801e5a22cf7dc7
5df31bac48c2256b740bf2f5939fb13b2eb9b17a5fd3de6db9929e68385e46f7

HTTP Headers

GET /apg-seal.js HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Wed, 04 Jan 2023 22:03:04 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c75-rNWnN2aiRmlW234607IXoYCWvyY"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7847431828409b25-FRA
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mcw0p_xv2RnKKtYutZhyvnuf5Sup38Tn7zRKfmRsyvP-SqGzkxNsHQ==
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
4d4f745d7f3589232b26b0d37ebe18ed
21e91788c1ec56e99a60d9f14d76d19b3e6fd930
99f6d18441212d007b1c00e5b6218aba7d9917ec3375b944d950738b19c2583b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:04 GMT
Etag: "63b51062-117"
Server: ECS (amb/6BB3)
Content-Length: 279

b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/0415301964131227b7621d5e1a81d112-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid

54.230.111.75

200 OK

46 kB

URL HTTP/2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/0415301964131227b7621d5e1a81d112-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (46382 bytes)
Hash
375b5b5bcd1d5179f5b789e4c28ca6df
f52bfd097b13f83fa43714f59786efa4082f55a1
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281

HTTP Headers

GET /sealassets/0415301964131227b7621d5e1a81d112-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 46382
date: Wed, 04 Jan 2023 22:03:04 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78474318ffa02bb9-FRA
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KEEHfMcTerbJyeYiuFwAnINu4JsYL5xixelQJ4z04SRAKqDja1VLWw==
X-Firefox-Spdy: h2

match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1

54.76.69.248

303 See Other

0 B

URL HTTP/1.1
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP
54.76.69.248:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Wed, 04 Jan 2023 22:03:04 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

wazamba.com/socket/?lang=no&EIO=3&transport=polling&t=OL-pmMf&sid=_Zcspo0snrFB_a-RABcd

45.8.107.169

200 OK

4 B

URL HTTP/2
wazamba.com/socket/?lang=no&EIO=3&transport=polling&t=OL-pmMf&sid=_Zcspo0snrFB_a-RABcd
IP
45.8.107.169:0
ASN
#209242 Cloudflare London, LLC

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
85c290f7c627550a8f66ca8eb1391a5d
7b957d0ead4608886f6731ee82f16e5a80b5e85f
3bce01fc760abe6234cbedd2b7cad5d697e7b8b380397c7d80afe13513253e33

HTTP Headers

GET /socket/?lang=no&EIO=3&transport=polling&t=OL-pmMf&sid=_Zcspo0snrFB_a-RABcd HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131
Connection: keep-alive
Cookie: data=dac2aa69869ec3bbaaab27c7028edd82; _ga_F5V35L3FQK=GS1.1.1672869569.1.1.1672869773.60.0.0; _ga=GA1.2.410186603.1672869569; _gid=GA1.2.1113096926.1672869570; _hjSessionUser_2021928=eyJpZCI6IjJlNGU1NTUxLWMyNTEtNTU4MC1iNGFmLThkZTIzMmFlMWFkYiIsImNyZWF0ZWQiOjE2NzI4Njk1Njk2NzUsImV4aXN0aW5nIjp0cnVlfQ==; _hjFirstSeen=1; _hjSession_2021928=eyJpZCI6IjgzYzhmYzU1LTNhODQtNGRhOC05NDY4LWM0NmZhYmU3YjFlNCIsImNyZWF0ZWQiOjE2NzI4Njk1NzI4MzQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; __zlcmid=1DllVBCfuo619NC; _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; _gat_UA-131568742-1=1; _hjIncludedInSessionSample=0; io=_Zcspo0snrFB_a-RABcd
TE: trailers

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 4
access-control-allow-origin: *
set-cookie: io=_Zcspo0snrFB_a-RABcd; Path=/; HttpOnly
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 784743197ec8b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted

zz.connextra.com/sync/data/uid/508a5e2dd5/

104.85.191.64

200 OK

64 B

URL HTTP/2
zz.connextra.com/sync/data/uid/508a5e2dd5/
IP
104.85.191.64:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02

