mobile1.fun/om/bx/ooredoochest/
302 Found 0 B URL HTTP/1.1 mobile1.fun/om/bx/ooredoochest/
IP
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /om/bx/ooredoochest/ HTTP/1.1
Host: mobile1.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 30 Dec 2022 14:14:33 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //ak.lanopoon.net/4/5087048?var=ag_error
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d3098a490e8d38d4150d961624aa7b64
6ecbca59302d0ac5436f1723137d42523f629ea1
158e277ba0220577b59b15e4017b6c27f59295bcd7e5d0e52d027dc7c4309f0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "158E277BA0220577B59B15E4017B6C27F59295BCD7E5D0E52D027DC7C4309F0B"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20384
Expires: Fri, 30 Dec 2022 19:54:17 GMT
Date: Fri, 30 Dec 2022 14:14:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0e93d32de9bcebd3483b40a8fed30718
7e1fe5db1f08b75a079780717e4f18ad76767212
4f0aaacfefd27c89225a1a0d2fbe778ec4f3369b5e4e1599255bf12866196cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F0AAACFEFD27C89225A1A0D2FBE778EC4F3369B5E4E1599255BF12866196CD4"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17443
Expires: Fri, 30 Dec 2022 19:05:16 GMT
Date: Fri, 30 Dec 2022 14:14:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 30 Dec 2022 13:35:33 GMT
content-type: application/json
age: 2340
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 428881081ad357fb55af33ebf9d12c16
29b7be72f76da07db4a03fb1bc57ffe16d520a22
9adff7f91b147b0d93166bc4ece0dd31fd19fd8b2c269a6a596a1e902f49a1fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ADFF7F91B147B0D93166BC4ECE0DD31FD19FD8B2C269A6A596A1E902F49A1FE"
Last-Modified: Wed, 28 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11997
Expires: Fri, 30 Dec 2022 17:34:30 GMT
Date: Fri, 30 Dec 2022 14:14:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MEajrCkA2Bw+1IHSsX5+I5978G/wIkfIuu2zbzf+LKkIf4+0blcPGoN3zC+WMbImCbjMVzIJuO8=
x-amz-request-id: CK8KB5PWKS22WXZA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 30 Dec 2022 13:57:02 GMT
age: 1051
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Dec 2022 14:14:33 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ak.lanopoon.net/4/5087048?var=ag_error
200 OK 927 B URL HTTP/1.1 ak.lanopoon.net/4/5087048?var=ag_error
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (481)
Hash 2b2e834b62ae349cb641618db0016f14
078b11c0444543de20da7008dcf1051e87a75895
8be0532453d928f251ea81962c80e3f4bd7721569f7c3b60eeffdb43baa2ce20
GET /4/5087048?var=ag_error HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
X-Trace-Id: 31d17674b3c5dcfe1413dc90487acd50
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
Expires: Fri, 30 Dec 2022 14:14:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 30 Dec 2022 14:14:33 GMT
Content-Length: 927
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: OAID=804648d2197b493ebd4d9319e2d590a9; expires=Sat, 30 Dec 2023 14:14:33 GMT; path=/
oaidts=1672409673; expires=Sat, 30 Dec 2023 14:14:33 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.000825&visitor_id=632694629363618126&rdk=rk1
302 Found 0 B URL HTTP/2 voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.000825&visitor_id=632694629363618126&rdk=rk1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.000825&visitor_id=632694629363618126&rdk=rk1 HTTP/1.1
Host: voices-kerence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 30 Dec 2022 14:14:33 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://wzb-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=w6v2n3qjnr7pquhl2cf6sr4g
pragma: no-cache
set-cookie: e156c3f3-11b0-4914-affc-c6259ac63ded-v4=E8cCIH6-jhx19NU8aBfG0_FFbKKQqNklDIDHyfaQwAA; Max-Age=86400; Expires=Sat, 31-Dec-2022 14:14:33 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=cqwNnyKVfdgWorNyClj42Z2WfPm1aG0mDaTNSzH3dqQ1XchNL3YurBUcORr6z6alQAYJUN0Nn9CUqPZu7FntrQpgpbhfhGt94fOsA2G9oHPR%2BgniNmrHLJwxWDkE77rH%2B2do%2FpkbcIU7C6R7PC2ubA%3D%3D; Max-Age=31536000; Expires=Sat, 30-Dec-2023 14:14:33 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ea77e8061f4e5eb041d7ba81a93ab1ce
07a57d2a4c725b5508a7dcf65501fb5a8ea8f395
264f9e839d07b7c6ff5402252ea5421e5f13c53efc3903165a24c050332c5382
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "264F9E839D07B7C6FF5402252EA5421E5F13C53EFC3903165A24C050332C5382"
Last-Modified: Fri, 30 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7239
Expires: Fri, 30 Dec 2022 16:15:12 GMT
Date: Fri, 30 Dec 2022 14:14:33 GMT
Connection: keep-alive
my.rtmark.net/img.gif?f=merge&userId=804648d2197b493ebd4d9319e2d590a9
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=804648d2197b493ebd4d9319e2d590a9
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=804648d2197b493ebd4d9319e2d590a9 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 30 Dec 2022 14:14:33 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=804648d2197b493ebd4d9319e2d590a9; expires=Sat, 30 Dec 2023 14:14:33 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ak.lanopoon.net/favicon.ico
204 No Content 0 B URL HTTP/1.1 ak.lanopoon.net/favicon.ico
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=804648d2197b493ebd4d9319e2d590a9; oaidts=1672409673
HTTP/1.1 204 No Content
Pragma: public
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=2591964
Date: Fri, 30 Dec 2022 14:14:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 30 Dec 2022 14:08:08 GMT
age: 386
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
wzb-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=w6v2n3qjnr7pquhl2cf6sr4g
307 Temporary Redirect 0 B URL HTTP/2 wzb-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=w6v2n3qjnr7pquhl2cf6sr4g
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=w6v2n3qjnr7pquhl2cf6sr4g HTTP/1.1
Host: wzb-bc-7s.lptrak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://wazamba100.com/no/seasons/christmas?btag=658915_877E9C57F7A94FB58F672BC78914B438&clickid=w6v2n3qjnr7pquhl2cf6sr4g&MSID=1360468&BID=9131
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 30 Dec 2022 14:14:34 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 30 Dec 2022 14:14:34 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a1360468%2c%22BID%22%3a9131%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1672409674094)%5c%2f%22%2c%22CookieTag%22%3a%2291311360468451240919C202212301414%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22565891151%7c1%22%7d%5d; domain=.lptrak.com; expires=Sun, 30-Dec-3021 14:14:34 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=53
X-Firefox-Spdy: h2
wazamba100.com/no/seasons/christmas?btag=658915_877E9C57F7A94FB58F672BC78914B438&clickid=w6v2n3qjnr7pquhl2cf6sr4g&MSID=1360468&BID=9131
301 Moved Permanently 0 B URL HTTP/2 wazamba100.com/no/seasons/christmas?btag=658915_877E9C57F7A94FB58F672BC78914B438&clickid=w6v2n3qjnr7pquhl2cf6sr4g&MSID=1360468&BID=9131
IP
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/seasons/christmas?btag=658915_877E9C57F7A94FB58F672BC78914B438&clickid=w6v2n3qjnr7pquhl2cf6sr4g&MSID=1360468&BID=9131 HTTP/1.1
Host: wazamba100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 30 Dec 2022 14:14:34 GMT
content-length: 0
location: https://wazamba.com/no/seasons/christmas?btag=658915_877E9C57F7A94FB58F672BC78914B438&clickid=w6v2n3qjnr7pquhl2cf6sr4g&MSID=1360468&BID=9131
vary: Accept-Encoding
server: cloudflare
cf-ray: 781b61efbe24b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 553f97ab8a2c2f1abe4ee932cf6dab42
9e9433075523efb0cf7d13b6811d237c4b48f099
8a7c26f298fb34ec9d5cbd977a2677118b9360ad3134bb56171c13d4d13da540
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 666
Cache-Control: max-age=154999
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:34 GMT
Etag: "63aeaa27-1d7"
Expires: Sun, 01 Jan 2023 09:17:53 GMT
Last-Modified: Fri, 30 Dec 2022 09:06:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 280 B IP
Hash e440c77a9419c95fd2e6a899c8ed84d5
07b6c2a6449cd8fda819f3830f05be5bde88eb65
5d7e436d4b68c444a49027eb6e14adbb6008034194d6c8424186eac24a805a29
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3580
Cache-Control: max-age=92410
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:34 GMT
Etag: "63adaa48-118"
Expires: Sat, 31 Dec 2022 15:54:44 GMT
