telewww.site/uz/bx/nl
79.98.28.128301 Moved Permanently 237 B IP 79.98.28.128:0
ASN #212531 UAB Interneto vizija
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ec8c1ffa587f572444ae463c0b9e4244
002d5cdb01b9a849cbe9ec1dca23310c29397631
f5ad667a5aead439c83c46829ed2ff5538eba55762841149bf2c12292d5e8972
Analyzer Verdict Alert fortinet Phishing
GET /uz/bx/nl HTTP/1.1
Host: telewww.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 22:59:48 GMT
Server: Apache
Location: http://telewww.site/uz/bx/nl/
Content-Length: 237
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12328
Expires: Sat, 10 Dec 2022 02:25:16 GMT
Date: Fri, 09 Dec 2022 22:59:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6243
Expires: Sat, 10 Dec 2022 00:43:51 GMT
Date: Fri, 09 Dec 2022 22:59:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9570
Expires: Sat, 10 Dec 2022 01:39:18 GMT
Date: Fri, 09 Dec 2022 22:59:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 22:33:14 GMT
content-type: application/json
age: 1594
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gxnegLzUnEKl6CRzWG+UNKOeY9+UudC2eUlNvDBjFammsD0/XkEtWRBak3b+kzLKbihYvZXRUjU=
x-amz-request-id: 1NZPBB4C6KGY684R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 22:50:26 GMT
age: 562
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
telewww.site/uz/bx/nl/
79.98.28.128302 Found 0 B IP 79.98.28.128:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /uz/bx/nl/ HTTP/1.1
Host: telewww.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 09 Dec 2022 22:59:48 GMT
Server: Apache
Location: //ak.lanopoon.net/4/5087048?var=ed_error
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:59:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ak.lanopoon.net/4/5087048?var=ed_error
23.36.76.248200 OK 927 B URL HTTP/1.1 ak.lanopoon.net/4/5087048?var=ed_error
IP 23.36.76.248:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (481)
Hash f6c52fbc2458a8d91b67f52b8e395718
73f790a0c3e9c303839eb6da98811ab5880227c6
499479b604f0fdfe947d9af2210524b1a0d0cc79dafc8298034f3303ce83daff
GET /4/5087048?var=ed_error HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
X-Trace-Id: bd32075361ed3a978a9ec7f094e735c1
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
Expires: Fri, 09 Dec 2022 22:59:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 09 Dec 2022 22:59:49 GMT
Content-Length: 927
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: OAID=c889e2979aaf402e95bfe036963c845a; expires=Sat, 09 Dec 2023 22:59:48 GMT; path=/
oaidts=1670626788; expires=Sat, 09 Dec 2023 22:59:48 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 27f907a256adb2c2f78f02a5f9b10c99
3411bd289f7e48859cde22993e8bd795ac9b19b2
907bff5886c7b9a138f540090f7e0010621667c24aa02c3fd075f083d0a3b683
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "907BFF5886C7B9A138F540090F7E0010621667C24AA02C3FD075F083D0A3B683"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7656
Expires: Sat, 10 Dec 2022 01:07:25 GMT
Date: Fri, 09 Dec 2022 22:59:49 GMT
Connection: keep-alive
voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.001710&visitor_id=625216668981014636&rdk=rk1
18.193.209.105302 Found 0 B URL HTTP/2 voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.001710&visitor_id=625216668981014636&rdk=rk1
IP 18.193.209.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.001710&visitor_id=625216668981014636&rdk=rk1 HTTP/1.1
Host: voices-kerence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Dec 2022 22:59:49 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=w4puksk9269i2e2l2v43p880
pragma: no-cache
set-cookie: e156c3f3-11b0-4914-affc-c6259ac63ded-v4=Z9Dxqz8CpQH0p_mcqHCGiXcrcHVMecEfowMYEXE9o7E; Max-Age=86400; Expires=Sat, 10-Dec-2022 22:59:49 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=4xinh0LYuOTl6pOKYXkgR0SmJif0mrmWjCELocUgno09iDsrz2f6G25D7VslyRZwzYK4bcAIDuDmRE56vQpS4J3rrGHbFXAQXtXb1HtRszbZjWp36zk3xSrc0ZNPT%2Ffm2K%2BLMVSUEGiYKLCNIRXxlA%3D%3D; Max-Age=31536000; Expires=Sat, 09-Dec-2023 22:59:49 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=c889e2979aaf402e95bfe036963c845a
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=c889e2979aaf402e95bfe036963c845a
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=c889e2979aaf402e95bfe036963c845a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:59:49 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c889e2979aaf402e95bfe036963c845a; expires=Sat, 09 Dec 2023 22:59:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ak.lanopoon.net/favicon.ico
23.36.76.248204 No Content 0 B URL HTTP/1.1 ak.lanopoon.net/favicon.ico
IP 23.36.76.248:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=c889e2979aaf402e95bfe036963c845a; oaidts=1670626788
HTTP/1.1 204 No Content
Pragma: public
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=2591982
Date: Fri, 09 Dec 2022 22:59:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 22:07:55 GMT
age: 3114
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=w4puksk9269i2e2l2v43p880
95.101.10.178307 Temporary Redirect 0 B URL HTTP/2 wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=w4puksk9269i2e2l2v43p880
IP 95.101.10.178:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=2052770&bid=5396&clickid=w4puksk9269i2e2l2v43p880 HTTP/1.1
Host: wzb-bc-7s.lptrak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://wazamba100.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 09 Dec 2022 22:59:49 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 09 Dec 2022 22:59:49 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a2052770%2c%22BID%22%3a5396%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670626789584)%5c%2f%22%2c%22CookieTag%22%3a%2253962052770451240919C20221292259%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22556365741%7c1%22%7d%5d; domain=.lptrak.com; expires=Sun, 09-Dec-3021 22:59:49 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=43
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6444
Cache-Control: max-age=129270
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:49 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:54:19 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
wazamba100.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
45.8.106.138301 Moved Permanently 0 B URL HTTP/2 wazamba100.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
IP 45.8.106.138:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396 HTTP/1.1
Host: wazamba100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Dec 2022 22:59:49 GMT
content-length: 0
location: https://wazamba.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
vary: Accept-Encoding
server: cloudflare
cf-ray: 77715a7b395ab51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 34cd704fea5951baa50f856df046a424
4cdc1255f2cce85ef8a994dd8dabfaec6daed7b3
6500d151411d6b4c07216d1bff66a06ee45f9e1a54c35795d8e9f68fba1ab1e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129296
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:49 GMT
Etag: "639313f5-117"
Expires: Sun, 11 Dec 2022 10:54:45 GMT
Last-Modified: Fri, 09 Dec 2022 10:54:45 GMT
Server: nginx
Content-Length: 279
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LcVOIZ46wg3jWesO3jQysg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Zf05FEIohQJm/arNCKYGgYj2PNk=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 34cd704fea5951baa50f856df046a424
4cdc1255f2cce85ef8a994dd8dabfaec6daed7b3
6500d151411d6b4c07216d1bff66a06ee45f9e1a54c35795d8e9f68fba1ab1e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=129296
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:49 GMT
Etag: "639313f5-117"
Expires: Sun, 11 Dec 2022 10:54:45 GMT
Last-Modified: Fri, 09 Dec 2022 10:54:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
151.101.1.229200 OK 38 kB URL HTTP/2 cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
IP 151.101.1.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0880c171f6c1061e1a2de7c892645c86
39b9c3eedf84507430791a2f17e03a4bc4b891be
e02180112a0dee98478682fa68ebef088ef1ca2cd3052ca783212478833151a3
GET /npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.9.38
x-jsd-version-type: version
etag: W/"23e2d-8Ljb58fTcif9uN6WX1ki2pXIRm0"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 22:59:50 GMT
age: 3343354
x-served-by: cache-fra-eddf8230084-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 38325
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/CHXiRz4wi-U
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CHXiRz4wi-U
IP 216.58.211.3:0
Hash 188eee831491a451f9dea465455826f1
fd130fcd12aff90deeeda995a3c25268b5356ef8
f0019bd1ffd40ad48a5af40428f0d8bfbb7e7f7a67464cb9153315dbde8ce40b
POST /s/gts1p5/CHXiRz4wi-U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
142.250.74.78200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
IP 142.250.74.78:0
File type ASCII text, with very long lines (1921)
Hash 7579d17b46e16832f63dbd6153f4a1b4
33739b8cfff3734103b4db5a9c0770da9fdb2f92