HTTP Headers

GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
expires: Wed, 04 Jan 2023 22:03:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 04 Jan 2023 22:03:04 GMT
content-length: 64
set-cookie: CxtId=9118fe20-d1af-46f7-90a9-0b06d7e5a433; Domain=.connextra.com; Expires=Thu, 04-Jan-2024 22:03:04 GMT; Path=/; Secure
X-Firefox-Spdy: h2

wazamba.com/socket/?lang=no&EIO=3&transport=websocket&sid=_Zcspo0snrFB_a-RABcd

45.8.107.169

101 Switching Protocols

5.7 kB

URL HTTP/1.1
wazamba.com/socket/?lang=no&EIO=3&transport=websocket&sid=_Zcspo0snrFB_a-RABcd
IP
45.8.107.169:0
ASN
#209242 Cloudflare London, LLC

File type
data
Size
5.7 kB (5679 bytes)
Hash
cfc2bdb3a51f7df9d88cc4ed0acee7cb
314b01e46e1e941d6820cc132b5c59d32562213d
2b4d9876b96d1bc5305a02ae6e744705772db60e056cd4a39039b7453e0593cf

HTTP Headers

GET /socket/?lang=no&EIO=3&transport=websocket&sid=_Zcspo0snrFB_a-RABcd HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wazamba.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TyOc7d9vqmwRAIKd1IY0Sw==
Connection: keep-alive, Upgrade
Cookie: data=dac2aa69869ec3bbaaab27c7028edd82; _ga_F5V35L3FQK=GS1.1.1672869569.1.1.1672869773.60.0.0; _ga=GA1.2.410186603.1672869569; _gid=GA1.2.1113096926.1672869570; _hjSessionUser_2021928=eyJpZCI6IjJlNGU1NTUxLWMyNTEtNTU4MC1iNGFmLThkZTIzMmFlMWFkYiIsImNyZWF0ZWQiOjE2NzI4Njk1Njk2NzUsImV4aXN0aW5nIjp0cnVlfQ==; _hjFirstSeen=1; _hjSession_2021928=eyJpZCI6IjgzYzhmYzU1LTNhODQtNGRhOC05NDY4LWM0NmZhYmU3YjFlNCIsImNyZWF0ZWQiOjE2NzI4Njk1NzI4MzQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; __zlcmid=1DllVBCfuo619NC; _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; _gat_UA-131568742-1=1; _hjIncludedInSessionSample=0; io=_Zcspo0snrFB_a-RABcd
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 04 Jan 2023 22:03:04 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C292l+Im8EB3kHRTzIVtv21vmrI=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784743198ddab4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

wazamba.com/socket/?lang=no&EIO=3&transport=polling&t=OL-pmNo&sid=_Zcspo0snrFB_a-RABcd

45.8.107.169

200 OK

3 B

URL HTTP/2
wazamba.com/socket/?lang=no&EIO=3&transport=polling&t=OL-pmNo&sid=_Zcspo0snrFB_a-RABcd
IP
45.8.107.169:0
ASN
#209242 Cloudflare London, LLC

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
9b9065b3ba2c3c87f1e30fdf998d791e
cc471c1ac39e9f79d65111b47de18d7bf187f1ed
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

HTTP Headers

GET /socket/?lang=no&EIO=3&transport=polling&t=OL-pmNo&sid=_Zcspo0snrFB_a-RABcd HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131
Connection: keep-alive
Cookie: data=dac2aa69869ec3bbaaab27c7028edd82; _ga_F5V35L3FQK=GS1.1.1672869569.1.1.1672869773.60.0.0; _ga=GA1.2.410186603.1672869569; _gid=GA1.2.1113096926.1672869570; _hjSessionUser_2021928=eyJpZCI6IjJlNGU1NTUxLWMyNTEtNTU4MC1iNGFmLThkZTIzMmFlMWFkYiIsImNyZWF0ZWQiOjE2NzI4Njk1Njk2NzUsImV4aXN0aW5nIjp0cnVlfQ==; _hjFirstSeen=1; _hjSession_2021928=eyJpZCI6IjgzYzhmYzU1LTNhODQtNGRhOC05NDY4LWM0NmZhYmU3YjFlNCIsImNyZWF0ZWQiOjE2NzI4Njk1NzI4MzQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; __zlcmid=1DllVBCfuo619NC; _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; _gat_UA-131568742-1=1; _hjIncludedInSessionSample=0; io=_Zcspo0snrFB_a-RABcd
TE: trailers