Last-Modified: Thu, 29 Dec 2022 14:55:04 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 3.5 kB IP
Hash fa27c883f7a4066404897c6e493e5af6
e016321f25a665676f4c21b5028ed4615fa2c74c
5e2b2184b633a6dc9ccc591b03a26e81ba72d0167da6ec11d9af6d24c1235992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6010
Cache-Control: max-age=104182
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:34 GMT
Etag: "63adcec6-118"
Expires: Sat, 31 Dec 2022 19:10:56 GMT
Last-Modified: Thu, 29 Dec 2022 17:30:46 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 76cbec9f16aa86443ee15e71d84ff8ee
5553f619cf45df21a74d1b5b0fb65e1a5717be45
0afb9710c22630969ad33eece17100dfb136820bd2ccad92c47435e5d3969ab0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f9470f5c8a231f657a6f7d935a4946cc
d301aea9a620161d224ca417d4483b19edc43895
9244d582f8e01055e71e13468b4ca7cbce79556e968696885348219ba5066424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
200 OK 905 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
IP
Hash c7f612345c6ac5ef99144afe0978ca13
3b2bec9216ebd439ebfee121e77f059e9a792f3b
afa3d761b3d43db8e8b980d48518e87f413d07f1724ba07bed395d5cb12295b8
GET /css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 30 Dec 2022 14:14:34 GMT
date: Fri, 30 Dec 2022 14:14:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f9470f5c8a231f657a6f7d935a4946cc
d301aea9a620161d224ca417d4483b19edc43895
9244d582f8e01055e71e13468b4ca7cbce79556e968696885348219ba5066424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
200 OK 40 kB URL HTTP/2 cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash fcd52c10661ee2feee4edfd8baed8659
81add7971cf865aec30a1648e77a4fd2e8bddf3c
0c762f89baa1a7b5b50d657dd52243a8bf044bbfa5e8dc0670611877c196a1b7
GET /npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:34 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.9.38
x-jsd-version-type: version
etag: W/"23e2d-8Ljb58fTcif9uN6WX1ki2pXIRm0"
x-served-by: cache-fra19156-FRA, cache-bma1679-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 17858090
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIgzS6RLPq13QjYDBhlvh%2Bx6wQklF2EQQ8NrGWKBpttqT079ySKFP7DulKyKBWUcERMN4TDWeARa47K3L9%2FnXNctA5O%2FZVMgR8mpev0oWNP34sueGonWqmI9r5%2FsUWHy66E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 781b61f1bcb5b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WS5qFjEOpPLOPX6BF9peYg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kItSoJL3p6+omYiWAkqnolaL9p4=
www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
200 OK 134 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 134 kB (133566 bytes)
Hash 46bd1bff40b6d5ff064f1a348223639b
dd7f57ac077eb5f875f06c977dc7117f5c7226e1
84bfbaae66d9079e6582e37731846bcef1c3d702384650adc728dc7c3cf33ef8
GET /gtm.js?id=GTM-MCXZLND HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Dec 2022 14:14:34 GMT
expires: Fri, 30 Dec 2022 14:14:34 GMT
cache-control: private, max-age=900
last-modified: Fri, 30 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 15 kB IP
Hash 54716e0f3caaa831472a9be944b1f91e
d05d86d850455021f5a868eb0da7bb1953bb47ed
e99fc781442e1a7ab01b8ac9cdee1410fd0453aa6efb7c2eb1b0d452e2546f20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
200 OK 32 kB URL HTTP/2 fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
IP
Hash fba718d283713c78023d882e875961b3
e7e8892bf13c3d3ab1c3a4a79f0010b6587476cc
9984e0cebf27db56feec5d7105e4f1ab9986877ca6223c3fb9e6f1821b8e01dd
GET /css2?family=Jost:wght@800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 30 Dec 2022 14:14:34 GMT
date: Fri, 30 Dec 2022 14:14:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash e32f9058a80b75023ad61e3374073c3f
02770853d46faff3c33cebefc3c6818f3d584234
77fb78220d2fa569aaf7af5cbfdb62a6e7d3d5d14749b7052b983e696c24bd8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4267
Cache-Control: max-age=99221
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:34 GMT
Etag: "63adc234-117"
Expires: Sat, 31 Dec 2022 17:48:15 GMT
Last-Modified: Thu, 29 Dec 2022 16:37:08 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
200 OK 70 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP
Hash bc1787f5f28a1c6295764f5be4ba5117
5f9f800dd047fa1273036512170902d9f3ba3e43
cb241f4c50218a09130db0cff7bad0db0a095135513b2733c50714f03d915dfd
POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1671453642579
200 OK 216 kB URL HTTP/2 sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1671453642579
IP
Size 216 kB (216418 bytes)
Hash 840b2dd8036e9accc5a905b362c99200
3b8d4d0a2dd8e02f7f63693557ad38064a04909b
3a149721634623cb3d8a4dff0031445f497c9065317f377a2650b9a6c62a8c62
GET /altenarWSDK.js?build=1671453642579 HTTP/1.1
Host: sb2widgetsstatic-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv4wkoeTf-VC7UQjT1MnkUhmYj9FnHcNhnVVqfxCFQR34YQZvSoa9oG4VNgiL53gV9pDSfW41Msxu0WPKu9pgZcpOdV6SLp
x-goog-generation: 1672123526502985
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 114295
x-goog-meta-goog-reserved-file-mtime: 1672123508
content-encoding: gzip
x-goog-hash: crc32c=SKtaIQ==, md5=hFoX2JFA06P1xhjTrE/QLQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 114295
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Fri, 30 Dec 2022 14:14:35 GMT
expires: Fri, 30 Dec 2022 14:14:35 GMT
cache-control: no-cache,max-age=0
last-modified: Tue, 27 Dec 2022 06:45:26 GMT
etag: "845a17d89140d3a3f5c618d3ac4fd02d"
content-type: application/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.seondf.com/js/v4/agent.js
200 OK 101 kB URL HTTP/2 cdn.seondf.com/js/v4/agent.js
IP
File type C source, ASCII text, with very long lines (65536), with no line terminators
Size 101 kB (101321 bytes)
Hash 9116c3beb06320f3f453356b8c7e8034
08db60022912538df30a47202dd59c2630dcff6a
a1192cd51086b244a1abb3456efa20d25aec57167a884e07cacf3df62062a80f
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seondf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
cache-control: max-age=14400
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lfQSyMfl5FDv_gdFig_llGMw_73yEfPcalep6M8YWplz6gDXPCEe8g==
cf-cache-status: HIT
age: 3329
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFxBQdTdGb3SR3RkRF4QBHeb46aFiLxLy%2BU2TBQaysvCyHormmHHZvd3E5qPqJ4yW6VmUI5kcNXin88gqRFJtSYGZhbWyAXRgz7RbqKTrttWcZEGEaOQb18rMjhoiZwwPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 781b61f19c7eb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.css
200 OK 17 kB URL HTTP/1.1 d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.css
IP
Hash 14e2bc37863315233df178043f69a7c6
bd2c04180a180da434c6a50d8dc9151dba1b8d90
0879f39b89a2675e809774d0461e9a84685c668a57b8fa3aa49bf6c490cec578
GET /webpush/1/webpush.css HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 16571
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 12:25:29 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 29 Dec 2022 14:40:40 GMT
ETag: "14e2bc37863315233df178043f69a7c6"
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6q-4tNhMhjIzdBRO4xb5X0aT31-hptJ_xJ0icPCX7uMS7bXsvAAISw==
Age: 84836
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.js
200 OK 38 kB URL HTTP/1.1 d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.js
IP
Hash 7f4d3e7149cec9d4cef65539f7c767f3
6e3d447c6834967ccc335aa55a3cb849c648ffa5
b0465392ae22806156f2bd6d3569ce6397c0cfc2b5bb1cdc1c60ed6c05f4c79a
GET /webpush/1/webpush.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 38381
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 12:25:30 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 29 Dec 2022 21:11:05 GMT
ETag: "7f4d3e7149cec9d4cef65539f7c767f3"
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IHcLHEE8lw-laKPWDkPJmvZKU_lrWN3zzUSdcJBpsskVHqCjABhRxw==
Age: 61411
zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
200 OK 17 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
IP
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2771)
Hash ee093d1706a726403e55b592bc2cdf2f
a0149f1735e321d3a7af1b27fa5023ba14f66953
b825a2b9c885382cbb9c98646ea7dea18d248332b8dd38c5691903c4dbf769b6
GET /dcs/tagController/tag/6db8c7e6cdeb/landingpage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript;charset=utf-8
content-length: 16608
cache-control: must-revalidate, max-age=297