374e40fce6f02bd65bf7b928c04250fc7ae65425cf00971e16ed3759f8ea15c3
GET /optimize.js?id=OPT-P6V4PQ2 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 22:59:50 GMT
expires: Fri, 09 Dec 2022 22:59:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 93 kB IP 216.58.211.3:0
Hash 8cad2fbf2e60079e0be61e3cd87f99ba
98efccf80eb6a26e8480ceb7a3ed58b27269e216
1fe74d6e9d4710ad9e8af9a54d302ebe0e5b31e58984a91304e1e7390beae013
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.seondf.com/js/v4/agent.js
172.67.148.159200 OK 171 kB URL HTTP/2 cdn.seondf.com/js/v4/agent.js
IP 172.67.148.159:0
File type C source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size 171 kB (171321 bytes)
Hash fa432e1a98e417764926f4ad276d32fa
f64ea4d395ac05e2739c42c9dddef070be94338a
58d7fb676ffb146da2000faecaf6a4f871bff0e5954eb89624ff2756f832ffdc
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seondf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 09 Sep 2022 15:20:31 GMT
etag: W/"7e416f9feeb805e04c423899736c48e2"
cache-control: max-age=14400
x-amz-version-id: mfjcVMYC8eQg.3.C.jDktKY9HpyiJtFK
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eee6hgQ3xctrF4dTa6r4eh2gurLFeOJYCYPvF_Q4eFwSj9xFdflfXg==
cf-cache-status: HIT
age: 133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1zpUbh4Ru0shHvoHhxQt9KA2VcKLWjUgfUqNVEdjNkGV8XqqBMJi9m7M1zaVz%2FbX%2B2TggHVQbNy7swNScTfPH%2BzNELAbFWxs8t6mE9TGKGfgtu0Ls9bEiKal3t2pdSDIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77715a7e281b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:30:11 GMT
expires: Sat, 09 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 59379
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/13T696CQ6pM
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/13T696CQ6pM
IP 216.58.211.3:0
Hash a14463b2517cbcc3f7d2f62c5b391737
e849df0c355798bfbe20fc678088695ef3f0738f
ea30c06bab7443f08a86342dbfd13ce84720b65efc33b6ce5ffbcf3a7e215208
POST /s/gts1d4/13T696CQ6pM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wazamba.com/joxi/js/v11.1.13/moment.js
45.8.107.169200 OK 64 kB URL HTTP/2 wazamba.com/joxi/js/v11.1.13/moment.js
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (62719), with no line terminators
Hash e8acd336a23cab5d04496bf3b318b0ab
e7b8e926a71c7e0e6d9cc106ad87215ac78600f7
e9d130cbb9601551e9d705271c08ab0f8646963fa894749df26aedecedf39c0a
GET /joxi/js/v11.1.13/moment.js HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:50 GMT
content-type: application/javascript
cf-ray: 77715a7d6e2d0b55-OSL
access-control-allow-origin: *
age: 108
etag: W/"628b4a10-3c80f"
last-modified: Mon, 23 May 2022 08:47:12 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-revalidated: Fri Dec 09 2022 22:58:02 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670626742777
x-cache-status: HIT
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1670251586870
34.120.135.117200 OK 131 kB URL HTTP/2 sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1670251586870
IP 34.120.135.117:0
File type ASCII text, with very long lines (64976)
Size 131 kB (130826 bytes)
Hash 9a067f0d78a0245c0f113e54faac822e
bbde0f6a175bd4f2e10235d41d676c5abfb03cfb
43f2061b95d6cd9102d9fa5ee34d2f284887070a400b1479c43d0d29af81f013
GET /altenarWSDK.js?build=1670251586870 HTTP/1.1
Host: sb2widgetsstatic-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvZYi3F1cIYfg2ghkCj9WSbe-jy6QpiYLpyEQZaNr024qDrjJxKEGfckp3naGtzMmarnOa4nh7Jf2I8jWjSwuKkqqFZnBFw
x-goog-generation: 1669705358216734
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 130826
x-goog-meta-goog-reserved-file-mtime: 1669705321
content-encoding: gzip
x-goog-hash: crc32c=ySUPxQ==, md5=mgZ/DXigJFwPET5U+qyCLg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 130826
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Fri, 09 Dec 2022 22:59:50 GMT
expires: Fri, 09 Dec 2022 22:59:50 GMT
cache-control: no-cache,max-age=0
age: 0
last-modified: Tue, 29 Nov 2022 07:02:38 GMT
etag: "9a067f0d78a0245c0f113e54faac822e"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/13T696CQ6pM
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/13T696CQ6pM
IP 216.58.211.3:0
Hash a14463b2517cbcc3f7d2f62c5b391737
e849df0c355798bfbe20fc678088695ef3f0738f
ea30c06bab7443f08a86342dbfd13ce84720b65efc33b6ce5ffbcf3a7e215208
POST /s/gts1d4/13T696CQ6pM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unpkg.com/swiper@7.4.1/swiper-bundle.min.js
104.16.126.175200 OK 39 kB URL HTTP/2 unpkg.com/swiper@7.4.1/swiper-bundle.min.js
IP 104.16.126.175:0
File type ASCII text, with very long lines (65279)
Hash b7457e96ac1f8c18cd1dc384afac052c
c8034ecc229e2e75b656ab7769869bb1c87d6e36
5eee593913107b595a4db807b1e2b03c86664d0d6af168595d8110eb016750b6
GET /swiper@7.4.1/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:50 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
via: 1.1 fly.io
fly-request-id: 01G4XGYFFRBMSG82JZ2H3KRTZA-fra
cf-cache-status: HIT
age: 16073515
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77715a7dae530b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
rec.smartlook.com/es6/init.9f9eccdc0bb055a30c0f.js
185.76.9.15200 OK 32 kB URL HTTP/2 rec.smartlook.com/es6/init.9f9eccdc0bb055a30c0f.js
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
Hash 4064577852facffa8bd49682948f3d0d
ea1a61a42316ea14b7ca91fd773d8671e5698c74
cf2e30ee30ec86ca2d010ae2fd24461f5adf255dc3f9d6e3b4c7ac2766bb87a5
GET /es6/init.9f9eccdc0bb055a30c0f.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:50 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"6390556d-d4c1"
last-modified: Wed, 07 Dec 2022 08:57:17 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1701952445
server: CDN77-Turbo
x-77-nzt: AblMCQ22Svz/qTUDAA
x-77-nzt-ray: c0a4cc28e41d8285e6bd9363cbf4df2c
x-cache: HIT
x-age: 210345
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
rec.smartlook.com/recorder.js
185.76.9.15200 OK 44 kB URL HTTP/2 rec.smartlook.com/recorder.js
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
Hash 12e2fe2a02fc3bf6fd4938d1246d7c74
043e36e775f829366cee1f9b0ea73b7d931bfb87
87fa3e8670272fba176896dfa0f595254ebd3f05c466831b5e18d2082b7b30a9
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:50 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"6390556d-c4a"
last-modified: Wed, 07 Dec 2022 08:57:17 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1670626878
server: CDN77-Turbo
x-77-nzt: AblMCQ1T65z/AAIAAA
x-77-nzt-ray: c0a4cc284719bd84e6bd93639ec12927
x-cache: HIT
x-age: 512
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 901e4a8dfd258d6d6138ef1affd264c4
1123455fe989b4764779cbcfa745a37e8ab4b9d1
f97e35aca2716b33ae22ddc04af50e366865fda8e93bd12aae855b5ab2491fe4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5921
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Last-Modified: Fri, 09 Dec 2022 21:21:09 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
104.85.191.64200 OK 17 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
IP 104.85.191.64:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2771)
Hash b3076ab7433f4fa9f8e717b83ba3f9b0
65acfa773288d49b160b824868a94e9b0e728386
726cc5a5bfc3d5ccde8dd2a9a7dc5059a4833c6d6980364d627f1ebac818628d
GET /dcs/tagController/tag/6db8c7e6cdeb/landingpage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-length: 16608
server: istio-envoy
content-encoding: gzip
x-envoy-upstream-service-time: 2
cache-control: must-revalidate, max-age=165
expires: Fri, 09 Dec 2022 23:02:35 GMT
date: Fri, 09 Dec 2022 22:59:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
wazamba.com/_sprite.css?t=1670251586870
45.8.107.169200 OK 62 kB URL HTTP/2 wazamba.com/_sprite.css?t=1670251586870
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash c76393609bc0427e49bdcb89d42bbc2e
7e4ba52968410c28dfe27daf08b25db0ede60c84
175f286f35d927c705d5d5103154040ed24b0baf88633108ba63dc2d0c02c331
GET /_sprite.css?t=1670251586870 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:50 GMT
content-type: text/css
cf-ray: 77715a7d6e260b55-OSL
access-control-allow-origin: *
age: 108
etag: W/"638efcab-2a48d"
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-revalidated: Fri Dec 09 2022 22:58:02 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670626742519
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a49ab5ecc317aa7e4724050053737549
3ffff77715bf8c5dbcbb5e17abbbc2c683c36f60
844f25237f9906c3fb977d58259e132c41dacbbe546adc8b45e9992e6ee711c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
216.58.207.228200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
IP 216.58.207.228:0
File type ASCII text, with very long lines (884), with no line terminators
Hash f536a0a73a847f823b7165aeac7406bb
00681f24bf1e21b1cafb4fa3366496cdae5990ff
5b660ad648092f4b8f79c70ab1fb9ce4e396ae856750f31ed2768c464628cea9
GET /recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 09 Dec 2022 22:59:50 GMT
date: Fri, 09 Dec 2022 22:59:50 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 564 B IP 216.58.211.3:0