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 3
access-control-allow-origin: *
set-cookie: io=_Zcspo0snrFB_a-RABcd; Path=/; HttpOnly
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78474319ef38b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

516 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
516 B (516 bytes)
Hash
b8b421ee6e8f8b39db71ff3f03a5ac1d
0255fb6853600ff79e02e02ea7d5bde1f8362a06
54bb91cabbbe73466273bf77a231c1ec31cc90ce7b0c138ad86fd73e7b12eed5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158127
Date: Wed, 04 Jan 2023 22:03:05 GMT
Etag: "63b5b51d-1d7"
Expires: Fri, 06 Jan 2023 17:58:32 GMT
Last-Modified: Wed, 04 Jan 2023 17:19:25 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WA6UvYZdtmtDx8SNj_R9dotV1QIdS2w3b91OvxvcFBO-3VgJpraigA==
Age: 2347

wazamba.zendesk.com/embeddable/config

104.16.51.111

200 OK

204 kB

URL HTTP/2
wazamba.zendesk.com/embeddable/config
IP
104.16.51.111:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (716), with no line terminators
Size
204 kB (203741 bytes)
Hash
3a5eaf3645b47be7908393699901fd8d
876b6c5cb1470dba76ff81a6872148b282eb8c0e
8fc2bf5a7b8102d7d2a22d594cfc83e86fea955301c4eb49db72ac75bc38dfbf

HTTP Headers

GET /embeddable/config HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:04 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-66f968b655-8hzjr
x-request-id: 7846f7426d58b4fd-ARN
x-runtime: 0.001454
vary: Origin, Accept-Encoding
x-cached: STALE
last-modified: Wed, 04 Jan 2023 21:59:44 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teJic2cFyKfmdpu%2B6ATrdc9aPQZ1xL0dQnmNaHdv0dd2%2F5eCiP9ebmhjWuUoelGYynh0f9HQqNUpGL0%2Bk4TDhQkCo6BW8Lydq0TX2wGpwcxxqka4i8PnOrlEBoG4is3rMBgYHm4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=a30251400bd47b7ef3a1f7006f280a6e8057e5dc-1672869784; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 784743190b35b521-OSL
content-encoding: br
X-Firefox-Spdy: h2

wazamba.com/base_sw.js

45.8.107.169

200 OK

20 kB

URL HTTP/2
wazamba.com/base_sw.js
IP
45.8.107.169:0
ASN
#209242 Cloudflare London, LLC

File type
ASCII text, with no line terminators
Size
20 kB (19886 bytes)
Hash
c0aa40de27d1dc4d4460f22f81508147
fc1ec4de1bee4206f367694e9942425bf1fe218c
4fa2e1cdfc362a54f99495b37ddc478d7e6610af9c2ae7b103e8b3e9553c67f7

HTTP Headers

GET /base_sw.js HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: data=dac2aa69869ec3bbaaab27c7028edd82; _ga_F5V35L3FQK=GS1.1.1672869569.1.1.1672869773.60.0.0; _ga=GA1.2.410186603.1672869569; _gid=GA1.2.1113096926.1672869570; _hjSessionUser_2021928=eyJpZCI6IjJlNGU1NTUxLWMyNTEtNTU4MC1iNGFmLThkZTIzMmFlMWFkYiIsImNyZWF0ZWQiOjE2NzI4Njk1Njk2NzUsImV4aXN0aW5nIjp0cnVlfQ==; _hjFirstSeen=1; _hjSession_2021928=eyJpZCI6IjgzYzhmYzU1LTNhODQtNGRhOC05NDY4LWM0NmZhYmU3YjFlNCIsImNyZWF0ZWQiOjE2NzI4Njk1NzI4MzQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; __zlcmid=1DllVBCfuo619NC; _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; _gat_UA-131568742-1=1; _hjIncludedInSessionSample=0; io=_Zcspo0snrFB_a-RABcd
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 03 Jan 2023 11:23:55 GMT
If-None-Match: W/"63b4104b-33"
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:06 GMT
content-type: application/javascript
cf-ray: 784743231a69b4f1-OSL
access-control-allow-origin: *
age: 6
etag: W/"63b4104b-33"
last-modified: Tue, 03 Jan 2023 11:23:55 GMT
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-revalidated: Wed Jan 04 2023 22:03:00 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1672869840754
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rec.smartlook.com/recorder.js