expires: Fri, 30 Dec 2022 14:19:32 GMT
date: Fri, 30 Dec 2022 14:14:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 1508f9408437ced9bbd6b48225e1741b
78d277893ec49b3afc979648a440848cf60d09d5
078374d7d32746787bfc992114ea69a39d5491b5c428c069f1444bd607fe4fc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4927
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:35 GMT
Last-Modified: Fri, 30 Dec 2022 12:52:28 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
200 OK 180 B URL HTTP/2 track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
IP
File type ASCII text, with no line terminators
Hash 2255005e68a8880fe8846b0ce53772ad
36ba75259314950e35818b9d871b02b09dab56ce
28df773657a07be0bbc8ab226c401438dacd6a9bc8662f38f0a69252c0089fc5
GET /Serving/Cookie/?adfaction=getjs;adfcookname=uid HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Dec 2022 14:14:35 GMT
content-type: text/javascript; charset=utf-8
content-length: 180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 682cbddcfdb68a8e77dc78949bf5bbc1
1ea7c9b419854f0ef2e28430e885a82fc74017a1
4d721442aeafdf78f7969d62c2557a8e353e81eb9a056c393f96965aeaf90f4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash dffa4cd32dff0a7f6d9f30e6aff1162a
40d06bc27f3c15a8e1ba50e59859cbb7f22a7795
e5336a1644148eb438c7c45abd4d7f41613f770989b0729ecf625a38f6942718
GET /recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 30 Dec 2022 14:14:35 GMT
date: Fri, 30 Dec 2022 14:14:35 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 1.2 kB IP
Hash 127656b632682fc8e1ff87900c714cba
022763c86ce963ace9d1be37dc9e17dbdd90962b
1b5c4e8c09a81ff32ad1a96a5924a5f06cef8436861dc19ac116810b28cfbc91
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 30 Dec 2022 12:41:11 GMT
expires: Fri, 30 Dec 2022 14:41:11 GMT
cache-control: public, max-age=7200
age: 5604
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b09274f35f179f5864c1239bc5cab72
bdcba81321107acec70cf2473bdd19b4b99590e1
8fa4c07e35ccbf18d0821d7f84d680401fc0e3ffb7ec21d98afce1a10ff31679
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
IP
File type ASCII text, with very long lines (658)
Size 165 kB (164706 bytes)
Hash 0b7fccb24ee065a01fdde10928c03c3f
9b198014f81844820588c202cc24bf5e03bf3dd7
68756de8f0d6742525ddaca56ab350e34d822777e86939fea27eb704ae013280
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 08:42:55 GMT
expires: Sat, 30 Dec 2023 08:42:55 GMT
cache-control: public, max-age=31536000
age: 19900
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2245
Expires: Fri, 30 Dec 2022 14:52:00 GMT
Date: Fri, 30 Dec 2022 14:14:35 GMT
Connection: keep-alive
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=101019086.1672409669>m=2oebu0&aip=1&z=1133674624
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=101019086.1672409669>m=2oebu0&aip=1&z=1133674624
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=101019086.1672409669>m=2oebu0&aip=1&z=1133674624 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 14:14:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2021928.js?sv=6
200 OK 8.3 kB URL HTTP/2 static.hotjar.com/c/hotjar-2021928.js?sv=6
IP
File type ASCII text, with very long lines (7679)
Hash c5238f3f4c9d32b1ec351db717de6100
689a19bdecffc8b9b4ca786628fb33585154eddb
4ccbe3a251b6526e3261d79147f0bec602db3bd8ceab27b71d92891a0b04fd36
GET /c/hotjar-2021928.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 30 Dec 2022 14:13:53 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/7b7a154e0df3fb1d4d8d411fc9e7c2a3
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Cv-nfWjX9ia2aDYGdxJuwMD5J71MP6Iw83Q_h05vvyrYgd91G6DwNw==
age: 42
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ebe131c7787411178a93d045ba57b5a
40b601b6ad3a3d7738b5b55777981598f4dc0519
68ea133b346bd1f76cd7b4dcf5023d8f987935dff380bacec73dec957effb97e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11516
x-amzn-requestid: e4e9ceeb-b2e5-454f-9550-d412fc0be82a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7aRLGuqoAMF3JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0a6d-6ed43b46144121dc2dd7db2f;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:45:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k0PrvFSOqoZYQXx_0QjokoJbSVcXMpPcLFw2qrfQvyvegLMw4rghTA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:16:26 GMT
age: 57489
etag: "40b601b6ad3a3d7738b5b55777981598f4dc0519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e270e4d21abb133d068a56a552b1708
2d5c698f982dcdb9a86de4e45e30d7caf9b42336
723573f9908c5a2aa1d3dfe1146a764d7052c866ff2076a9096daccf5697328b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11775
x-amzn-requestid: 5a37b577-ac86-4cab-a580-865059074844
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7aqKGzTIAMFmIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0b0d-7de39bba5583d757794dbd9e;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4OqJ-KiLeDe3iVqhLUhzcqiWrDHc3sZa808qTuPMDLdhP6FOFdGhkg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:10:15 GMT
etag: "2d5c698f982dcdb9a86de4e45e30d7caf9b42336"
content-type: image/jpeg
age: 57860
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aacfdf9-29e5-4cca-88eb-1d7fb007e520.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aacfdf9-29e5-4cca-88eb-1d7fb007e520.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51406d6bd4a7322a475fc2a98267154e
9fa03002aa1974d4a9557cedad8bd5d7fefa52ad
a1858d9fd203972f0dc3fe97f36e07796b84f6e2851c9990d406f452793e3454
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aacfdf9-29e5-4cca-88eb-1d7fb007e520.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11315
x-amzn-requestid: 77dd9348-e3a9-448e-8ae9-499d5d672a41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d4GZpGTRIAMFTUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63acb770-7dec07d1447e6f10125b8b6f;Sampled=0
x-amzn-remapped-date: Wed, 28 Dec 2022 21:38:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lfojNVZMHGD1YfOqiMgEwTOi_6uPqkVJ_gbQ0PKo5CLFycpcY89T1g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 21:42:30 GMT
age: 59525
etag: "9fa03002aa1974d4a9557cedad8bd5d7fefa52ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0f02288213f270c5a4a8944107c81e9
d17f3594e4aa86aa1b28849bbc3c7f1d45d938ea
770e6cc997aafc1c0485af4fa413fa255868a5d333e8e60e7de90b4c74bf29bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8494
x-amzn-requestid: 8dc4c6ae-ecb5-427d-be0a-535585f19b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZUXHR1IAMFn4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08e8-326ee70106b8fa9d2c4d540b;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fR6Tky8KiadgDTqrGN7QKIldTbOm8rIxJXZOtT6FyjBC6gafdCd33A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:01:38 GMT
age: 58377
etag: "d17f3594e4aa86aa1b28849bbc3c7f1d45d938ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce559ba-ede8-48f0-8bf2-1c6a0c1d4c83.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce559ba-ede8-48f0-8bf2-1c6a0c1d4c83.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d21812b8907c0410fcf07b8a245fd97
f9f4289b4f79af75f646f2c72de68dcb679f0c10
7c720ceaf934e04af379535b8fe63685314abc18033e95ed24deb29b3e34e744
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce559ba-ede8-48f0-8bf2-1c6a0c1d4c83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8101
x-amzn-requestid: cdcbc49a-d707-4123-ade4-cb15af5c87d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7a21FInoAMFfQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0b5e-3e9cf62117217e6a1157f231;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:49:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WUUKdG7_nEJW5qtYxQBep_w_ySyzsDOIu-3ToocqJi47NWnfvGTueg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:23:09 GMT
etag: "f9f4289b4f79af75f646f2c72de68dcb679f0c10"
content-type: image/jpeg
age: 57086
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
script.hotjar.com/modules.352fddba5b21bbfc3a08.js
200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.352fddba5b21bbfc3a08.js
IP
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash 3256c76707175033b83ffe82f89b32ec
d33e93f001d08e0449fde66b60493900f8f5c62e
cdb9b4030412de584b24a407d6186cd5971df1b3fb3168d819c8d9b9e5927bdf