Hash 6bc6aba084231b8729a00a87d8c3e415
85afaad835647d0d1f8bfed26d47288326e2f52e
ec160d7e67888bbac246e2ba7f3ef7a4609c959d6155f4e2ff8b76b6044c91b0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6190
Expires: Sat, 10 Dec 2022 00:43:01 GMT
Date: Fri, 09 Dec 2022 22:59:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6190
Expires: Sat, 10 Dec 2022 00:43:01 GMT
Date: Fri, 09 Dec 2022 22:59:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6190
Expires: Sat, 10 Dec 2022 00:43:01 GMT
Date: Fri, 09 Dec 2022 22:59:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6190
Expires: Sat, 10 Dec 2022 00:43:01 GMT
Date: Fri, 09 Dec 2022 22:59:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 51 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
Hash b79f50e2d76be49bf9bc4c3dacc29bcf
a69c4fcf95dc098f870f01dd18a9ce8f3a23b6b9
caeebe5084c603604c293fb7cc0c8381049189a6cb84f2d10eb6476aff69f298
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 67964
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00ad01d32ff690b4a28f6d0555c7e146
c607a2782213afcc058882ffa11a08860a6de034
b5896253222e132fa68f11fba133195a20e4aad94f8cdbfef747ded7e9243b0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7444
x-amzn-requestid: eaf9e585-6b52-46c3-a62a-fa591bbf2204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5f7BEV6IAMFbIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ad13-3cab7e35787037ec74ff6e31;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:48:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q-JwtoYGsFkpCudY52QAzpwi-93TU1Eh_1szsnTQp1jHpILapcn5PQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:31 GMT
etag: "c607a2782213afcc058882ffa11a08860a6de034"
content-type: image/jpeg
age: 3860
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
Hash 34a88e217c0297691bb8a93041ddebdd
c6f683dc7785b38763506938143195f3a7fcf737
fe41e65f259b7235210de9cd7bd105f543d2715776b42fafb5b324a1de409fa4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nD0bWCjTU6LNSsNYCNqT4rt7okG1dmPPWiw4FXSi_uNWpcZnxhZgKw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:37 GMT
age: 3374
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcdc2c9891132c82cd09ef237930877
3e112ad867e159d1bfdf9bfd2e2a04fea8248494
8d543255c1272d77981913e4b0e0e5efede8f4ffaa91572a3eee9e44ac035946
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8473
x-amzn-requestid: 40260408-5f10-42ed-832e-a8bc5d02e95c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e9hGqwIAMFl2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab89-078ecefb64853b047acc2de7;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oe1qgsBhixlxqlLZdNtuON-CMoWDhGTH1SQhmQQhLGYTmp_R9FKaEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:41 GMT
age: 3850
etag: "3e112ad867e159d1bfdf9bfd2e2a04fea8248494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F_FNF6MAvQjqQ9kTGvu8lERPdurC-ZyLWtxQ5Ezs1OBUUmejNwiQ4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:00:13 GMT
age: 3578
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8a5e9d0cddf26cf3a1478d2942f2478
e8a228a857a414f04108c84670ed7bc74534407c
3a15851f412000f1647057745348bc6f6e2f0cfe481ca7a72f6e94fab8d5e52e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12990
x-amzn-requestid: 2e4f71f3-b81d-4822-a13a-e8367a76aa20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMREp3IAMFRJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-447650995616ab6a09780380;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D3mXg-fDM59RiUxg-BxZNdAQG4_iGSTcxhleWiDkSmwlOdxS8SGhDA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:31 GMT
age: 3860
etag: "e8a228a857a414f04108c84670ed7bc74534407c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 21:34:02 GMT
expires: Fri, 09 Dec 2022 23:34:02 GMT
cache-control: public, max-age=7200
age: 5149
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6c33a1d5d0fc5fe73ec55ac938817ea4
bfc100af7973feb3a7c3501dda66589f08bc6bde
668f1beac80500f1748643c27de6e413b0676a2fa94b0fbb7ef94b1cbab16e50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1242282493.1670626790>m=2oebu0&aip=1&z=815108361
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1242282493.1670626790>m=2oebu0&aip=1&z=815108361
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1242282493.1670626790>m=2oebu0&aip=1&z=815108361 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 22:59:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6c33a1d5d0fc5fe73ec55ac938817ea4
bfc100af7973feb3a7c3501dda66589f08bc6bde
668f1beac80500f1748643c27de6e413b0676a2fa94b0fbb7ef94b1cbab16e50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.bc0a4c72d88d266f15af.js
18.173.5.77200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.bc0a4c72d88d266f15af.js
IP 18.173.5.77:0
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash 2375e31c5dc0ca09d740bee5c1486c2b
d68ad5ffd79e99af40377945f2f41db8b6f00ad0
2197593e6c85391abbb9c0cba866862dc84bad91aedbe5d90d374e413504f5cb
GET /modules.bc0a4c72d88d266f15af.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68590
date: Wed, 07 Dec 2022 14:35:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "2375e31c5dc0ca09d740bee5c1486c2b"
last-modified: Wed, 07 Dec 2022 14:34:24 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 acf2dd107c5d6d9bebe3457b4f66431e.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: 5AILA6uMuonqQzXZjhIMdhmx7g7HGBMSXfki_JXlm9n44nus59MzjA==
age: 203085
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f0ce34908aae2f54cabfcef71d0e6665
02ed7b537989141ac64b836bcab09a6e3eff313f
eff59096bd0af95b7cafd67753c11e264b576e1d92b97d054c478cb333d422b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 22:59:51 GMT
Last-Modified: Fri, 09 Dec 2022 22:10:23 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GZ-1yoJEzyX0a48ZxP8cC0iuQbOfh5TUXMBq31q9ZEswywCgPcl7mw==
Age: 2968
manager.eu.smartlook.cloud/rec/setup-recording/website
35.157.143.226200 OK 70 B URL HTTP/1.1 manager.eu.smartlook.cloud/rec/setup-recording/website
IP 35.157.143.226:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 536ea6acc350b7cd088bb192cc72b759
9c01c4c8d9ee1839d8a6f547219baee07a7de63e
ffda52cd15f4fdd13595223661990ed34c1949a66b38d7a2c8fa02a0712a03e9
POST /rec/setup-recording/website HTTP/1.1
Host: manager.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Origin: https://wazamba.com
Content-Length: 122
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://wazamba.com
Access-Control-Expose-Headers: Retry-After
Content-Encoding: br
Content-Type: application/json; charset=utf-8
Date: Fri, 09 Dec 2022 22:59:51 GMT
Retry-After: 3600
sl-trace-id: QFWSx9dXEIFbVIe5zfzAm
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
104.16.152.45200 OK 28 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash caf2e885906d6d25e4bfb3fbd2048463
ea8c3be612ac1b3ee18dae469a4208388ca788b0
d2dec97fc0ea9d58d4426672070c3f09d5a714451fd2bacff2aef9258211aa35
GET /crab/startscreen/cash-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:51 GMT
content-type: image/webp
content-length: 28536
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=29855
content-disposition: inline; filename="cash-crab-logo.webp"
etag: "630f1da0-749f"
expires: Thu, 15 Dec 2022 17:30:43 GMT
last-modified: Wed, 31 Aug 2022 08:36:48 GMT
vary: Accept
cf-cache-status: HIT
age: 636044
accept-ranges: bytes
server: cloudflare
cf-ray: 77715a875d04b509-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
104.16.152.45200 OK 125 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 125 kB (124920 bytes)
Hash 6d37ce026529f6dbc461f0a9e779ed52
ee72985a64bfbbe9259d251148d3b6636cf7c948
370323d75ec8339ce5c5e7bdc8dce370701bb98adc28c180b176fca76a40afd3
GET /crab/backgrounds/start-screen-desktop__animals.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:51 GMT
content-type: image/webp
content-length: 124920
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=152171
content-disposition: inline; filename="start-screen-desktop__animals.webp"
etag: "623b0046-2526b"
expires: Thu, 24 Nov 2022 20:52:48 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
vary: Accept
cf-cache-status: HIT
age: 2081222
accept-ranges: bytes
server: cloudflare
cf-ray: 77715a877d28b509-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/promo-text.png
104.16.152.45200 OK 20 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/promo-text.png
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 31f9984a6ea4ab039d1ca2be44c40c51
fb0c9dd75d1362fa410877e485ec85c544516cfc
4ee9e1556bae45b29055f28591dc50d54943144a25377eb9ad73cc4b108ff9f6
GET /crab/startscreen/promo-text.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:51 GMT
content-type: image/webp
content-length: 20300
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=21490
content-disposition: inline; filename="promo-text.webp"
etag: "630f1d9d-53f2"
expires: Thu, 15 Dec 2022 18:28:48 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 636044
accept-ranges: bytes
server: cloudflare
cf-ray: 77715a878d2fb509-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