185.76.9.24

200 OK

0 B

URL HTTP/2
rec.smartlook.com/recorder.js
IP
185.76.9.24:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:01 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"63b43f19-c4a"
last-modified: Tue, 03 Jan 2023 14:43:37 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1672870091
server: CDN77-Turbo
x-77-nzt: AblMCRT4/cP/IgEAAA
x-77-nzt-ray: af585630a8d1c5ad95f7b56343664e1d
x-cache: HIT
x-age: 290
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Jost:wght@800&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Jost:wght@800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 22:03:00 GMT
date: Wed, 04 Jan 2023 22:03:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg

104.16.152.45

200 OK

0 B

URL HTTP/2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
IP
104.16.152.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /crab/backgrounds/start-screen-desktop__single_ball.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:03 GMT
content-type: image/jpeg
content-length: 151608
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origSize=154594, status=webp_bigger
etag: "623b0046-25be2"
expires: Thu, 05 Jan 2023 04:41:28 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
cf-cache-status: HIT
age: 112537
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7847430ffcd50b4d-OSL
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js

104.18.70.113

200 OK

0 B

URL HTTP/2
static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: flXT3MjZXq9WFSWpPRs+IiSkjkX3+v9E8zHvt24+o/uXfRysJbOibD4IZBfnohBYxkCwc++Rpqo=
x-amz-request-id: F6CCGSFWY28CB4TK
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:41:53 GMT
etag: W/"34fbbf22dcbdf81917dd5b3e02a125e4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:41:52 GMT
x-amz-version-id: BijG1SZtZft6iu4XfUmwnaVs.g5q2jvS
cf-cache-status: HIT
age: 1709879
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFFKVVwLXkM6gO3Tr8wlWhTSuDASTZHu5%2FUyU1yOlwC1eJMzxW8Pbc8T46CI%2BoVrJDU%2BZl5Sx%2FvJikf8HMFg0%2Bgk8Vb2vcFvI6N5SI%2Fq14gWo%2B9JBohaz8v0iyqaldzaj60oEqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78474316ebbab52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js

104.18.70.113

200 OK

0 B

URL HTTP/2
static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web_widget/latest/classic/web-widget-5324-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: N5dT9JXWrJ6LHekTKf/mWyeV2xtYk6b8CIDMtPXNt5c/QUaa5FjHdkI91n1OR77lZMScW8RD3DY=
x-amz-request-id: F6C5FH3WES4KVVKJ
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"c296a94da281fc44d57ec8f4e4cfb0fa"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: CY5KQGuue_uwVKm8gYgHUkbI5bFfwkO_
cf-cache-status: HIT
age: 1709878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qHIG7VcOWJC4HZ1WQsknmlVXKh5iAKJiOmTMnr%2Bs%2FRneqmi2SygO7RnGUHgWel0MY0Y9xWXetI15Q%2BjAMXzZBHtGuF%2Fl4AZ0uXwECx%2BC%2FDnEdd0rrLcwCXJQnrobbn2WEmw5hw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7847431adfa8b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