GET /modules.352fddba5b21bbfc3a08.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68894
date: Thu, 22 Dec 2022 08:07:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3256c76707175033b83ffe82f89b32ec"
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SM4cON2hxKrUj5pitd3w9H0W-9mMQdfI2P82FgDbLaSEvcSCVdgxcA==
age: 713250
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b09274f35f179f5864c1239bc5cab72
bdcba81321107acec70cf2473bdd19b4b99590e1
8fa4c07e35ccbf18d0821d7f84d680401fc0e3ffb7ec21d98afce1a10ff31679
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=1773773756&_gaz=1&cid=101019086.1672409669&ul=en-us&sr=1280x1024&_s=1&sid=1672409669&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2Fseasons%2Fchristmas%3Fbtag%3D658915_877E9C57F7A94FB58F672BC78914B438%26clickid%3Dw6v2n3qjnr7pquhl2cf6sr4g%26MSID%3D1360468%26BID%3D9131&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=1773773756&_gaz=1&cid=101019086.1672409669&ul=en-us&sr=1280x1024&_s=1&sid=1672409669&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2Fseasons%2Fchristmas%3Fbtag%3D658915_877E9C57F7A94FB58F672BC78914B438%26clickid%3Dw6v2n3qjnr7pquhl2cf6sr4g%26MSID%3D1360468%26BID%3D9131&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=1773773756&_gaz=1&cid=101019086.1672409669&ul=en-us&sr=1280x1024&_s=1&sid=1672409669&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2Fseasons%2Fchristmas%3Fbtag%3D658915_877E9C57F7A94FB58F672BC78914B438%26clickid%3Dw6v2n3qjnr7pquhl2cf6sr4g%26MSID%3D1360468%26BID%3D9131&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Fri, 30 Dec 2022 14:14:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash b5ee3a4eaa12130ceb6816b79ae7a08b
a21e2f7e30dae521ffd191430f2860637e67b615
b8b2e5c79b35c155769863ee28a93da609ba8f55502b14fc0013452888e0c553
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5172
Cache-Control: max-age=90744
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:36 GMT
Etag: "63ad9d90-116"
Expires: Sat, 31 Dec 2022 15:27:00 GMT
Last-Modified: Thu, 29 Dec 2022 14:00:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f9886f7d939bc5ceabc7979a8c88c551
f8b60ed626d10fdaf357a3b14218d2063683a8cb
d57a2b9931924a5bd3637b13a45226115633a2193424483ec8136aa9b3e66c51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash b5ee3a4eaa12130ceb6816b79ae7a08b
a21e2f7e30dae521ffd191430f2860637e67b615
b8b2e5c79b35c155769863ee28a93da609ba8f55502b14fc0013452888e0c553
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5172
Cache-Control: max-age=90744
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:36 GMT
Etag: "63ad9d90-116"
Expires: Sat, 31 Dec 2022 15:27:00 GMT
Last-Modified: Thu, 29 Dec 2022 14:00:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
200 OK 125 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 125 kB (124920 bytes)
Hash 6d37ce026529f6dbc461f0a9e779ed52
ee72985a64bfbbe9259d251148d3b6636cf7c948
370323d75ec8339ce5c5e7bdc8dce370701bb98adc28c180b176fca76a40afd3
GET /crab/backgrounds/start-screen-desktop__animals.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:36 GMT
content-type: image/webp
content-length: 124920
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=152171
content-disposition: inline; filename="start-screen-desktop__animals.webp"
etag: "623b0046-2526b"
expires: Thu, 29 Dec 2022 18:35:52 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
vary: Accept
cf-cache-status: HIT
age: 1185688
accept-ranges: bytes
server: cloudflare
cf-ray: 781b61fbc92c0b3d-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash b5ee3a4eaa12130ceb6816b79ae7a08b
a21e2f7e30dae521ffd191430f2860637e67b615
b8b2e5c79b35c155769863ee28a93da609ba8f55502b14fc0013452888e0c553
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: max-age=91567
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:36 GMT
Etag: "63ad9d90-116"
Expires: Sat, 31 Dec 2022 15:40:43 GMT
Last-Modified: Thu, 29 Dec 2022 14:00:48 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash b5ee3a4eaa12130ceb6816b79ae7a08b
a21e2f7e30dae521ffd191430f2860637e67b615
b8b2e5c79b35c155769863ee28a93da609ba8f55502b14fc0013452888e0c553
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1661
Cache-Control: max-age=87233
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:36 GMT
Etag: "63ad9d90-116"
Expires: Sat, 31 Dec 2022 14:28:29 GMT
Last-Modified: Thu, 29 Dec 2022 14:00:48 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
200 OK 150 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1080, components 3\012- data
Size 150 kB (150149 bytes)
Hash 1292a0631ae7d8704f8ca13b149fb57c
c98f5a6566a16a6eac69cc24fa12dbe3eb6e9b8f
02c32655984641c0f36fde93be7d8bf9c83ab69211f8ebf5e0ae94c2c7ddca8a
GET /crab/backgrounds/start-screen-desktop__balls.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:36 GMT
content-type: image/jpeg
content-length: 150149
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "623b0048-24a85"
expires: Mon, 05 Dec 2022 04:41:07 GMT
last-modified: Wed, 23 Mar 2022 11:11:04 GMT
cf-cache-status: HIT
age: 2584954
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 781b61fbe9390b3d-OSL
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=101019086.1672409669>m=2oebu0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=101019086.1672409669>m=2oebu0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK&cid=101019086.1672409669>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Fri, 30 Dec 2022 14:14:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
200 OK 152 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 152 kB (151608 bytes)
Hash dc8b0375858d38a5a251333a48e60709
1cbf60c6695c7fe37e90ec49c4ad50ff6fa744f7
60136a4825a2602ae8862ef79ac8d103bc069c507ea76a5699233e249fce82ea
GET /crab/backgrounds/start-screen-desktop__single_ball.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:36 GMT
content-type: image/jpeg
content-length: 151608
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origSize=154594, status=webp_bigger
etag: "623b0046-25be2"
expires: Mon, 05 Dec 2022 04:41:07 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
cf-cache-status: HIT
age: 2330993
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 781b61fbf9400b3d-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/promo-text.png
200 OK 20 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/promo-text.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 31f9984a6ea4ab039d1ca2be44c40c51
fb0c9dd75d1362fa410877e485ec85c544516cfc
4ee9e1556bae45b29055f28591dc50d54943144a25377eb9ad73cc4b108ff9f6
GET /crab/startscreen/promo-text.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:36 GMT
content-type: image/webp
content-length: 20300
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=21490
content-disposition: inline; filename="promo-text.webp"
etag: "630f1d9d-53f2"
expires: Thu, 15 Dec 2022 18:28:48 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 2418929
accept-ranges: bytes
server: cloudflare
cf-ray: 781b61fbf9430b3d-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
200 OK 34 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash db1d31533283422abf8460024b0fa333
12951c08fcc92366278ce2a006f5f257ed9d6f02
b3894f9a38d87b7cb97a3c72744b34540e2d7d1dce7b65ca0e4281eae643f05d
GET /crab/startscreen/bonus-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:36 GMT
content-type: image/webp
content-length: 33602
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35463
content-disposition: inline; filename="bonus-crab-logo.webp"
etag: "630f1d9d-8a87"
expires: Thu, 15 Dec 2022 18:34:53 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 2418929
accept-ranges: bytes
server: cloudflare
cf-ray: 781b61fc09520b3d-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
200 OK 28 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash caf2e885906d6d25e4bfb3fbd2048463
ea8c3be612ac1b3ee18dae469a4208388ca788b0
d2dec97fc0ea9d58d4426672070c3f09d5a714451fd2bacff2aef9258211aa35
GET /crab/startscreen/cash-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:36 GMT
content-type: image/webp
content-length: 28536
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=29855
content-disposition: inline; filename="cash-crab-logo.webp"
etag: "630f1da0-749f"
expires: Thu, 15 Dec 2022 17:30:43 GMT
last-modified: Wed, 31 Aug 2022 08:36:48 GMT
vary: Accept
cf-cache-status: HIT
age: 2418929
accept-ranges: bytes
server: cloudflare
cf-ray: 781b61fc29620b3d-OSL
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tXQSK_a5PMmNh91JieTVA2OB258CwgDBh8tRa3UVJ2oZMoeAL5ImgA==
age: 3200670
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f9886f7d939bc5ceabc7979a8c88c551
f8b60ed626d10fdaf357a3b14218d2063683a8cb
d57a2b9931924a5bd3637b13a45226115633a2193424483ec8136aa9b3e66c51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b6255e52-99d1-4799-9f2e-2ae7aca3b6a4.seondnsresolve.com/
200 OK 633 B URL HTTP/2 b6255e52-99d1-4799-9f2e-2ae7aca3b6a4.seondnsresolve.com/
IP
File type JSON data\012- , ASCII text, with very long lines (633), with no line terminators
Hash 548dbd26a30ceb2747fba71e30a76cfc
ced9e4b59af62b514c90ef7e1fdcd191b2ee0378
3afa3d2e7dac4c2ee241303b700e091371f3eb126f7531656b65fd126af5c0d3
POST / HTTP/1.1
Host: b6255e52-99d1-4799-9f2e-2ae7aca3b6a4.seondnsresolve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 6181
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 633
date: Fri, 30 Dec 2022 14:14:36 GMT
x-amzn-requestid: 0380a0e9-8e8c-4319-8194-c692f91ddff2
access-control-allow-origin: *
x-amz-apigw-id: d9rL8FaXDoEFxjw=
x-amzn-trace-id: Root=1-63aef24c-0485843d08cbe1524857547a;Sampled=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xJzH9Mxu2y258mGph-3g1JNizZzwxrJoXjLXLPuO_GE_hIqOa2JhdQ==
X-Firefox-Spdy: h2
static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
200 OK 14 kB URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
IP
File type ASCII text, with very long lines (23416), with no line terminators
Hash f7f7612ca0bab9ac05ae3cd9e54508f1
20f2abfbdae97c23c40dbbb3ebb87a3f0288fdd0
62a0eefb87156cabb209a015cf32b74ef98a4b81e5cb7b311e774dc9bc28891e
GET /ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:36 GMT
content-type: application/javascript
x-amz-id-2: 2vczt6VEQAujZh2Sn1saK7Q0yPHQMRKRQuuC+kOwLnJ40itjD1HXfy2Id85tVz8wD4O1ArN10VQ=
x-amz-request-id: 4MARQ9YY8PDZ70A8
x-amz-replication-status: PENDING
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i01tt2RpzbcH3FjcTP%2Fi7v8czkGh1BLDgeB2HVTBT1fh96abRZT3MEUj803lUV5rKBundtNttSehE8EBYQWEn8qote5hC8WZ0bXOqbIQWnijZNLOcVad3T42tgkHG8kD5KV4rSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 781b61fc4dfcfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
200 OK 1.8 kB IP
Hash d49360b986c03a91b865e730754dc17a
3470107d7aae8e9943fab062a9271efd67dcd134
fcab233ed676d5349b5b187c23893e0d7e25a4dbf999c1485b9e08174f3f097e
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 30 Dec 2022 14:14:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 29 Dec 2022 21:14:56 GMT
Expires: Fri, 30 Dec 2022 21:14:56 GMT
ETag: "3470107d7aae8e9943fab062a9271efd67dcd134"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
200 OK 19 B URL HTTP/1.1 logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash b5efa112ce475f8bf73086a68521ea2e
4c4e7a9e8feb3e4595b4baf2db4466df001afa61
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
POST /inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger HTTP/1.1
Host: logs-01.loggly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 358
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 14:14:36 GMT
Content-Type: text/html
Content-Length: 19
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
200 OK 224 B URL HTTP/2 ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
IP
File type JSON data\012- , ASCII text, with very long lines (327), with no line terminators
Hash 186e8b148bdce8710cb195e94116b77d
87cb5b55feecd6303bb9d16cdac943fc3cf4c4f4
61bdd64eb53d7b8e29fbab95a406f2cc1048e415ae1edcec1e6f361d59c4bb90
GET /compose/36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:37 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"a642a5836165559c2fb6164cd39866d8"
x-request-id: 77a44b9bbdfd0b02-STL, 77a44b9bbdfd0b02-STL
x-runtime: 0.001742
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FKgH8oPgpiJco0GKVegM028HWVVbgxlNT%2BzM1S2uqu3aob5d1xhtrcOrmZgrbuzBXqr01nywaz7CvxtIRBj%2BCodmEI4yWCIV1iz2PaEQeNt5mJzHjwVqJPZpQY2SdCKc8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 781b61ff1fa0b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
200 OK 291 B URL HTTP/2 zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
IP
Hash 0e0b9201a99fea26a23b577479a41b54
9e0c1ccbfa61a81f33321e19b33f574a099eec0c
8c5dcd445e3ac9932df5776c66d0b177b4cf59ddf285f21b513c2b0fa97277c9
POST /Wazamba/dcs/tagController/tagData/6db8c7e6cdeb HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 44
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://wazamba.com
vary: Origin
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-type: text/plain
content-length: 0
expires: Fri, 30 Dec 2022 14:14:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 30 Dec 2022 14:14:37 GMT
set-cookie: CxtId=d98ba24b-88f9-41c7-9596-c14cd38e8546; Domain=.connextra.com; Expires=Sun, 29-Dec-2024 14:14:37 GMT; Path=/; Secure; SameSite=None
Wazamba=P%7Clandingpage%7C1%7C202212301414; Domain=.connextra.com; Expires=Sat, 30-Dec-2023 14:14:37 GMT; Path=/; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2
pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
200 OK 1.5 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP
Hash 2e43cdb133b1aa1a3889d4b0c4e5c6b6
b3f76c88595abc9df33867d47a3f753d6c33a435
5e3b0f31092019abcd16ec39890d1649ea2ab8373a5dfcd2d5353419cddf696a
GET /event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1493
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master ord-pixel-x3 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 30 Dec 2022 14:14:36 GMT
Date: Fri, 30 Dec 2022 14:14:37 GMT
Connection: keep-alive
Set-Cookie: uuid=d0a063ae-f24d-4300-8c4d-b23cc1397c27; domain=.mathtag.com; path=/; expires=Sat, 27-Jan-2024 14:14:37 GMT; SameSite=None; Secure
secure.adnxs.com/seg?add=31078906&t=2
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=31078906&t=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=31078906&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 30 Dec 2022 14:14:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
AN-X-Request-Uuid: 5ecf4dcf-d589-4b0c-b32a-d8f68fe9b547
Set-Cookie: uuid2=3194700394311849054; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 30-Mar-2023 14:14:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash 7316afc6698197f9d76c91de26a19659
03dbe9456c4bedf39b5a9acd81f90ac81d3c4bd2
1fc954b3c549ff4ef976b874b94c3ed5f44c580a45692bb2464007a8bbceaa30
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3322
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:37 GMT
Last-Modified: Fri, 30 Dec 2022 13:19:15 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 30 Dec 2022 14:14:37 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master cdg-pixel-x35 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=70f863ae-f24d-4600-ae48-03f608d752bd; domain=.mathtag.com; path=/; expires=Sat, 27-Jan-2024 14:14:37 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/70f863ae-f24d-4600-ae48-03f608d752bd
Expires: Fri, 30 Dec 2022 14:14:36 GMT
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
200 OK 4.6 kB URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP
Hash 8edf535c44114da894e357d864296120
40f513a9e15108bf5332b22df21a8fcbcfb94d7c
8a49da41027b4029409b70c64455e4dd63958cee1ed22f130efdf8abff3b1df9
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 30 Dec 2022 14:14:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 0939d1cc-aaa6-4e71-8ad4-a1ce4bdfbd2f
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel.mathtag.com/sync/iframe?mt_uuid=d0a063ae-f24d-4300-8c4d-b23cc1397c27&no_iframe=1&mt_adid=256810&source=mathtag
200 OK 713 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=d0a063ae-f24d-4300-8c4d-b23cc1397c27&no_iframe=1&mt_adid=256810&source=mathtag
IP
File type HTML document text\012- HTML document, ASCII text
Hash f853f2ecf3f2d763c4057f4ff5c3e4e8
0f9ca6de16aa4261f1202443311462a81717dd85
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
GET /sync/iframe?mt_uuid=d0a063ae-f24d-4300-8c4d-b23cc1397c27&no_iframe=1&mt_adid=256810&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master iad-pixel-x21 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 30 Dec 2022 14:14:36 GMT
Date: Fri, 30 Dec 2022 14:14:37 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash dd8b98ff834d812332fec11fe6a7c297
3af5a39d8cbea388a3edf7b0ffd903b46a9c7b77
21f85e4c3516614fd783648651bdb20299b8efbcb38ce0e3973050b411b4be6e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Dec 2022 14:14:37 GMT
Etag: "63ae02f6-1d7"
Last-Modified: Fri, 30 Dec 2022 13:27:35 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DrS3ZNUOJsB_-pRbDbHMeN-ZorsvTXYibK4cjLHI1334a2XPnak8MA==
Age: 2822
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 00db65b1d238eb78ca2bffecfd77c479
c03a6e8304991aebd8eb491f24048c01d9714206
d9c8e291b74400aed10d02d6374a0487bf7a50a0aed72ff5882ffe8c64db2e59
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166956
Date: Fri, 30 Dec 2022 14:14:37 GMT
Etag: "63aeca8f-1d7"
Expires: Sun, 01 Jan 2023 12:37:13 GMT
Last-Modified: Fri, 30 Dec 2022 11:25:03 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: moh1qqWGnRdJce1ztMoWF6FiC5r5FfavGBP-ReI13NYCE0uS47a3BQ==
Age: 4330
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 30 Dec 2022 14:14:37 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 30 Dec 2022 14:24:37 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports
303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 30 Dec 2022 14:14:37 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 30 Dec 2022 14:24:37 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D31078906%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 30 Dec 2022 14:14:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 154763c0-bade-41ea-80a8-6dce0d505332
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2C'$oW+vF!]tbP6j2F-XstGt!@Df9$p1kt; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 30-Mar-2023 14:14:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
zz.connextra.com/sync/data/uid/6c883bd680/70f863ae-f24d-4600-ae48-03f608d752bd
200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/70f863ae-f24d-4600-ae48-03f608d752bd
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/6c883bd680/70f863ae-f24d-4600-ae48-03f608d752bd HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Fri, 30 Dec 2022 14:14:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 30 Dec 2022 14:14:37 GMT
content-length: 64
set-cookie: CxtId=1f6c430b-5004-4e4f-9959-b0145ab62812; Domain=.connextra.com; Expires=Sat, 30-Dec-2023 14:14:37 GMT; Path=/; Secure
ex_uuid=6c883bd680%2C70f863ae-f24d-4600-ae48-03f608d752bd; Domain=.connextra.com; Expires=Sat, 30-Dec-2023 14:14:37 GMT; Path=/; Secure
X-Firefox-Spdy: h2
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 30 Dec 2022 14:14:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 30 Dec 2022 14:14:37 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
zz.connextra.com/sync/data/uid/508a5e2dd5/
200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/508a5e2dd5/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Fri, 30 Dec 2022 14:14:38 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 30 Dec 2022 14:14:38 GMT
content-length: 64
set-cookie: CxtId=5bc9f78d-da7d-41f5-8269-28aecf9045f7; Domain=.connextra.com; Expires=Sat, 30-Dec-2023 14:14:38 GMT; Path=/; Secure
X-Firefox-Spdy: h2
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 277 3f0ad7a master iad-pixel-x16 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 30 Dec 2022 14:14:37 GMT
Date: Fri, 30 Dec 2022 14:14:38 GMT
Connection: keep-alive
Set-Cookie: uuid=ca8663ae-f24e-4000-8f1f-b4314ee9031b; domain=.mathtag.com; path=/; expires=Sat, 27-Jan-2024 14:14:38 GMT; SameSite=None; Secure
ocsp.digicert.com/
200 OK 278 B IP
Hash 54d799bfe3f44202c85aafa622cc93dc
633b43a6471a80ddba289a3e47d6cfe6dcf69527
075d6680bdede1730a62fea7778f85490952f8fab31c8172ae0d8c8b53ca63c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 509
Cache-Control: max-age=142221
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 14:14:38 GMT
Etag: "63ae78de-116"
Expires: Sun, 01 Jan 2023 05:44:59 GMT
Last-Modified: Fri, 30 Dec 2022 05:36:30 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
wazamba.com/socket/?lang=no&EIO=3&transport=websocket&sid=D3W2eMBQl5vXIb1aAArP
101 Switching Protocols 93 B URL HTTP/1.1 wazamba.com/socket/?lang=no&EIO=3&transport=websocket&sid=D3W2eMBQl5vXIb1aAArP
IP
ASN #209242 Cloudflare London, LLC
Hash 7176103a01efd14a5ce03d2bac7b6547
101cb03c915927e84daffb16bbdbfea51507dfd2
1a08981dc5d4e2395a1a2d0cc421ba5a7c9edf9f381aa0cc0cff3b2d6341adde
GET /socket/?lang=no&EIO=3&transport=websocket&sid=D3W2eMBQl5vXIb1aAArP HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wazamba.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CXFoyL5UQsqwUPKLHgqItA==
Connection: keep-alive, Upgrade
Cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; data=5962b04ee74baa4e17256ba2c1ebdd75; _ga_F5V35L3FQK=GS1.1.1672409669.1.0.1672409669.60.0.0; _ga=GA1.2.101019086.1672409669; _gid=GA1.2.2002428870.1672409670; _gat_UA-131568742-1=1; _hjSessionUser_2021928=eyJpZCI6IjA2OTYxOWVjLTVhYzEtNTMxNy04ZGRlLTQyOGQzZmU2YTExYiIsImNyZWF0ZWQiOjE2NzI0MDk2Njk5NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2021928=eyJpZCI6IjYzYjNkM2ZhLTI0MTAtNGNjNC1hYzE0LTNjMDU1NzVkNTQ4YSIsImNyZWF0ZWQiOjE2NzI0MDk2NzA1MTgsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; io=D3W2eMBQl5vXIb1aAArP
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 30 Dec 2022 14:14:38 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YHv8a0HBAE7kagugdMwol8LLo5c=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 781b620aa95cb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js
200 OK 110 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 110 kB (110429 bytes)
Hash 0690c0e292a7229f064fc95318f7954e
8870a9bd88ed2d6cc24368316f32e1ebf202de13
ccf2bb8bfa1a1360749aa95e0d5cc4930eddea2303f4e9fb9aa67a1b1fcb7640
GET /web_widget/latest/classic/web-widget-5324-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: N5dT9JXWrJ6LHekTKf/mWyeV2xtYk6b8CIDMtPXNt5c/QUaa5FjHdkI91n1OR77lZMScW8RD3DY=
x-amz-request-id: F6C5FH3WES4KVVKJ
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"c296a94da281fc44d57ec8f4e4cfb0fa"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: CY5KQGuue_uwVKm8gYgHUkbI5bFfwkO_
cf-cache-status: HIT
age: 1249772
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Fl2XTWcAePcBn38bmsoWoe1AvWx4595L%2BWoFoMJDemajUROdu2yx0a6l4dhNlzcoMFAJLThuni9uy8i%2ByOpmwhDpVcAJV9PwYjnzYDp7etVNWnBx73FcIw4%2BlNVek14fPVsVPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 781b620adeb8fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-8165-81a3de7.js
200 OK 243 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-8165-81a3de7.js
IP
File type ASCII text, with very long lines (7480), with no line terminators
Size 243 kB (243226 bytes)
Hash 4fe48c7976a47f972c7bd547b12d58a4
c7d0cac4b01333ff8ef06227cb8125421248a270
40bcc87599ddc45f81adf0ac7926043b46f88771884bb08af1acdd05d6ad9a9a
GET /web_widget/latest/classic/web-widget-8165-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: lzBkPtbnz0MGLlWYKiF43Rbof1dxLmCsNcfcXrLzOnOEtJYFONekq3s/EdUhjTmo6TQFKed2bBM=
x-amz-request-id: F6C4AQZ3YDWB1VQS
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: kU1YYFzxaCl55Jp2ZazHPuUZRF69EWpK
cf-cache-status: HIT
age: 1249772
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bt1yzbpSv6FDf7rvaHi%2FuWSv0F3kt7wBW6itQKkQ3J9O0IA0t3m4LnpiB4ZmcTl4qwKIIKYH6QSgk8T7cM0j47Hr8LnIvxQWLGnGLRG%2BFRIa7q3meW9zD4hmLoHaep415WMW%2F2c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 781b620adeb3fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
wazamba.com/socket/?lang=no&EIO=3&transport=polling&t=OLZOchp&sid=D3W2eMBQl5vXIb1aAArP
200 OK 3 B URL HTTP/2 wazamba.com/socket/?lang=no&EIO=3&transport=polling&t=OLZOchp&sid=D3W2eMBQl5vXIb1aAArP
IP
ASN #209242 Cloudflare London, LLC
File type ASCII text, with no line terminators
Hash 9b9065b3ba2c3c87f1e30fdf998d791e
cc471c1ac39e9f79d65111b47de18d7bf187f1ed
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
GET /socket/?lang=no&EIO=3&transport=polling&t=OLZOchp&sid=D3W2eMBQl5vXIb1aAArP HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/seasons/christmas?btag=658915_877E9C57F7A94FB58F672BC78914B438&clickid=w6v2n3qjnr7pquhl2cf6sr4g&MSID=1360468&BID=9131
Connection: keep-alive
Cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; data=5962b04ee74baa4e17256ba2c1ebdd75; _ga_F5V35L3FQK=GS1.1.1672409669.1.0.1672409669.60.0.0; _ga=GA1.2.101019086.1672409669; _gid=GA1.2.2002428870.1672409670; _gat_UA-131568742-1=1; _hjSessionUser_2021928=eyJpZCI6IjA2OTYxOWVjLTVhYzEtNTMxNy04ZGRlLTQyOGQzZmU2YTExYiIsImNyZWF0ZWQiOjE2NzI0MDk2Njk5NjksImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2021928=eyJpZCI6IjYzYjNkM2ZhLTI0MTAtNGNjNC1hYzE0LTNjMDU1NzVkNTQ4YSIsImNyZWF0ZWQiOjE2NzI0MDk2NzA1MTgsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; io=D3W2eMBQl5vXIb1aAArP
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:38 GMT
content-type: text/plain; charset=UTF-8
content-length: 3
access-control-allow-origin: *
set-cookie: io=D3W2eMBQl5vXIb1aAArP; Path=/; HttpOnly
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 781b620ad8eab50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJkZXBhcnRtZW50cyI6eyJlbmFibGVkIjpbXSwic2VsZWN0IjoiY3VyYWNhbyArIE5PIn19LCJjb2xvciI6eyJ0aGVtZSI6IiM2RTM5MjNzIn19fSwiYnVpZCI6Ijk1MWE2NTViOTFiZDRiM2NhYmQ2MWU2N2E1ZTQwM2NiIiwic3VpZCI6IjMzZjhjNjAxYTFmYjQ3MGNiZWY4MTkzNmIyNDhjYTBmIiwidmVyc2lvbiI6IjgxYTNkZTciLCJ0aW1lc3RhbXAiOiIyMDIyLTEyLTMwVDE0OjE0OjMyLjgxOFoiLCJ1cmwiOiJodHRwczovL3dhemFtYmEuY29tL25vL3NlYXNvbnMvY2hyaXN0bWFzP2J0YWc9NjU4OTE1Xzg3N0U5QzU3RjdBOTRGQjU4RjY3MkJDNzg5MTRCNDM4JmNsaWNraWQ9dzZ2Mm4zcWpucjdwcXVobDJjZjZzcjRnJk1TSUQ9MTM2MDQ2OCZCSUQ9OTEzMSJ9
200 OK 0 B URL HTTP/2 wazamba.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJkZXBhcnRtZW50cyI6eyJlbmFibGVkIjpbXSwic2VsZWN0IjoiY3VyYWNhbyArIE5PIn19LCJjb2xvciI6eyJ0aGVtZSI6IiM2RTM5MjNzIn19fSwiYnVpZCI6Ijk1MWE2NTViOTFiZDRiM2NhYmQ2MWU2N2E1ZTQwM2NiIiwic3VpZCI6IjMzZjhjNjAxYTFmYjQ3MGNiZWY4MTkzNmIyNDhjYTBmIiwidmVyc2lvbiI6IjgxYTNkZTciLCJ0aW1lc3RhbXAiOiIyMDIyLTEyLTMwVDE0OjE0OjMyLjgxOFoiLCJ1cmwiOiJodHRwczovL3dhemFtYmEuY29tL25vL3NlYXNvbnMvY2hyaXN0bWFzP2J0YWc9NjU4OTE1Xzg3N0U5QzU3RjdBOTRGQjU4RjY3MkJDNzg5MTRCNDM4JmNsaWNraWQ9dzZ2Mm4zcWpucjdwcXVobDJjZjZzcjRnJk1TSUQ9MTM2MDQ2OCZCSUQ9OTEzMSJ9
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJkZXBhcnRtZW50cyI6eyJlbmFibGVkIjpbXSwic2VsZWN0IjoiY3VyYWNhbyArIE5PIn19LCJjb2xvciI6eyJ0aGVtZSI6IiM2RTM5MjNzIn19fSwiYnVpZCI6Ijk1MWE2NTViOTFiZDRiM2NhYmQ2MWU2N2E1ZTQwM2NiIiwic3VpZCI6IjMzZjhjNjAxYTFmYjQ3MGNiZWY4MTkzNmIyNDhjYTBmIiwidmVyc2lvbiI6IjgxYTNkZTciLCJ0aW1lc3RhbXAiOiIyMDIyLTEyLTMwVDE0OjE0OjMyLjgxOFoiLCJ1cmwiOiJodHRwczovL3dhemFtYmEuY29tL25vL3NlYXNvbnMvY2hyaXN0bWFzP2J0YWc9NjU4OTE1Xzg3N0U5QzU3RjdBOTRGQjU4RjY3MkJDNzg5MTRCNDM4JmNsaWNraWQ9dzZ2Mm4zcWpucjdwcXVobDJjZjZzcjRnJk1TSUQ9MTM2MDQ2OCZCSUQ9OTEzMSJ9 HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:39 GMT
content-length: 0
access-control-allow-origin: *
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
x-request-id: 781b620d3ec00b59-DUB
last-modified: Fri, 30 Dec 2022 14:14:39 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCYTNf%2B%2FRF4i7gNSelucHfTVVm%2B5Cbc010ueyungHUEO%2BjC5g4z%2FRLwxOYIRRGvnt7uHwmKnk4EEwAk03waUdLfRYZEK7UbkoA3iTHgKc2DvkWbXG7awa5PZdWh2VbLI115c%2FQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=58b1036a06e0f5ecbb8e647531e1c8c666d07bd5-1672409679; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 781b620d3ec00b59-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js
200 OK 10 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1808)
Hash 064dea3f922552e1a7a960c2bd5583e5
22cea120be1be9bc9a11030c6717ca98bb678a3f
f7515182da6acc6bdad48a6e5a7cdb7dbba46a3026ffd4d4d50ecb9a4c21aa56
GET /web_widget/latest/classic/web-widget-classic-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Ce0nkuWjjUM/lzymVjHtiQ0M7cglO06O1GZHyYHKpApfhIFuCFdX0tcKGB1Nd+nf3sqmhVUU19M=
x-amz-request-id: F6C99C8H3KRW33CZ
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"0b77084bbe255e38dfc0511ed512b1b9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: BI7BH2_wYlhqABgV_1RpW5mVt_EhVp77
cf-cache-status: HIT
age: 1249772
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EgrAzLcpD1YVuSGvG47LZ5g%2FswApa2%2B9pE%2BdCvuxPMhAhbG14ykxQRfF8XT%2BsxFVqQ0eaSnbS%2BEz4AbDjTBt0tl8jeNw8lb3DmP0Dx4UQGC%2BlBoykLf4%2BuZl3YyAtmkovZVSp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 781b620aae88fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
manager.eu.smartlook.cloud/rec/setup-recording/website
200 OK 70 B URL HTTP/1.1 manager.eu.smartlook.cloud/rec/setup-recording/website
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 536ea6acc350b7cd088bb192cc72b759
9c01c4c8d9ee1839d8a6f547219baee07a7de63e
ffda52cd15f4fdd13595223661990ed34c1949a66b38d7a2c8fa02a0712a03e9
POST /rec/setup-recording/website HTTP/1.1
Host: manager.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Origin: https://wazamba.com
Content-Length: 122
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://wazamba.com
Access-Control-Expose-Headers: Retry-After
Content-Encoding: br
Content-Type: application/json; charset=utf-8
Date: Fri, 30 Dec 2022 14:14:39 GMT
Retry-After: 3600
sl-trace-id: C-O_tvoRoag7sE7ht2M8i
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 70
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a108367c88992bc065c25712d1d03069
2d86d0d6680f04088ee03c0bfe67eb935ede9661
220cde272d91c31a36c6579184f58da3ce8878afa47650394993a949bd6e0d7e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Dec 2022 14:14:39 GMT
Etag: "63adcc24-1d7"
Last-Modified: Fri, 30 Dec 2022 13:41:06 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FgIS1EQswmiNQ5YneOCuS3vMvnADbmoU10AUXPSJnEBiK4zhKbgzCQ==
Age: 2013
wazamba.zendesk.com/embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjI0NzQsImNvbmZpZ0xvYWRUaW1lIjoyOTN9LCJidWlkIjoiOTUxYTY1NWI5MWJkNGIzY2FiZDYxZTY3YTVlNDAzY2IiLCJzdWlkIjoiMzNmOGM2MDFhMWZiNDcwY2JlZjgxOTM2YjI0OGNhMGYiLCJ2ZXJzaW9uIjoiODFhM2RlNyIsInRpbWVzdGFtcCI6IjIwMjItMTItMzBUMTQ6MTQ6MzIuOTIzWiIsInVybCI6Imh0dHBzOi8vd2F6YW1iYS5jb20vbm8vc2Vhc29ucy9jaHJpc3RtYXM/YnRhZz02NTg5MTVfODc3RTlDNTdGN0E5NEZCNThGNjcyQkM3ODkxNEI0MzgmY2xpY2tpZD13NnYybjNxam5yN3BxdWhsMmNmNnNyNGcmTVNJRD0xMzYwNDY4JkJJRD05MTMxIn0=
200 OK 0 B URL HTTP/2 wazamba.zendesk.com/embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjI0NzQsImNvbmZpZ0xvYWRUaW1lIjoyOTN9LCJidWlkIjoiOTUxYTY1NWI5MWJkNGIzY2FiZDYxZTY3YTVlNDAzY2IiLCJzdWlkIjoiMzNmOGM2MDFhMWZiNDcwY2JlZjgxOTM2YjI0OGNhMGYiLCJ2ZXJzaW9uIjoiODFhM2RlNyIsInRpbWVzdGFtcCI6IjIwMjItMTItMzBUMTQ6MTQ6MzIuOTIzWiIsInVybCI6Imh0dHBzOi8vd2F6YW1iYS5jb20vbm8vc2Vhc29ucy9jaHJpc3RtYXM/YnRhZz02NTg5MTVfODc3RTlDNTdGN0E5NEZCNThGNjcyQkM3ODkxNEI0MzgmY2xpY2tpZD13NnYybjNxam5yN3BxdWhsMmNmNnNyNGcmTVNJRD0xMzYwNDY4JkJJRD05MTMxIn0=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjI0NzQsImNvbmZpZ0xvYWRUaW1lIjoyOTN9LCJidWlkIjoiOTUxYTY1NWI5MWJkNGIzY2FiZDYxZTY3YTVlNDAzY2IiLCJzdWlkIjoiMzNmOGM2MDFhMWZiNDcwY2JlZjgxOTM2YjI0OGNhMGYiLCJ2ZXJzaW9uIjoiODFhM2RlNyIsInRpbWVzdGFtcCI6IjIwMjItMTItMzBUMTQ6MTQ6MzIuOTIzWiIsInVybCI6Imh0dHBzOi8vd2F6YW1iYS5jb20vbm8vc2Vhc29ucy9jaHJpc3RtYXM/YnRhZz02NTg5MTVfODc3RTlDNTdGN0E5NEZCNThGNjcyQkM3ODkxNEI0MzgmY2xpY2tpZD13NnYybjNxam5yN3BxdWhsMmNmNnNyNGcmTVNJRD0xMzYwNDY4JkJJRD05MTMxIn0= HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:39 GMT
content-length: 0
access-control-allow-origin: *
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
x-request-id: 781b620e7f9d0b59-DUB
last-modified: Fri, 30 Dec 2022 14:14:39 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjh%2FxlvNBT3g2nS7Zi2GRl6vPLt87W4nicT2UdhTTI0Cy%2F45DXOvAb4vPcEeyulwsD%2BHhSPRGrx0NUXuHm48MlygSeO2XxEhO3UHHJuXizWttMvG%2F%2BG9VUF4KSGUprc8I1ahLks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=58b1036a06e0f5ecbb8e647531e1c8c666d07bd5-1672409679; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 781b620e7f9d0b59-OSL
X-Firefox-Spdy: h2
widget-mediator.zopim.com/s/W/ws/hCFIO+uZ+k27cfNs/c/1672409673018
101 Switching Protocols 0 B URL HTTP/1.1 widget-mediator.zopim.com/s/W/ws/hCFIO+uZ+k27cfNs/c/1672409673018
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/hCFIO+uZ+k27cfNs/c/1672409673018 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wazamba.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cPdxFs5hOdQm4iJLOBcn0A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 30 Dec 2022 14:14:39 GMT
Connection: upgrade
Set-Cookie: AWSALB=63hqce3qPafCXLY5auJjssa/axrHpJmM6fQpBP4kjv3P+6Bp8od/g5nZrecuYfBeBxlFvvK8mnwjS7Ag3uy87bvhtUUsELMJP74Vjaaaz61aISVFkyd9CAjC6+fX; Expires=Fri, 06 Jan 2023 14:14:39 GMT; Path=/
AWSALBCORS=63hqce3qPafCXLY5auJjssa/axrHpJmM6fQpBP4kjv3P+6Bp8od/g5nZrecuYfBeBxlFvvK8mnwjS7Ag3uy87bvhtUUsELMJP74Vjaaaz61aISVFkyd9CAjC6+fX; Expires=Fri, 06 Jan 2023 14:14:39 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: QjZTWHwtuGfQpz5FF2E3Phbc0ms=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3
206 Partial Content 21 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3
IP
File type gzip compressed data, from Unix\012- data
Hash 55482438f6a96913089f7b2f7b06a344
26cd45781df7f8f4251d4b6f18969a20ed8de5c3
9c34730e9ada5f8ee71497b164cd936ee907b26e82d1dad79fa892699839c645
GET /web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 30 Dec 2022 14:14:40 GMT
content-type: audio/mpeg; charset=utf-8
content-length: 19698
x-amz-id-2: PEJaXGqoBVafYWDOyXRKI4XIuCV6qiqY6dKaGnywshngyobWuVmQ7I7xY7kkNKS5kDX8tP3zeaI5ugKA9F8V7A==
x-amz-request-id: 9FECFXCTYMS1KWDP
x-amz-replication-status: COMPLETED
last-modified: Sat, 05 Mar 2022 21:30:07 GMT
etag: "f11ce9e8f40a392830217253fe75d6de"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Sun, 05 Mar 2023 21:30:06 GMT
x-amz-version-id: rEiIcwVoP6Gqhntax3yVPyGX.ebLEQ6h
cf-cache-status: HIT
age: 25586147
content-range: bytes 0-19697/19698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KegN60i00UDnWyrwOI0CxFLawUAw%2BXseXUH4k7dKyZslS13FDReJy2olTqQ69F4sK746w62giRHFD964PrOGVYhG8VcjTxh8bewQYO8jdoiGhkmsgwEA3ZwrorlhgZhlKJPkpEc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 781b62195f93fab8-OSL
X-Firefox-Spdy: h2
rec.smartlook.com/es6/init.7171b9a4c8e511f032f0.js
200 OK 0 B URL HTTP/2 rec.smartlook.com/es6/init.7171b9a4c8e511f032f0.js
IP
ASN #60068 Datacamp Limited
GET /es6/init.7171b9a4c8e511f032f0.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"63a2fca2-d8e6"
last-modified: Wed, 21 Dec 2022 12:31:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1703164170
server: CDN77-Turbo
x-77-nzt: AblMCRS838P/wewLAA
x-77-nzt-ray: af585630e5f5b6e64bf2ae63dd80922b
x-cache: HIT
x-age: 781505
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1671453642579
200 OK 0 B URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1671453642579
IP
GET /api/Integration/wazamba?build=1671453642579 HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:35 GMT
content-type: text/plain; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 781b61f4886cfac4-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
IP
GET /css2?family=Montserrat:wght@500;600;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 30 Dec 2022 14:14:34 GMT
date: Fri, 30 Dec 2022 14:14:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-81a3de7.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-81a3de7.js
IP
GET /web_widget/latest/classic/web-widget-chat-sdk-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:39 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: dCxOKI1VihqlzZuFneeAf4EO8DIB/CgBkri9Rz6wSPiqVn9DBEruG5PWW43tzIxAqz1PrZGMfjM=
x-amz-request-id: F6C2N3SJTY8G76TW
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: _S9k0k7m14Q1JXEfLI.DU.BBCg9qJXGg
cf-cache-status: HIT
age: 1249771
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BzUdg%2FMnqI3TW%2BxYtNKPf1eV%2BOCN3KyGlV5nJjRXq6WGzH0OLobCrsiEvUxuuoN2r9uHghddTg4BRsmrWAtB07WuIT%2BeFZOTKjajJMaah9Oc9mEQm4OvUN%2FOQtyfcMWk3I8niw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 781b620da857fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
wazamba.com/no/seasons/christmas?btag=658915_877E9C57F7A94FB58F672BC78914B438&clickid=w6v2n3qjnr7pquhl2cf6sr4g&MSID=1360468&BID=9131
200 OK 0 B URL HTTP/2 wazamba.com/no/seasons/christmas?btag=658915_877E9C57F7A94FB58F672BC78914B438&clickid=w6v2n3qjnr7pquhl2cf6sr4g&MSID=1360468&BID=9131
IP
ASN #209242 Cloudflare London, LLC
GET /no/seasons/christmas?btag=658915_877E9C57F7A94FB58F672BC78914B438&clickid=w6v2n3qjnr7pquhl2cf6sr4g&MSID=1360468&BID=9131 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:34 GMT
content-type: text/html
cf-ray: 781b61f04adb0b4d-OSL
age: 294
last-modified: Tue, 20 Dec 2022 09:23:30 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-revalidated: Fri Dec 30 2022 14:09:40 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1672409440749
content-security-policy: frame-ancestors 'self' wazamba.com m.wazamba.com
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/swiper@7.4.1/swiper-bundle.min.js
200 OK 0 B URL HTTP/2 unpkg.com/swiper@7.4.1/swiper-bundle.min.js
IP
GET /swiper@7.4.1/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:34 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
via: 1.1 fly.io
fly-request-id: 01G4XGYFFRBMSG82JZ2H3KRTZA-fra
cf-cache-status: HIT
age: 17856399
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 781b61f14eb2b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js
IP
GET /web_widget/latest/web-widget-framework-80d26f4cc026ac520e65.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: flXT3MjZXq9WFSWpPRs+IiSkjkX3+v9E8zHvt24+o/uXfRysJbOibD4IZBfnohBYxkCwc++Rpqo=
x-amz-request-id: F6CCGSFWY28CB4TK
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:41:53 GMT
etag: W/"34fbbf22dcbdf81917dd5b3e02a125e4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:41:52 GMT
x-amz-version-id: BijG1SZtZft6iu4XfUmwnaVs.g5q2jvS
cf-cache-status: HIT
age: 1249773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCGqgCUHYkuOxqRnxgX8lSK3YFSvit%2FWh49LZYOv5YxxojUiOyB34EbLETGH4LIfpCT%2BIRut%2FbXSPf5j%2F1a2lCr3N6b2ph6zSh0je%2FR4TtP7oC1d7dKszcyQP5ehVzcb1jST2vw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 781b62082ccbfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
wazamba.zendesk.com/embeddable/config
200 OK 0 B URL HTTP/2 wazamba.zendesk.com/embeddable/config
IP
GET /embeddable/config HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:38 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-66f968b655-597hn
x-request-id: 781b3397da062d46-DUB
x-runtime: 0.002304
vary: Origin, Accept-Encoding
x-cached: STALE
last-modified: Fri, 30 Dec 2022 14:14:11 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vE%2FxbRQXa5d4NB1f3g2aNBPUs9Iw05K9bahl%2BrLgQYtHsTSJVNkOU7wQwBOS0M0G4KHfuObEzGZw0vBCc6dhu86USxa4Ntu1gdFRu%2BRpSGVoTlH7Bv67EQmabvEr9%2BNBMgmT1w8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=670089bb005607d90f173837aa4269f01304834e-1672409678; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 781b62096bd60b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js
IP
GET /web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:40 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: SkcJzZn5RRlglaHLOhk1vV1v30pm0szNvelv2eyVm7RGrf9j3oUJTTfL0PSdr3Oz2xeVhjpMFg8=
x-amz-request-id: FXYJV7HX34MNB73Y
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"659635f5ad1b6653645380f46aa42236"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: yTfJjWtrph2znqvc1oRNTQcv23jcfwLc
cf-cache-status: HIT
age: 1249773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlKU8fpaqy%2BWBtuB6UHHmHnqkcYikXYzOLbSq6VRMYAevR0jkr5l0WlzzyxkTGKxFtgolEZHst%2FQrLrKRlD0JBdii0kOtDIn%2FF%2BPJo4HoaQfjfaM5X4at9URDyyW0OpH2xECiF4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 781b6218bf3efab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js
IP
GET /web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 14:14:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Q/WsINVJ+Z0sX1C6ewo6dm4fGCmy1q+byCALlpmYTsO763wyxLOPMW+3hlpEmMz+n7wAWQ1i9dM=
x-amz-request-id: F6CEY42KW93BNB12
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:38 GMT
etag: W/"10d9a30eac6ed106c66673278428cd9d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:37 GMT
x-amz-version-id: w19VoZjQsh3pKdlpVeLbZ8rEmUXDsh_h
cf-cache-status: HIT
age: 1249769
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rr2oc1aVDBQ3L0TG6144cWhkop91bSEIuxtBQbddar6yiXFW2ZykaMe9tfKXYBM1c264kkNRs1IBwaanxv3ToKGDJsqDYuje3O2WnC7n8D72SymADIV6Ie%2BQ5DAnpvJbHBFXJig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 781b620d4829fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
79.98.29.29
37.157.3.20
185.89.210.180
23.36.77.32
142.250.74.106
104.18.70.113
185.76.9.21
45.8.106.138
185.29.134.248
188.114.96.1
52.49.0.146