104.16.152.45200 OK 34 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash db1d31533283422abf8460024b0fa333
12951c08fcc92366278ce2a006f5f257ed9d6f02
b3894f9a38d87b7cb97a3c72744b34540e2d7d1dce7b65ca0e4281eae643f05d
GET /crab/startscreen/bonus-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:51 GMT
content-type: image/webp
content-length: 33602
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35463
content-disposition: inline; filename="bonus-crab-logo.webp"
etag: "630f1d9d-8a87"
expires: Thu, 15 Dec 2022 18:34:53 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 636044
accept-ranges: bytes
server: cloudflare
cf-ray: 77715a878d2bb509-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
104.16.152.45200 OK 150 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
IP 104.16.152.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1080, components 3\012- data
Size 150 kB (150149 bytes)
Hash 1292a0631ae7d8704f8ca13b149fb57c
c98f5a6566a16a6eac69cc24fa12dbe3eb6e9b8f
02c32655984641c0f36fde93be7d8bf9c83ab69211f8ebf5e0ae94c2c7ddca8a
GET /crab/backgrounds/start-screen-desktop__balls.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:51 GMT
content-type: image/jpeg
content-length: 150149
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "623b0048-24a85"
expires: Mon, 05 Dec 2022 04:41:07 GMT
last-modified: Wed, 23 Mar 2022 11:11:04 GMT
cf-cache-status: HIT
age: 802069
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77715a878d31b509-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
104.16.152.45200 OK 152 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
IP 104.16.152.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 152 kB (151608 bytes)
Hash dc8b0375858d38a5a251333a48e60709
1cbf60c6695c7fe37e90ec49c4ad50ff6fa744f7
60136a4825a2602ae8862ef79ac8d103bc069c507ea76a5699233e249fce82ea
GET /crab/backgrounds/start-screen-desktop__single_ball.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:51 GMT
content-type: image/jpeg
content-length: 151608
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origSize=154594, status=webp_bigger
etag: "623b0046-25be2"
expires: Mon, 05 Dec 2022 04:41:07 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
cf-cache-status: HIT
age: 548108
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77715a87ad4fb509-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4fed77d3b49f08b04115006374dc5214
b18de58d1c3a6795ab5a277cf9a5ab39783f182e
3840dcf10a13d169e253e87126d84e702cc74f1c7b03e074ab5e090dbae1db49
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3246
Cache-Control: max-age=96903
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:51 GMT
Etag: "639288c0-118"
Expires: Sun, 11 Dec 2022 01:54:54 GMT
Last-Modified: Fri, 09 Dec 2022 01:00:48 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
18.173.5.4200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 18.173.5.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 62106b168ab54fb8472f59ef6c264a5c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: wFPLItdwd_6W40OAV4tY4QtuvdkRgS2e4num7S8IR81sVT_ZufyAdQ==
age: 1417785
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=2122776951&_gaz=1&cid=1242282493.1670626790&ul=en-us&sr=1280x1024&_s=1&sid=1670626789&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_F6FE18C2FFDA441B9D035FABCD860272%26clickid%3Dw4puksk9269i2e2l2v43p880%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=2122776951&_gaz=1&cid=1242282493.1670626790&ul=en-us&sr=1280x1024&_s=1&sid=1670626789&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_F6FE18C2FFDA441B9D035FABCD860272%26clickid%3Dw4puksk9269i2e2l2v43p880%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=2122776951&_gaz=1&cid=1242282493.1670626790&ul=en-us&sr=1280x1024&_s=1&sid=1670626789&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_F6FE18C2FFDA441B9D035FABCD860272%26clickid%3Dw4puksk9269i2e2l2v43p880%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Fri, 09 Dec 2022 22:59:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8105b33e4e3af998e9d016e156205c22
dfa2f5cecd72be8ec63d5f833b82cd993a5ce8b9
4a682a72e5d599d48706927cbc0852df5ac36dbb57747681cc2ee91c719c7ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=1242282493.1670626790>m=2oebu0&aip=1
64.233.165.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=1242282493.1670626790>m=2oebu0&aip=1
IP 64.233.165.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK&cid=1242282493.1670626790>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Fri, 09 Dec 2022 22:59:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8105b33e4e3af998e9d016e156205c22
dfa2f5cecd72be8ec63d5f833b82cd993a5ce8b9
4a682a72e5d599d48706927cbc0852df5ac36dbb57747681cc2ee91c719c7ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.starfieldtech.com/
192.124.249.22200 OK 2.2 kB IP 192.124.249.22:0
Hash 5a1fd16f35ac901cc9684dae4a02589a
8d33ab6ac61d92f8eaa8721d29c3bbd404e597bd
3b1c402141e290ce08812172616c8f9dc51d04c52451cc92272fc5a8d556573b
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 22:59:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 20:09:47 GMT
Expires: Sat, 10 Dec 2022 20:09:47 GMT
ETag: "9e84a6e47e991dc54bbf753a98b5bf615b8744bc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
959f2f7d-da79-41ac-80d1-b6fdfc5a5762.seondnsresolve.com/
143.204.55.48200 OK 633 B URL HTTP/2 959f2f7d-da79-41ac-80d1-b6fdfc5a5762.seondnsresolve.com/
IP 143.204.55.48:0
File type JSON data\012- , ASCII text, with very long lines (633), with no line terminators
Hash ce749818a9f2cf805b11caf426b40dc2
f6e3628adf7fe4ef9f1fb82fe1dda3429463f7ae
54284be7adc6230c3c1e065c8de5458479682cf0933aa782b5b480288ed0b351
POST / HTTP/1.1
Host: 959f2f7d-da79-41ac-80d1-b6fdfc5a5762.seondnsresolve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 6181
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 633
date: Fri, 09 Dec 2022 22:59:51 GMT
x-amzn-requestid: 47c0c11e-57cb-4f71-879e-17b078e4ca0e
access-control-allow-origin: *
x-amz-apigw-id: c5qcQGXrjoEFhfg=
x-amzn-trace-id: Root=1-6393bde7-00860195672c73120e3a074e;Sampled=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UXTiP35Qc8ATA03PR2TU2C_pD3Jg29CCNrX1zYOQOBghzNB64-jTVA==
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.3200 OK 12 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.3:0
Hash 3e11ed14fe5face1d1c7ceed7b881041
537336350856c4cf52920a68094c8313d59d2563
101e5bf1a0c23f9a830e9fb37a37a41602b6f41a9170ddc298e18bc9186ac190
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 206389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/CHXiRz4wi-U
216.58.211.3200 OK 876 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CHXiRz4wi-U
IP 216.58.211.3:0
File type PNG image data, 448 x 27, 8-bit colormap, non-interlaced\012- data
Hash 580415c3c85beca71c72fa43020ea874
e8dfd3813162b2e6d68c18cff3d1407ad57ec4c5
d3002b62c0ea887516ee9b51fb50be6f4f5711ecbc05a794687a7d1598a4d4b1
POST /s/gts1p5/CHXiRz4wi-U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
54.236.68.122200 OK 19 B URL HTTP/1.1 logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
IP 54.236.68.122:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b5efa112ce475f8bf73086a68521ea2e
4c4e7a9e8feb3e4595b4baf2db4466df001afa61
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
POST /inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger HTTP/1.1
Host: logs-01.loggly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 329
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 22:59:51 GMT
Content-Type: text/html
Content-Length: 19
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:03 GMT
expires: Fri, 08 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 90709
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
Hash 9dbf74456f74379af9eae36027687ffc
53e080c430238de22e2cb15560de1f6617c8b029
0fc14c889b7cf536383e8a6ad7a56f8620c0c0de01b55755f99e5d03e7cb2b5e
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:40:43 GMT
expires: Fri, 08 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 109149
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
104.85.191.64200 OK 20 B URL HTTP/2 zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
IP 104.85.191.64:0
Hash 163be0a88c70ca629fd516dbaadad96a
c8830ccf3a863e489ca37f4da572bad0e05d077b
ac73670af3abed54ac6fb4695131f4099be9fbe39d6076c5d0264a6bbdae9d83
POST /Wazamba/dcs/tagController/tagData/6db8c7e6cdeb HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 44
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-origin: https://wazamba.com
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Fri, 09 Dec 2022 22:59:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 09 Dec 2022 22:59:52 GMT
content-length: 20
set-cookie: CxtId=6bdeac0e-755b-4608-844b-651205267bd0; Domain=.connextra.com; Expires=Sun, 08-Dec-2024 22:59:52 GMT; Path=/; Secure
Wazamba=P%7Clandingpage%7C1%7C202212092259; Domain=.connextra.com; Expires=Sat, 09-Dec-2023 22:59:52 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
23.38.200.207200 OK 1.5 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP 23.38.200.207:0
Hash 4b5a6161f3ed3caf5689739a3a8cdf23
fbf5f45c67c19b7a11a6793e64817ef790235c38
403d3a159a1ff342ad5138bf797bc3a2f483b2263b902790da104e16a712069a
GET /event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1493
Access-Control-Allow-Origin: *
Server: MT3 180 1fd3e2d master iad-pixel-x14 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 09 Dec 2022 22:59:51 GMT
Date: Fri, 09 Dec 2022 22:59:52 GMT
Connection: keep-alive
Set-Cookie: uuid=2f566393-bde8-4000-821e-fc2c97384fe1; domain=.mathtag.com; path=/; expires=Sat, 06-Jan-2024 22:59:52 GMT; SameSite=None; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 73a7602e4733c9bf6ab78aaf4d267c52
cc6498210fdeabe840a1d63d4fa954a8e0a055ec
5422df3bef8cc8cab0647d693ddcba122f73c7512d0924e9811c5c21ae3f36b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5460
Cache-Control: max-age=87610
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:53 GMT
Etag: "63925bcf-1d7"
Expires: Sat, 10 Dec 2022 23:20:03 GMT
Last-Modified: Thu, 08 Dec 2022 21:49:03 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
185.89.210.122200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP 185.89.210.122:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 09 Dec 2022 22:59:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: e6b0ca90-3360-45e4-9c73-574b685e2812
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/seg?add=31078906&t=2
185.89.210.122307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=31078906&t=2
IP 185.89.210.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=31078906&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 09 Dec 2022 22:59:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
AN-X-Request-Uuid: af1891bc-aee2-4af8-a6bd-e6018672beca
Set-Cookie: uuid2=5127297712783462566; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 09-Mar-2023 22:59:53 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
185.29.132.241302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP 185.29.132.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 09 Dec 2022 22:59:53 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 180 1fd3e2d master zrh-pixel-x29 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=adea6393-bdea-4900-abfa-a2801efdc72b; domain=.mathtag.com; path=/; expires=Sat, 06-Jan-2024 22:59:54 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/adea6393-bdea-4900-abfa-a2801efdc72b
Expires: Fri, 09 Dec 2022 22:59:52 GMT
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 2b12c162d1e963f2af2e705ae1986669
65627a07bc1b8516a69b3f030b15a4954a55d620
bb5e5bd886ca0a35e3574e09d7592344116ebb099f0d10105f45a8f48fba343c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 22:59:53 GMT
Last-Modified: Fri, 09 Dec 2022 21:14:33 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mDAsmbt0LdJjke_yRD-960FIV56o5wF2WhKGNszbkARW69a5wBBRyw==
Age: 6320
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 6ae18c059329ef75278055b4ec017da1
9dc25d3dbb5beeb8a9341546b21189170e33e589
d2a0954ebfd0000c9b65cc84c14c173ddb79d73a363fe73ac354930bc40dbcdb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101448
Date: Fri, 09 Dec 2022 22:59:53 GMT
Etag: "63929f31-1d7"
Expires: Sun, 11 Dec 2022 03:10:41 GMT
Last-Modified: Fri, 09 Dec 2022 02:36:33 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XdNv0w2AbfzxHOku51utGCaSkEAFpbbNkFrjDqg7W-sVfBBhWA5JkA==
Age: 2048
match.prod.bidr.io/cookie-sync/geniussports
52.213.165.172303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP 52.213.165.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 09 Dec 2022 22:59:53 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 09 Dec 2022 23:09:53 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
63.32.161.99303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
IP 63.32.161.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 09 Dec 2022 22:59:53 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 09 Dec 2022 23:09:53 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
pixel.mathtag.com/sync/iframe?mt_uuid=2f566393-bde8-4000-821e-fc2c97384fe1&no_iframe=1&mt_adid=256810&source=mathtag
23.38.200.207200 OK 713 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=2f566393-bde8-4000-821e-fc2c97384fe1&no_iframe=1&mt_adid=256810&source=mathtag
IP 23.38.200.207:0
File type HTML document text\012- HTML document, ASCII text
Hash f853f2ecf3f2d763c4057f4ff5c3e4e8
0f9ca6de16aa4261f1202443311462a81717dd85
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
GET /sync/iframe?mt_uuid=2f566393-bde8-4000-821e-fc2c97384fe1&no_iframe=1&mt_adid=256810&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 180 1fd3e2d master iad-pixel-x16 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 09 Dec 2022 22:59:52 GMT
Date: Fri, 09 Dec 2022 22:59:53 GMT
Connection: keep-alive
sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=Light
34.102.156.252200 OK 91 B URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=Light
IP 34.102.156.252:0
Hash 0aa16cb7cc4febd41a88d742b0bdc5dd
b72a5fedd97990f22bed2c39c22be474af2d5a50
889a6d8f402c8bae96b20a89d7113fc980be51bbccf83fbef46ef1bff463d733
GET /api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=Light HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 22:59:52 GMT
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
185.89.210.122200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
IP 185.89.210.122:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D31078906%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 09 Dec 2022 22:59:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 7692b38e-2a51-4ce7-9690-6b22e1b66de0
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?fvvVe+!]tbP6j2F-XstGt!@Dmp$rPE3; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 09-Mar-2023 22:59:53 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
52.213.165.172303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP 52.213.165.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 09 Dec 2022 22:59:53 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
63.32.161.99200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
IP 63.32.161.99:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 09 Dec 2022 22:59:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
zz.connextra.com/sync/data/uid/6c883bd680/adea6393-bdea-4900-abfa-a2801efdc72b
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/adea6393-bdea-4900-abfa-a2801efdc72b
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/6c883bd680/adea6393-bdea-4900-abfa-a2801efdc72b HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Fri, 09 Dec 2022 22:59:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 09 Dec 2022 22:59:53 GMT
content-length: 64
set-cookie: CxtId=d45d34d7-cd23-4f3a-9527-c5bcb2f2ac5b; Domain=.connextra.com; Expires=Sat, 09-Dec-2023 22:59:53 GMT; Path=/; Secure
ex_uuid=6c883bd680%2Cadea6393-bdea-4900-abfa-a2801efdc72b; Domain=.connextra.com; Expires=Sat, 09-Dec-2023 22:59:53 GMT; Path=/; Secure
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 35cf854d2d432c960a27bf1fb3c1acc7
0776661a6a8ca17950cc37b5a8002d46a9230f4d
4efbe4fa402bee0baa8c91dbd341545126758e9ad2edc7f64da5c47f02207833
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151840
Date: Fri, 09 Dec 2022 22:59:53 GMT
Etag: "6393535d-1d7"
Expires: Sun, 11 Dec 2022 17:10:33 GMT
Last-Modified: Fri, 09 Dec 2022 15:25:17 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2-yj9o4S53nFF9g0b4_r15AiLehJuH5Bcjt_ZeRHNEfb0G6SMbMGKQ==
Age: 6316
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 5fa0ed8ba6909a6884c799bf7547c9fd
922231aa4a727ba5633bce0b2db3783af738e9fb
fdb838933041830a1d6a5a952bd7d8ba744f89ca3741c79aa2b8cdee81d5d32b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 22:59:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 21:59:17 GMT
Expires: Sat, 10 Dec 2022 21:59:17 GMT
ETag: "922231aa4a727ba5633bce0b2db3783af738e9fb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 5fa0ed8ba6909a6884c799bf7547c9fd
922231aa4a727ba5633bce0b2db3783af738e9fb
fdb838933041830a1d6a5a952bd7d8ba744f89ca3741c79aa2b8cdee81d5d32b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 22:59:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 21:59:17 GMT
Expires: Sat, 10 Dec 2022 21:59:17 GMT
ETag: "922231aa4a727ba5633bce0b2db3783af738e9fb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 5fa0ed8ba6909a6884c799bf7547c9fd
922231aa4a727ba5633bce0b2db3783af738e9fb
fdb838933041830a1d6a5a952bd7d8ba744f89ca3741c79aa2b8cdee81d5d32b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 22:59:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 21:59:17 GMT
Expires: Sat, 10 Dec 2022 21:59:17 GMT
ETag: "922231aa4a727ba5633bce0b2db3783af738e9fb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 5fa0ed8ba6909a6884c799bf7547c9fd
922231aa4a727ba5633bce0b2db3783af738e9fb
fdb838933041830a1d6a5a952bd7d8ba744f89ca3741c79aa2b8cdee81d5d32b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 22:59:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 21:59:17 GMT
Expires: Sat, 10 Dec 2022 21:59:17 GMT
ETag: "922231aa4a727ba5633bce0b2db3783af738e9fb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 5fa0ed8ba6909a6884c799bf7547c9fd
922231aa4a727ba5633bce0b2db3783af738e9fb
fdb838933041830a1d6a5a952bd7d8ba744f89ca3741c79aa2b8cdee81d5d32b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 22:59:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 21:59:17 GMT
Expires: Sat, 10 Dec 2022 21:59:17 GMT
ETag: "922231aa4a727ba5633bce0b2db3783af738e9fb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
5.79.108.106204 No Content 0 B URL HTTP/1.1 sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
IP 5.79.108.106:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetAuth/SignIn HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 204 No Content
Server: nginx/1.21.0
Date: Fri, 09 Dec 2022 22:59:54 GMT
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 14400
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
5.79.108.106204 No Content 0 B URL HTTP/1.1 sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
IP 5.79.108.106:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetAuth/GetSystemParameters HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 204 No Content
Server: nginx/1.21.0
Date: Fri, 09 Dec 2022 22:59:54 GMT
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 14400
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
5.79.108.107204 No Content 0 B URL HTTP/1.1 sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
IP 5.79.108.107:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetBonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 204 No Content
Server: nginx/1.21.0
Date: Fri, 09 Dec 2022 22:59:54 GMT
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 14400
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
5.79.108.106200 OK 72 B URL HTTP/1.1 sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
IP 5.79.108.106:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 390406eff768f9cbbffd928bb5cafdb7
618a24b27a6620e8499ac5942ac55e6cfd7fb593
56e2df3addeca698a846301e56be8dda12116c795db1f03ef6242b849be12f43
POST /api/WidgetAuth/SignIn HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 99
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.0
Date: Fri, 09 Dec 2022 22:59:54 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 72
Connection: keep-alive
Access-Control-Allow-Origin: *
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
5.79.108.106200 OK 293 B URL HTTP/1.1 sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
IP 5.79.108.106:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 357561576c24eb45e5dbf09d62aaf58d
e3b747d78d599f185ff62132f0b26c15e2226213
2143191ebabc915818c475f334ab894b88c2bb93248b1d65a84a3c2ae0763e79
POST /api/WidgetAuth/GetSystemParameters HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 77
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.0
Date: Fri, 09 Dec 2022 22:59:54 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 293
Connection: keep-alive
Access-Control-Allow-Origin: *
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
5.79.108.107200 OK 168 B URL HTTP/1.1 sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
IP 5.79.108.107:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 4bb0d8e93664d62c57f559f97ceae40a
590fbdb8542ffc1771c62e09c8b8aaf4b2fc03ff
52b5a77257d63de4bf03810962dda90f839a54b0bc4ce03103e35bd1a60fc151
POST /api/WidgetBonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 77
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.0
Date: Fri, 09 Dec 2022 22:59:54 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 168
Connection: keep-alive
Access-Control-Allow-Origin: *
X-Forwarded-Proto: https
Strict-Transport-Security: max-age=15552000
zz.connextra.com/sync/data/uid/508a5e2dd5/
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/508a5e2dd5/
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
expires: Fri, 09 Dec 2022 22:59:54 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 09 Dec 2022 22:59:54 GMT
content-length: 64
set-cookie: CxtId=082f8ad2-6978-4690-8f90-9bb9d6b7ad4a; Domain=.connextra.com; Expires=Sat, 09-Dec-2023 22:59:54 GMT; Path=/; Secure
X-Firefox-Spdy: h2
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
23.38.200.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 23.38.200.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 180 1fd3e2d master iad-pixel-x7 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 09 Dec 2022 22:59:53 GMT
Date: Fri, 09 Dec 2022 22:59:54 GMT
Connection: keep-alive
Set-Cookie: uuid=58bc6393-bdea-4100-ab90-c0459e7c79c7; domain=.mathtag.com; path=/; expires=Sat, 06-Jan-2024 22:59:54 GMT; SameSite=None; Secure
sb2frontend-altenar2.biahosted.com/api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
34.102.156.252200 OK 867 B URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
IP 34.102.156.252:0
File type JSON data\012- , ASCII text, with very long lines (1741), with no line terminators
Hash 3b2b5b1e9bfb76ca1047a0223dfd61a2
dbb0ed92ebc03c9ca1a9dc2703dc0ca4bfa26cf3
19154a27cfeaf1448a4c5a79edc94c2cdc3b8b1b556d840cd7ea94e19c10ab82
GET /api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 22:59:54 GMT
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:13 GMT
expires: Sat, 09 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 34002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8890f5e036857bbaa9d91d6ad9ed9ae1
d98d2caf3a93903e4562c52d162d2679a2b1f5e1
2c13f2209d35c0049748e32cd8833ae51bd65cdbf5aea7c8e7488403fa95daa8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:59:55 GMT
Etag: "6392c95f-117"
Server: ECS (amb/6BBA)
Content-Length: 279
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/3f2e471b05c4b88ed0424b2e7ed65ea9-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
54.230.111.75200 OK 49 kB URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/3f2e471b05c4b88ed0424b2e7ed65ea9-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
IP 54.230.111.75:0
Hash 6453726e4fe51fe7e9bb995fe2eaa3e7
0bafab33bbe62727e401b519f77a1d7062ab9c98
ac06dbad8f5b88edfc3a9f949c795ac1f06da34affd7a97d886e0bbd14670d4c
GET /sealassets/3f2e471b05c4b88ed0424b2e7ed65ea9-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 46382
date: Fri, 09 Dec 2022 22:58:57 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 777159355c8a994a-FRA
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8A7Wq6L51Kb1jR6xTppdv_ICWfsWmLxlxsOCTTmfQv_Uuca302OmfQ==
age: 58
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
54.230.111.75200 OK 68 B URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP 54.230.111.75:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Sat, 12 Nov 2022 13:28:27 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Im92khT7BNg5iy8BkijXmPbjn3einM61SWw5wzvG_htHxU7zhKro7g==
age: 2367089
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
54.230.111.75200 OK 1.3 kB URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
IP 54.230.111.75:0
Hash fb0f46fdb07e0066e5ae96773a8c6df8
3945d8047c3457b44dd656044bcb427e29d4b3b0
dd28d00ce3b6484c20ea7b37f887c2b5ce9659c7b815c7479705a1c31debe778
GET /apg-seal.js HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Fri, 09 Dec 2022 22:58:56 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c6f-JJsUmYx5HH/Q0nIIu9G89JBCSzc"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7771593199af9969-FRA
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: So1Zx1P-3rP0iBTm6erZAJWka9o72u-ZrHo6i9C1BF9Pi2nLN-aOfg==
age: 59
X-Firefox-Spdy: h2
wazamba.com/socket/?lang=no&EIO=3&transport=websocket&sid=0ujHH6PUss-_kWKfAKAV
45.8.107.169101 Switching Protocols 21 kB URL HTTP/1.1 wazamba.com/socket/?lang=no&EIO=3&transport=websocket&sid=0ujHH6PUss-_kWKfAKAV
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
Hash 336f325bdfb947040e281ac03fff1d9c
c5f4e703f913fbd4a2e37fa3d4b0ec8431015a1e
2225f73d85e61bcc1cb4e7fb8cbb2c3579bf728253a812e21735c45f488a4bf2
GET /socket/?lang=no&EIO=3&transport=websocket&sid=0ujHH6PUss-_kWKfAKAV HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wazamba.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6bnECDpOOKx+FIeNeytyVw==
Connection: keep-alive, Upgrade
Cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; data=1e28c5f748ce0eead7d03b9b58b1e370; _ga_F5V35L3FQK=GS1.1.1670626789.1.0.1670626790.59.0.0; _ga=GA1.2.1242282493.1670626790; _gid=GA1.2.1303558736.1670626790; _gat_UA-131568742-1=1; _hjSessionUser_2021928=eyJpZCI6ImNkZTY1MDAxLTJlYWQtNTIxMi1iNmYwLTlkMDg2YjAzN2FlZiIsImNyZWF0ZWQiOjE2NzA2MjY3OTAzNjYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2021928=eyJpZCI6ImM2YjI5NDdhLTVkMDctNGNkMC04ZmUxLTdkNmE4NWZhZDdiZCIsImNyZWF0ZWQiOjE2NzA2MjY3OTI1NTEsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; io=0ujHH6PUss-_kWKfAKAV
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 09 Dec 2022 22:59:55 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i/aSsTMSW8mI70X2ME/zWXHfsxg=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77715aa19bd21bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wazamba.com/socket/?lang=no&EIO=3&transport=polling&t=OJv7Tpr&sid=0ujHH6PUss-_kWKfAKAV
45.8.107.169200 OK 3 B URL HTTP/2 wazamba.com/socket/?lang=no&EIO=3&transport=polling&t=OJv7Tpr&sid=0ujHH6PUss-_kWKfAKAV
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with no line terminators
Hash 9b9065b3ba2c3c87f1e30fdf998d791e
cc471c1ac39e9f79d65111b47de18d7bf187f1ed
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
GET /socket/?lang=no&EIO=3&transport=polling&t=OJv7Tpr&sid=0ujHH6PUss-_kWKfAKAV HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
Connection: keep-alive
Cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; data=1e28c5f748ce0eead7d03b9b58b1e370; _ga_F5V35L3FQK=GS1.1.1670626789.1.0.1670626790.59.0.0; _ga=GA1.2.1242282493.1670626790; _gid=GA1.2.1303558736.1670626790; _gat_UA-131568742-1=1; _hjSessionUser_2021928=eyJpZCI6ImNkZTY1MDAxLTJlYWQtNTIxMi1iNmYwLTlkMDg2YjAzN2FlZiIsImNyZWF0ZWQiOjE2NzA2MjY3OTAzNjYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2021928=eyJpZCI6ImM2YjI5NDdhLTVkMDctNGNkMC04ZmUxLTdkNmE4NWZhZDdiZCIsImNyZWF0ZWQiOjE2NzA2MjY3OTI1NTEsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; io=0ujHH6PUss-_kWKfAKAV
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:56 GMT
content-type: text/plain; charset=UTF-8
content-length: 3
access-control-allow-origin: *
set-cookie: io=0ujHH6PUss-_kWKfAKAV; Path=/; HttpOnly
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77715aa1ca1ab518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/web-widget-framework-1093f9028f4cca987b45.js
104.18.72.113200 OK 50 kB URL HTTP/2 static.zdassets.com/web_widget/latest/web-widget-framework-1093f9028f4cca987b45.js
IP 104.18.72.113:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 901932fae912637d2da025ae82a69173
7adf66fd50b4f95b263a895d6a045b4a5e22b617
45c39ebde015824e02c1427922559a2a62a0cb387615601f4ecc3e55023a2ab8
GET /web_widget/latest/web-widget-framework-1093f9028f4cca987b45.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:55 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: kQxEq3PPgdlY1izeEv6n0+5L58b/ITSlUdeAgxFrQDahT14Bhsm7+xNrXVPTPIUhwHGl5xrsJd0=
x-amz-request-id: RCXM3W9R7Q7QX0Y1
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:08:34 GMT
etag: W/"846098504af683a844d3f70b804bf01b"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 02:08:32 GMT
x-amz-version-id: cgk7b96mG7gQJ0zeZheRUETOiRKsbvR5
cf-cache-status: HIT
age: 237254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nk8FPJ2E6dEBkAvBaGmL4MWhDmaZmUoGi9AHp%2BsIt4KLDuV4gn%2BHP2c7x0phhXPr8CtA%2B8Y%2By0yETZlCsaRkyc59ne%2BW1Qz%2B8Yyu4L3loEw3BTyLrqayqBv99jRrHnLTi%2FUUwPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77715a9e1ac50afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e385bf1729eaf45d4bea1bea71a3818f
5759fec356f348c0d0f32ca8c58b5e0c73a128ce
649067ad176cee52c17aea6c7e5c4522a30c9c5e9707ae3902c2511f630aa3f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155345
Date: Fri, 09 Dec 2022 22:59:56 GMT
Etag: "63936e17-1d7"
Expires: Sun, 11 Dec 2022 18:09:01 GMT
Last-Modified: Fri, 09 Dec 2022 17:19:19 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GKCUNdRWig-e58bA4_uq1rbFCkAVfBjYnvWYmmrXCRRXu0NrK48HjA==
Age: 2982
wazamba.zendesk.com/embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjQwOTEsImNvbmZpZ0xvYWRUaW1lIjozMzd9LCJidWlkIjoiNjU4ZmQ4ZTI4NWNkNDllOWExNWFkY2MyMWIwNzljMGQiLCJzdWlkIjoiYTZmOTcwMWZhMmE5NGY5YWJjODVmYjVlMjk4OWU3MDciLCJ2ZXJzaW9uIjoiNDIxMjgwOCIsInRpbWVzdGFtcCI6IjIwMjItMTItMDlUMjI6NTk6NTUuMjg5WiIsInVybCI6Imh0dHBzOi8vd2F6YW1iYS5jb20vbm8vP2J0YWc9NjU4OTE1X0Y2RkUxOEMyRkZEQTQ0MUI5RDAzNUZBQkNEODYwMjcyJmNsaWNraWQ9dzRwdWtzazkyNjlpMmUybDJ2NDNwODgwJk1TSUQ9MjA1Mjc3MCZCSUQ9NTM5NiJ9
104.16.51.111200 OK 886 B URL HTTP/2 wazamba.zendesk.com/embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjQwOTEsImNvbmZpZ0xvYWRUaW1lIjozMzd9LCJidWlkIjoiNjU4ZmQ4ZTI4NWNkNDllOWExNWFkY2MyMWIwNzljMGQiLCJzdWlkIjoiYTZmOTcwMWZhMmE5NGY5YWJjODVmYjVlMjk4OWU3MDciLCJ2ZXJzaW9uIjoiNDIxMjgwOCIsInRpbWVzdGFtcCI6IjIwMjItMTItMDlUMjI6NTk6NTUuMjg5WiIsInVybCI6Imh0dHBzOi8vd2F6YW1iYS5jb20vbm8vP2J0YWc9NjU4OTE1X0Y2RkUxOEMyRkZEQTQ0MUI5RDAzNUZBQkNEODYwMjcyJmNsaWNraWQ9dzRwdWtzazkyNjlpMmUybDJ2NDNwODgwJk1TSUQ9MjA1Mjc3MCZCSUQ9NTM5NiJ9
IP 104.16.51.111:0
File type gzip compressed data, max compression\012- data
Hash 1e7e371ce5b1fd3f1d8e8a563fd27c8b
dda763cd516879d55a36e6bbc1fed98cddb2d93a
e30ca87a06b98956122607a535bae511c32393348266bbfb67ca441dbd85b60d
GET /embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjQwOTEsImNvbmZpZ0xvYWRUaW1lIjozMzd9LCJidWlkIjoiNjU4ZmQ4ZTI4NWNkNDllOWExNWFkY2MyMWIwNzljMGQiLCJzdWlkIjoiYTZmOTcwMWZhMmE5NGY5YWJjODVmYjVlMjk4OWU3MDciLCJ2ZXJzaW9uIjoiNDIxMjgwOCIsInRpbWVzdGFtcCI6IjIwMjItMTItMDlUMjI6NTk6NTUuMjg5WiIsInVybCI6Imh0dHBzOi8vd2F6YW1iYS5jb20vbm8vP2J0YWc9NjU4OTE1X0Y2RkUxOEMyRkZEQTQ0MUI5RDAzNUZBQkNEODYwMjcyJmNsaWNraWQ9dzRwdWtzazkyNjlpMmUybDJ2NDNwODgwJk1TSUQ9MjA1Mjc3MCZCSUQ9NTM5NiJ9 HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:56 GMT
content-length: 0
access-control-allow-origin: *
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
x-request-id: 77715aa5ec5cb506-ARN
last-modified: Fri, 09 Dec 2022 22:59:56 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xkXCQiIvf2SpRPoJTR7BkXlQRT7kpRuyykrk9jxcbmFixEl%2FspHwW3M%2FIMDecv%2F4VFwwRVT2zitYoaNCLfRPbpaJhp3hETS%2Bl0w8id9%2BFZQqWcR3Cq56mXGZwvLUMeZLPxehBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=7564c89a42d08ad6e66693adb04e0ad72869ec4e-1670626796; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 77715aa5ec5cb506-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-4212808.js
104.18.72.113200 OK 5.4 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-4212808.js
IP 104.18.72.113:0
File type Unicode text, UTF-8 text, with very long lines (25705), with no line terminators
Hash 123df2a4049db37c85b8f4005cf902cb
bd652f0c1d39bd5e5aa87992727935d9910fcfd4
b1be2f1021130425b474dde416b33455fcaae6dc000e5cceb7625df7ca3447d4
GET /web_widget/latest/classic/web-widget-locales/classic/en-us-json-4212808.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:56 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Q/xF2UzGqc9jo4F1Fh/RK3GZnneyF6xSguGwMJyR/dGmXed0JSC0cSnG3PkrFdmChFZbCO2YkP0=
x-amz-request-id: HVFBF36VBSQ1QMP2
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:11:17 GMT
etag: W/"10d9a30eac6ed106c66673278428cd9d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 02:11:16 GMT
x-amz-version-id: 2Of2J_0BW4gHfLo4FaFs3fNXjdJu8Wkt
cf-cache-status: HIT
age: 237248
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejZwdbItQMRvR8hg9E3gtX3l%2BprKZiDp3Mzsh36Ecp9rgM2%2B%2FVm8Yrw%2BlXLpqaddzR2YOVy9iDWfeOPyjLvH2K4HvskEhNYRzwH3etWt2FnHPsfr%2BHIeJftS7tJAPPQZM87xD2c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77715aa4d8c20afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget-mediator.zopim.com/s/W/ws/zvBUikWdhTdXUGeE/c/1670626795412
18.194.216.163101 Switching Protocols 0 B URL HTTP/1.1 widget-mediator.zopim.com/s/W/ws/zvBUikWdhTdXUGeE/c/1670626795412
IP 18.194.216.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/zvBUikWdhTdXUGeE/c/1670626795412 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wazamba.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7wVjZVpFOhEIXuHHlOsBeg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 09 Dec 2022 22:59:56 GMT
Connection: upgrade
Set-Cookie: AWSALB=HWHZIablfGBA6B/8JCaQMm4ygVdnMDeZYYlfvqfLhSRr+poLExmiQ6KkP0tMAtdqHZ6VaE0ONEprqVfnmrUYPO7iizyBR5xamuXMUnAt0j3TXLu12JkIQAtcPWAq; Expires=Fri, 16 Dec 2022 22:59:56 GMT; Path=/
AWSALBCORS=HWHZIablfGBA6B/8JCaQMm4ygVdnMDeZYYlfvqfLhSRr+poLExmiQ6KkP0tMAtdqHZ6VaE0ONEprqVfnmrUYPO7iizyBR5xamuXMUnAt0j3TXLu12JkIQAtcPWAq; Expires=Fri, 16 Dec 2022 22:59:56 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: M9TZoaf0NVppp/+ZExSc/7SYYt0=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9f369c6-4ce5-4eaa-9070-5c8609b145d1.png
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9f369c6-4ce5-4eaa-9070-5c8609b145d1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f812f19fa34380de62bc57a879fa24f
102e8572c0ec9be444a976a6ac79e7d389651c46
07a0114317594dff40692d964fdeca4cf22e4324546866042c8712577346d107
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9f369c6-4ce5-4eaa-9070-5c8609b145d1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3924
x-amzn-requestid: b211e655-f36c-44c1-b316-5bdeea6b0921
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMHG4ZoAMFSHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4d-75cd56ea0479970e3be4275e;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DB4kdpnob3tyFg5JwkA3zxfZzZUpHhOir1ltQklWOR2YjAZRfg43MQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:45:27 GMT
age: 4470
etag: "102e8572c0ec9be444a976a6ac79e7d389651c46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
34.102.156.252200 OK 0 B URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
IP 34.102.156.252:0
GET /api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 22:59:54 GMT
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-classic-4212808.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-classic-4212808.js
IP 104.18.72.113:0
GET /web_widget/latest/classic/web-widget-classic-4212808.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:55 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 8fgeJmvzV9g3aEYPep2pW+u7LQtzvCeT43XJN95yzCbh3pkHrD6nfzmX4QFJNjQwZzobKuNdGHc=
x-amz-request-id: MJA1GD7PX5YDFTXQ
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:11:15 GMT
etag: W/"b7d94d855c96dca34cd270640fe85359"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 02:11:14 GMT
x-amz-version-id: 2mvSx0Vz1zz6nZ5il_Trrwv7JRXSTPvm
cf-cache-status: HIT
age: 237254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Io0%2BsHyVg0cGSaAerfnmNr05D46wIdhTZXq53q%2Fh%2FmAOSrDJ9LLV6Psrr%2Fcg6pfGXmicwXJnNzjqNCnSvM66Bj%2Fi33UGDpj0seJCTKckpRjY2P%2FISKnTWNNmjZhpiRwHylRKFa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77715aa24e2c0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-5324-4212808.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-5324-4212808.js
IP 104.18.72.113:0
GET /web_widget/latest/classic/web-widget-5324-4212808.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:56 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Yxda4rTUCK5tfUyHyqBrXl257NQYXNZX0o/5hjTgkHcFvlCjEtPPHE7dT2+JFS4xsC6oiGlfbzw=
x-amz-request-id: MJA49NTZ2SWD6TVJ
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:11:15 GMT
etag: W/"e1a5eb43c758a5aa0a97b3533d076fe4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 02:11:14 GMT
x-amz-version-id: uC88k1onX06vCw4ldk2U9IU3BlwUL_5l
cf-cache-status: HIT
age: 237255
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeddrIC8Md6iRs3aadPhSJlr5E%2BLjrjgIeOI863%2BRN3enVIOQn5kBhkK%2FlgDMc9JN6UdjWYcKE15EqYZR9EPqwaVwJqeksBpMBZCdf%2Fa23m1UxFHC4pztqJqGXXypCXhEZJHLRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77715aa30efd0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2021928/visit-data?sv=6
99.80.16.123200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2021928/visit-data?sv=6
IP 99.80.16.123:0
POST /api/v2/client/sites/2021928/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 150
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:53 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
wazamba.com/christmas-promo/styles.css?t=1670251586870
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/christmas-promo/styles.css?t=1670251586870
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /christmas-promo/styles.css?t=1670251586870 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:50 GMT
content-type: text/css
cf-ray: 77715a7d6e2c0b55-OSL
access-control-allow-origin: *
age: 108
etag: W/"638efcab-a384"
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=41860
cf-revalidated: Fri Dec 09 2022 22:58:02 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670626742541
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2021928.js?sv=6
143.204.55.37200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2021928.js?sv=6
IP 143.204.55.37:0
GET /c/hotjar-2021928.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 09 Dec 2022 22:59:01 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/a14e22b9ecb44f18e1fec67e0abb381d
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 424klwl59wA_HVHHyxKJj062i-VTNqe3bRSVzzSViHRykNJh3eXmsg==
age: 50
X-Firefox-Spdy: h2
ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
104.18.70.113200 OK 0 B URL HTTP/2 ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
IP 104.18.70.113:0
GET /compose/36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:54 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
etag: W/"b34e45487cc8e0891a1072c5f63a0273"
x-request-id: 775affed3d990a24-YYZ, 775affed3d990a24-YYZ
x-runtime: 0.002071
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOGwzugPsiUnrmfWHhLiKM%2FbsmOrEyh%2Bm%2BO8cxNmd6HofEeGrvPLjvvIGB4accQWQuZLN0iYllBXu7iE%2BNLO9fapyAz5tYFBwMJ9qiwXBCAeScswMoab3yxVTG%2BhTOsIK8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77715a945bcbb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
IP 142.250.74.74:0
GET /css2?family=Montserrat:wght@500;600;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 22:59:50 GMT
date: Fri, 09 Dec 2022 22:59:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-8165-4212808.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-8165-4212808.js
IP 104.18.72.113:0
GET /web_widget/latest/classic/web-widget-8165-4212808.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:56 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: qetaW30z8PDoz51vrFZTdIrI8eI5VmK/cAmsNTgKeGpBmGRv4ygt5107GJGLcZIOShTAnjV+jsM=
x-amz-request-id: MJA95499P2DANQB9
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:11:15 GMT
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 02:11:14 GMT
x-amz-version-id: VqNkD3Z7Y3yN06zeOVNHtMoSr7PkASZj
cf-cache-status: HIT
age: 237255
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGBbCqyDxvEKB7fIuVE%2BNBIWL8ICNrn%2FukS6%2FZkvFLKsMmJrV%2FQdud9WDobnwuxD9bbO1RCEKfe%2ByDtx5uTXpSkyb0t1Qwb9QFwJHqMy5eiT85%2BQvmigNx74GRuuhMIE5LH4M1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77715aa30efb0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
wazamba.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:49 GMT
content-type: text/html
cf-ray: 77715a7ccd9f0b55-OSL
age: 172
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-revalidated: Fri Dec 09 2022 22:56:57 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670626677357
content-security-policy: frame-ancestors 'self' wazamba.com m.wazamba.com
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.com/index.css?t=1670251586870
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/index.css?t=1670251586870
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /index.css?t=1670251586870 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:50 GMT
content-type: text/css
cf-ray: 77715a7d6e240b55-OSL
access-control-allow-origin: *
age: 108
etag: W/"638efcab-9ffdc"
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-revalidated: Fri Dec 09 2022 22:58:02 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670626742529
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
IP 142.250.74.74:0
GET /css2?family=Jost:wght@800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 22:59:50 GMT
date: Fri, 09 Dec 2022 22:59:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
IP 104.18.72.113:0
GET /ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:51 GMT
content-type: application/javascript
x-amz-id-2: 2vczt6VEQAujZh2Sn1saK7Q0yPHQMRKRQuuC+kOwLnJ40itjD1HXfy2Id85tVz8wD4O1ArN10VQ=
x-amz-request-id: 4MARQ9YY8PDZ70A8
x-amz-replication-status: PENDING
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 60
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQHTQBbqUO4u0uMx%2FKrfRnjl0J9vm1OiPJD6ZvaHGCqc2FXMx%2BYPTNN9mtT7%2Fi3ifdthHOuorGigczpmFIpMJspEB6fR0ia8JXGrvVVczEXOAwLzql9PssjrvpVB%2FEAmf9u%2BkJY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 77715a8818410afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1
34.102.156.252200 OK 0 B URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1
IP 34.102.156.252:0
GET /api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 22:59:53 GMT
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
wazamba.com/preloader.css?t=1670251586870
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/preloader.css?t=1670251586870
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /preloader.css?t=1670251586870 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:50 GMT
content-type: text/css
cf-ray: 77715a7d6e220b55-OSL
access-control-allow-origin: *
age: 108
etag: W/"638efcab-604"
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=1540
cf-revalidated: Fri Dec 09 2022 22:58:02 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670626742521
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.com/funid-index.css?t=1670251586870
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/funid-index.css?t=1670251586870
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /funid-index.css?t=1670251586870 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/?btag=658915_F6FE18C2FFDA441B9D035FABCD860272&clickid=w4puksk9269i2e2l2v43p880&MSID=2052770&BID=5396
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:59:50 GMT
content-type: text/css
cf-ray: 77715a7d6e280b55-OSL
access-control-allow-origin: *
age: 108
etag: W/"638efcab-24dd"
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=9437
cf-revalidated: Fri Dec 09 2022 22:58:02 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670626742518
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2