wazamba.com/base_sw.js

45.8.107.169

200 OK

0 B

URL HTTP/2
wazamba.com/base_sw.js
IP
45.8.107.169:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /base_sw.js HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: data=dac2aa69869ec3bbaaab27c7028edd82; _ga_F5V35L3FQK=GS1.1.1672869569.1.1.1672869773.60.0.0; _ga=GA1.2.410186603.1672869569; _gid=GA1.2.1113096926.1672869570; _hjSessionUser_2021928=eyJpZCI6IjJlNGU1NTUxLWMyNTEtNTU4MC1iNGFmLThkZTIzMmFlMWFkYiIsImNyZWF0ZWQiOjE2NzI4Njk1Njk2NzUsImV4aXN0aW5nIjp0cnVlfQ==; _hjFirstSeen=1; _hjSession_2021928=eyJpZCI6IjgzYzhmYzU1LTNhODQtNGRhOC05NDY4LWM0NmZhYmU3YjFlNCIsImNyZWF0ZWQiOjE2NzI4Njk1NzI4MzQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; __zlcmid=1DllVBCfuo619NC; _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; _gat_UA-131568742-1=1; _hjIncludedInSessionSample=0; io=_Zcspo0snrFB_a-RABcd
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 03 Jan 2023 11:23:55 GMT
If-None-Match: W/"63b4104b-33"
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:05 GMT
content-type: application/javascript
cf-ray: 7847431c69b9b4f1-OSL
access-control-allow-origin: *
age: 5
etag: W/"63b4104b-33"
last-modified: Tue, 03 Jan 2023 11:23:55 GMT
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-revalidated: Wed Jan 04 2023 22:03:00 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1672869840754
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

rec.smartlook.com/es6/init.bafede3143fc1e311f15.js

185.76.9.24

200 OK

0 B

URL HTTP/2
rec.smartlook.com/es6/init.bafede3143fc1e311f15.js
IP
185.76.9.24:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /es6/init.bafede3143fc1e311f15.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:01 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"63b43f19-d87d"
last-modified: Tue, 03 Jan 2023 14:43:37 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1704352597
server: CDN77-Turbo
x-77-nzt: AblMCRTwpMf/wM8AAA
x-77-nzt-ray: af58563012c5d9af95f7b56332a65e2a
x-cache: HIT
x-age: 53184
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:wght@500;600;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 22:03:01 GMT
date: Wed, 04 Jan 2023 22:03:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2021928.js?sv=6

54.230.111.39

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-2021928.js?sv=6
IP
54.230.111.39:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-2021928.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://wazamba.com/
Connection: keep-alive

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 22:02:29 GMT
cache-control: max-age=60
etag: W/9844a72e26e1589e217cd80842a09b5a
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YXMrodyGkfZW6vxbnn8ZEGGq6PeeKxdvJU-Tyu65tVhet88O7oZHrA==
age: 33
X-Firefox-Spdy: h2

wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131

45.8.107.169

200 OK

0 B

URL HTTP/2
wazamba.com/no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131
IP
45.8.107.169:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/seasons/christmas?btag=658915_7308AE6F482A47EAB48850B80275DB34&clickid=waor4r4i2dactull2ekt3bdc&MSID=1360468&BID=9131 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Connection: keep-alive
Cookie: _ga_F5V35L3FQK=GS1.1.1672869569.1.0.1672869577.52.0.0; _ga=GA1.2.410186603.1672869569; _gid=GA1.2.1113096926.1672869570; _hjSessionUser_2021928=eyJpZCI6IjJlNGU1NTUxLWMyNTEtNTU4MC1iNGFmLThkZTIzMmFlMWFkYiIsImNyZWF0ZWQiOjE2NzI4Njk1Njk2NzUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2021928=eyJpZCI6IjgzYzhmYzU1LTNhODQtNGRhOC05NDY4LWM0NmZhYmU3YjFlNCIsImNyZWF0ZWQiOjE2NzI4Njk1NzI4MzQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; __zlcmid=1DllVBCfuo619NC

HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:02:59 GMT
content-type: text/html
cf-ray: 784742fbb9a11bfa-OSL
age: 324
last-modified: Tue, 03 Jan 2023 11:23:55 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-revalidated: Wed Jan 04 2023 21:57:35 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1672869515712
content-security-policy: frame-ancestors 'self' wazamba.com m.wazamba.com
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (57)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations