televip.site/ph/short/globe/
79.98.29.22302 Found 0 B URL HTTP/1.1 televip.site/ph/short/globe/
IP 79.98.29.22:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /ph/short/globe/ HTTP/1.1
Host: televip.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 28 Jan 2023 13:00:02 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: http://ak.lanopoon.net/4/5087048?var=ed_error
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2356
Expires: Sat, 28 Jan 2023 13:39:18 GMT
Date: Sat, 28 Jan 2023 13:00:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16444
Expires: Sat, 28 Jan 2023 17:34:06 GMT
Date: Sat, 28 Jan 2023 13:00:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10532
Expires: Sat, 28 Jan 2023 15:55:34 GMT
Date: Sat, 28 Jan 2023 13:00:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 12:43:05 GMT
content-type: application/json
age: 1017
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: diWkr+9UF98zB5rM/wfnw5mSqg66k6CoUhK4O6WauRfVtZmwV6MRRqq3B3rd9OzmCPDLQfioMh6mGOIJufwT7A==
x-amz-request-id: 0A2BP9H73KDJSG7M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 12:20:58 GMT
age: 2344
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 13:00:02 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ak.lanopoon.net/4/5087048?var=ed_error
23.36.77.9200 OK 9.2 kB URL HTTP/1.1 ak.lanopoon.net/4/5087048?var=ed_error
IP 23.36.77.9:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12966)
Hash 3fda2354d92637c6353da8c93fa3b2be
01a37f3049f3a65d6ac202d3cc43374fe880f2b1
4591201ed3508cdbb827b6bb0382d03ecce92c0d555f31fe5d9560a82e21c875
Analyzer Verdict Alert quad9 Sinkholed
GET /4/5087048?var=ed_error HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
X-Trace-Id: 3872a140d0a6309469622a744b0a778c
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
Expires: Sat, 28 Jan 2023 13:00:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 28 Jan 2023 13:00:02 GMT
Content-Length: 9196
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: OAID=01c5389f6f744fbf85e16bf1967dd560; expires=Sun, 28 Jan 2024 13:00:02 GMT; path=/
oaidts=1674910802; expires=Sun, 28 Jan 2024 13:00:02 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2c4380697a101b67d9f8edb80bbe917c
d031ccb76ff8aeef9f80594b3ac3a7117e1ad05d
92fcb57afd01dbdc56cdd37ff2ebfb8807a286936093b1a863d334a3826aceb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92FCB57AFD01DBDC56CDD37FF2EBFB8807A286936093B1A863D334A3826ACEB3"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1852
Expires: Sat, 28 Jan 2023 13:30:55 GMT
Date: Sat, 28 Jan 2023 13:00:03 GMT
Connection: keep-alive
my.rtmark.net/img.gif?f=merge&userId=01c5389f6f744fbf85e16bf1967dd560
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=01c5389f6f744fbf85e16bf1967dd560
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=01c5389f6f744fbf85e16bf1967dd560 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ak.lanopoon.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 13:00:03 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=01c5389f6f744fbf85e16bf1967dd560; expires=Sun, 28 Jan 2024 13:00:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ak.lanopoon.net/?z=5087048&syncedCookie=true&rhd=false
23.36.77.9302 Moved Temporarily 0 B URL HTTP/1.1 ak.lanopoon.net/?z=5087048&syncedCookie=true&rhd=false
IP 23.36.77.9:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata medium ET ADWARE_PUP Win32/Adware.Agent.NSU CnC Activity M2
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 470
Origin: http://ak.lanopoon.net
Connection: keep-alive
Referer: http://ak.lanopoon.net/afu.php?zoneid=5087048&var=5087048&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false
Cookie: OAID=01c5389f6f744fbf85e16bf1967dd560; oaidts=1674910802
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
X-Trace-Id: db6509c70d23ba83d6f18b3707dc46fe
Link: <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://voices-kerence.com/836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0&language=en&connectiontype=broadband&cost=0.004161&visitor_id=643185125106131872&rdk=rk3
Access-Control-Allow-Origin: http://ak.lanopoon.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Expires: Sat, 28 Jan 2023 13:00:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 28 Jan 2023 13:00:03 GMT
Connection: keep-alive
Set-Cookie: OAID=01c5389f6f744fbf85e16bf1967dd560; expires=Sun, 28 Jan 2024 13:00:03 GMT; path=/
oaidts=1674910802; expires=Sun, 28 Jan 2024 13:00:03 GMT; path=/
syncedCookie=true; expires=Sat, 04 Feb 2023 13:00:03 GMT; path=/
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ebb52ae860e35aeb31ba6d5347b8c30f
e8cf327f2307f7da76168a2472137c0b8c45ceab
e5e692eef6fd9c2a4dd9602e3522fd18ec861c80c8f9933b76bec80e50b5c497
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:00:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 14:07:11 GMT
Expires: Thu, 02 Feb 2023 14:07:10 GMT
Etag: "e8cf327f2307f7da76168a2472137c0b8c45ceab"
Cache-Control: max-age=435426,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7909e8a84df3b505-OSL
voices-kerence.com/836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.004161&visitor_id=643185125106131872&rdk=rk3
18.193.209.105302 Found 0 B URL HTTP/2 voices-kerence.com/836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.004161&visitor_id=643185125106131872&rdk=rk3
IP 18.193.209.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /836cb829-7893-4133-b820-74b91c0194cf?zoneid=5087048&bannerid=16431865&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6528607&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.004161&visitor_id=643185125106131872&rdk=rk3 HTTP/1.1
Host: voices-kerence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 28 Jan 2023 13:00:03 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=w2i5mmh470pi5l7mis2t8mdi
pragma: no-cache
set-cookie: 836cb829-7893-4133-b820-74b91c0194cf-v4=Y225fuWEdbGUYk56VCedcvT_rGzRsx-NIHx5C-Oh4JE; Max-Age=86400; Expires=Sun, 29-Jan-2023 13:00:03 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=zLdlQq%2Brge9S%2BsUfhGIB6Zgg48h0wesLv5xwMikskIF4TJ9yWlsVmIWWHQdwt96lKehfwmMic0TT2GxAEDDM%2Ftm6JJraBtI867SKyuwDqq7Zwibf%2B0y037dKCU%2Fg7u2obEgRKmc46%2FqOfe8LCDkcLw%3D%3D; Max-Age=31536000; Expires=Sun, 28-Jan-2024 13:00:03 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 12:49:03 GMT
age: 660
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14863
Expires: Sat, 28 Jan 2023 17:07:46 GMT
Date: Sat, 28 Jan 2023 13:00:03 GMT
Connection: keep-alive
wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=w2i5mmh470pi5l7mis2t8mdi
23.36.79.32307 Temporary Redirect 0 B URL HTTP/2 wzb-bc-7s.lptrak.com/redirect.aspx?pid=2052770&bid=5396&clickid=w2i5mmh470pi5l7mis2t8mdi
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=2052770&bid=5396&clickid=w2i5mmh470pi5l7mis2t8mdi HTTP/1.1
Host: wzb-bc-7s.lptrak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://wazamba100.com/no/?btag=658915_AFE02FCF4EE84FAB8D0E16C50F2F9650&clickid=w2i5mmh470pi5l7mis2t8mdi&MSID=2052770&BID=5396
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 28 Jan 2023 13:00:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 28 Jan 2023 13:00:04 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a2052770%2c%22BID%22%3a5396%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674910803966)%5c%2f%22%2c%22CookieTag%22%3a%2253962052770451240919C2023128130%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22577639824%7c1%22%7d%5d; domain=.lptrak.com; expires=Mon, 28-Jan-3022 13:00:04 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=78
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.193.125101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.193.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: heKHiHTQP40NCX/lMCJGmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /8TSlbY3TZX3DMs6Jlb653m/yS4=
wazamba100.com/no/?btag=658915_AFE02FCF4EE84FAB8D0E16C50F2F9650&clickid=w2i5mmh470pi5l7mis2t8mdi&MSID=2052770&BID=5396
45.8.106.138301 Moved Permanently 0 B URL HTTP/2 wazamba100.com/no/?btag=658915_AFE02FCF4EE84FAB8D0E16C50F2F9650&clickid=w2i5mmh470pi5l7mis2t8mdi&MSID=2052770&BID=5396
IP 45.8.106.138:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/?btag=658915_AFE02FCF4EE84FAB8D0E16C50F2F9650&clickid=w2i5mmh470pi5l7mis2t8mdi&MSID=2052770&BID=5396 HTTP/1.1
Host: wazamba100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 28 Jan 2023 13:00:04 GMT
content-length: 0
location: https://wazamba.com/no/?btag=658915_AFE02FCF4EE84FAB8D0E16C50F2F9650&clickid=w2i5mmh470pi5l7mis2t8mdi&MSID=2052770&BID=5396
vary: Accept-Encoding
server: cloudflare
cf-ray: 7909e8ad7a5b1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 035e4a19e89d94f32b825fd29925af5a
fa48551e763f57df732f0e7a373c6edf3e6147b0
3981c224c2a5ced1f907b3939e7fca4f9e0ba77f254301ac893b62f63b6f0ad1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:04 GMT
Last-Modified: Sat, 28 Jan 2023 11:47:44 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
wazamba.com/no/?btag=658915_AFE02FCF4EE84FAB8D0E16C50F2F9650&clickid=w2i5mmh470pi5l7mis2t8mdi&MSID=2052770&BID=5396
45.8.107.169200 OK 1.5 kB URL HTTP/2 wazamba.com/no/?btag=658915_AFE02FCF4EE84FAB8D0E16C50F2F9650&clickid=w2i5mmh470pi5l7mis2t8mdi&MSID=2052770&BID=5396
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1786)
Hash b929340bbbcfed66e7fec1b566576b82
ea8fab262381f001e831d9360924adfb044d4413
6de191e016f15480439452b2f192a0551d0fe3cd6a2f7b6c9de22a7998437f16
GET /no/?btag=658915_AFE02FCF4EE84FAB8D0E16C50F2F9650&clickid=w2i5mmh470pi5l7mis2t8mdi&MSID=2052770&BID=5396 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:04 GMT
content-type: text/html
cf-ray: 7909e8ae1b19b4f9-OSL
age: 116
last-modified: Fri, 27 Jan 2023 14:07:56 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-revalidated: Sat Jan 28 2023 12:58:08 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1674910748490
content-security-policy: frame-ancestors 'self' wazamba.com m.wazamba.com
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
151.101.129.229200 OK 38 kB URL HTTP/2 cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0880c171f6c1061e1a2de7c892645c86
39b9c3eedf84507430791a2f17e03a4bc4b891be
e02180112a0dee98478682fa68ebef088ef1ca2cd3052ca783212478833151a3
GET /npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.9.38
x-jsd-version-type: version
etag: W/"23e2d-8Ljb58fTcif9uN6WX1ki2pXIRm0"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 28 Jan 2023 13:00:04 GMT
age: 4621111
x-served-by: cache-fra-eddf8230084-FRA, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 38325
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 2c553e9a1348629229c5cedd17239e6e
942bff6e6eff3c8cd2a2b95280dd2fc5e4e63ff9
76c2a155f6460ed283fc73386976733b06096ab593a50888491a177688ca82d8
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:00:04 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "BFA936DA8B61701065515DB14D67B614A047EFA9"
Expires: Sun, 29 Jan 2023 00:00:00 GMT
Last-Modified: Sat, 28 Jan 2023 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 992
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7909e8af78fdb50f-OSL
www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
142.250.74.78200 OK 45 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
IP 142.250.74.78:0
File type ASCII text, with very long lines (1855)
Hash 52c0ec619250a90e888cb24fe40ca0f4
6b7d0c0b5ccb86931dd1aefb1b571aa3d16be4e6
b3447d57b4482f6fb0d01a1295e958202cce469dac372d876b1ed964a4fcbea2
GET /optimize.js?id=OPT-P6V4PQ2 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 13:00:04 GMT
expires: Sat, 28 Jan 2023 13:00:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
142.250.74.168200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
IP 142.250.74.168:0
Hash b4966be7bb15ec9899cb4bd129c38d61
51c5c6e637809c8957de279b9f5711b99aaa960e
67ba9dcd2b6710e7e584dd299d158328bf2bfd8686179c89a82bad6b4081458c
GET /gtm.js?id=GTM-MCXZLND HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 13:00:04 GMT
expires: Sat, 28 Jan 2023 13:00:04 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 8.4 kB IP 142.250.74.131:0
Hash 16b35556146ae5c47081a42302f709b0
a318f4bf1ffe4edd9540e8dc86c81c3fab9559a8
bf1167a908fe11d29cb32b80245bbae3ddef47502868fda77f07d56c8fe20892
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 107515
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP 142.250.74.131:0
Hash fdcbb878088fc32f409d13f9a1bfda45
03a7c1a5a5ecd198e4f3f742d07aa847795df0d4
0d3d6dc5b8886e4ad7564d058b8408901f89cfbd062be110179fd9d792917222
POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1674816726507
34.120.135.117200 OK 116 kB URL HTTP/2 sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1674816726507
IP 34.120.135.117:0
File type ASCII text, with very long lines (55380)
Size 116 kB (115882 bytes)
Hash 5d2bd501c359e6c198b0bb928363af90
d50e19e543ab0d7c2892636e227af522524d9e74
b4fc058a109652ce7468d02b0fdc1c96ce75cf03e7696463fc2ee96180d41c9c
GET /altenarWSDK.js?build=1674816726507 HTTP/1.1
Host: sb2widgetsstatic-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt7rk2c9abIRAELD2m5cFwByKtqLmTn8zEqoIMm4TGx_xC3mSggaMNQQ_sB9fqDq9kfYV4NEUM9I9QOOemfdTl7jTG5zlVl
x-goog-generation: 1674543702123891
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 115113
x-goog-meta-goog-reserved-file-mtime: 1674543679
content-encoding: gzip
x-goog-hash: crc32c=nmjldg==, md5=QFFA2dedqtkNgBByIGYERw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 115113
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Sat, 28 Jan 2023 13:00:04 GMT
expires: Sat, 28 Jan 2023 13:00:04 GMT
cache-control: no-cache,max-age=0
last-modified: Tue, 24 Jan 2023 07:01:42 GMT
etag: "405140d9d79daad90d80107220660447"
content-type: application/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
142.250.74.131200 OK 995 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP 142.250.74.131:0
Hash e82bf8a37a93f0a2381824c80706d805
9eab1bad8ad0e7a0e38649f7260470032a901344
21832f1ad889c4669e5d6ac433cc71a26b0a025e5c4f1da5b995697a260f82f2
POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 907 B IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash da612594d89312d36d3e07604b746357
998797a34ffd157900f1aabaedb7e222d390785f
acbb88d95356565bb5937e6a14e57e30e38df4a2ae518c77d1522028e4835c6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6585
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:05 GMT
Last-Modified: Sat, 28 Jan 2023 11:10:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
rec.smartlook.com/recorder.js
185.76.9.14200 OK 34 kB URL HTTP/2 rec.smartlook.com/recorder.js
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
Hash fcaa97db4faf65e7176c21158408b14a
a59ad65518b2a7694bb3ce2694dc5780f91c3312
c0cc0dabba3a7d2695a75055f701da3adc812736ad77bc4e624cfc965c5fa668
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:04 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"63d3d00f-c4a"
last-modified: Fri, 27 Jan 2023 13:22:23 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1674911193
server: CDN77-Turbo
x-77-nzt: AblMCQ2KRKb/0wAAAA
x-77-nzt-ray: c0a4cc28823de5c0541cd56385810c36
x-cache: HIT
x-age: 211
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.js
54.230.245.200200 OK 40 kB URL HTTP/1.1 d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.js
IP 54.230.245.200:0
Hash 80b706e34af95af481a3258e0ad8a5eb
dfbd2a36e58dc271c1d646c30d105441fb766df0
b5e61fb91c657800ecbfce5b01553c67211d47ee016828c758eda428a02e2512
GET /webpush/1/webpush.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 39674
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 08:19:49 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 28 Jan 2023 10:22:23 GMT
ETag: "80b706e34af95af481a3258e0ad8a5eb"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Jfxn7CA3rGJgZ-X_OUbLv3GTYfBOtdTnjwYWTYiaFfYBHSRo_y8d6Q==
Age: 9463
track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
37.157.3.20200 OK 180 B URL HTTP/2 track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
IP 37.157.3.20:0
File type ASCII text, with no line terminators
Hash 2255005e68a8880fe8846b0ce53772ad
36ba75259314950e35818b9d871b02b09dab56ce
28df773657a07be0bbc8ab226c401438dacd6a9bc8662f38f0a69252c0089fc5
GET /Serving/Cookie/?adfaction=getjs;adfcookname=uid HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 13:00:05 GMT
content-type: text/javascript; charset=utf-8
content-length: 180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
104.85.191.64200 OK 17 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
IP 104.85.191.64:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2771)
Hash b3076ab7433f4fa9f8e717b83ba3f9b0
65acfa773288d49b160b824868a94e9b0e728386
726cc5a5bfc3d5ccde8dd2a9a7dc5059a4833c6d6980364d627f1ebac818628d
GET /dcs/tagController/tag/6db8c7e6cdeb/landingpage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-length: 16608
server: istio-envoy
content-encoding: gzip
x-envoy-upstream-service-time: 4
cache-control: must-revalidate, max-age=38
expires: Sat, 28 Jan 2023 13:00:43 GMT
date: Sat, 28 Jan 2023 13:00:05 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7074
Expires: Sat, 28 Jan 2023 14:57:59 GMT
Date: Sat, 28 Jan 2023 13:00:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7074
Expires: Sat, 28 Jan 2023 14:57:59 GMT
Date: Sat, 28 Jan 2023 13:00:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7074
Expires: Sat, 28 Jan 2023 14:57:59 GMT
Date: Sat, 28 Jan 2023 13:00:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7074
Expires: Sat, 28 Jan 2023 14:57:59 GMT
Date: Sat, 28 Jan 2023 13:00:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7074
Expires: Sat, 28 Jan 2023 14:57:59 GMT
Date: Sat, 28 Jan 2023 13:00:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 51232
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3237aa3-30cf-4312-861c-8d923987ed4b.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3237aa3-30cf-4312-861c-8d923987ed4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 335cb821617fe98e993190c93c616f86
130b6f6d592f3ab052015656653a1b3ac259599d
ee90912b731ff31e52ccd404bf45ec6b6d3802247a29f9397eed153ab709df96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3237aa3-30cf-4312-861c-8d923987ed4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8569
x-amzn-requestid: d97c9436-5e2d-42a2-ad40-84c7776cdac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_rVFA_oAMF-2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44648-03ff23d6072683a067472191;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:46:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FuvSHsmeURS0TVrB-5IPYpmsovQh5OWzvsmlT2nzkDGfO2Q8gwP3Xw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:15:45 GMT
age: 53060
etag: "130b6f6d592f3ab052015656653a1b3ac259599d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:14:23 GMT
age: 53142
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57b73886cbbb719eda5f733c018eedfb
b84ed40973f8a0d3c10529e34f9466746cfdaf0c
4ba11c23e0bbd2aed53b04ad0b3d22161af1971ddcfb75ae55734de9a49af207
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: c1743fed-205a-431b-8648-474facde6d09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwFtboAMF9rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-5b94864c707c42fc36fbc63a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7LUa_R8g8Rlv7JJA0_okht-vGe-xBSyZ5TPJTFakAHlncQPZKEdULQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 54667
etag: "b84ed40973f8a0d3c10529e34f9466746cfdaf0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 54199
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a40be482a56db1e4d48ba4a8cf515ba
da9c7255d5840c025526c6c24354750d9ba3a4ef
fa0bfe56b97ce5cf450e4799db2fe6d5645553b71d1e2bd928df0278a81a33c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7819
x-amzn-requestid: b9c17e9a-8da5-4736-a8bc-ea430feaef8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_diGfbIAMFX2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f0-695dd291002d9cc425df0edc;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gf-xQLbrbbXCRM8Q720PrSNSrvoelOoNlqbKwfiZHNIKCD_59TARLQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:03:06 GMT
etag: "da9c7255d5840c025526c6c24354750d9ba3a4ef"
content-type: image/jpeg
age: 53819
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 622311873d3819b9911301b09bc2d43c
9f08d648e40479aa12da033da15b80a15017c739
6138674cec17da8b7bb02bf0686bf3e7aefa2bce6a5f844ebd80e10b665818b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
216.58.211.4200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
IP 216.58.211.4:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 04da9b971debb2f7cd15b45b030a131f
bb6ff92b10f25c5e8185ebe1e35f9e614aac45b8
ccaf84c80a6fcd5ff4d8011d4c02661cef38001fa9adf87d2d32f97a4a5b4542
GET /recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 28 Jan 2023 13:00:05 GMT
date: Sat, 28 Jan 2023 13:00:05 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 11:46:59 GMT
expires: Sat, 28 Jan 2023 13:46:59 GMT
cache-control: public, max-age=7200
age: 4386
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=528315482.1674910808>m=2oe1p0&aip=1&z=1299107941
142.250.74.163200 OK 6.5 kB URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=528315482.1674910808>m=2oe1p0&aip=1&z=1299107941
IP 142.250.74.163:0
Hash c12db515c94d16d05f25dc31b519cfea
0a991ad1b92f689a91a9f8747288c5de30d64623
c90c9c266ebf24edcf63cb9b6062b12945ccdc620131c9e99db4fa66eba611de
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=528315482.1674910808>m=2oe1p0&aip=1&z=1299107941 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 13:00:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
216.58.207.227200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 216.58.207.227:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 417031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 603 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 308a5b102f0db084d4be8087c25ac78e
7ef9be09705d0ce08fbb6fb7c329be00a33aa5e3
87d9a5e41e81c27db50bf2aa0a388f49a268fb21087f4a3e2946c7157f1455ca
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 13:00:05 GMT
Last-Modified: Sat, 28 Jan 2023 11:32:23 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kaSBWRFyrlApvi3Pj32Ac5SrKlLjrfcg4BV8cLFsNsIGKOwetLJU7g==
Age: 5262
manager.eu.smartlook.cloud/rec/setup-recording/website
35.158.164.123200 OK 70 B URL HTTP/1.1 manager.eu.smartlook.cloud/rec/setup-recording/website
IP 35.158.164.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 536ea6acc350b7cd088bb192cc72b759
9c01c4c8d9ee1839d8a6f547219baee07a7de63e
ffda52cd15f4fdd13595223661990ed34c1949a66b38d7a2c8fa02a0712a03e9
POST /rec/setup-recording/website HTTP/1.1
Host: manager.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Origin: https://wazamba.com
Content-Length: 122
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://wazamba.com
Access-Control-Expose-Headers: Retry-After
Content-Encoding: br
Content-Type: application/json; charset=utf-8
Date: Sat, 28 Jan 2023 13:00:05 GMT
Retry-After: 3600
sl-trace-id: fGEFJ5PcKcjhQUfoLd5_k
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
script.hotjar.com/modules.dcdf252a9a6cf097c357.js
54.230.111.79200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.dcdf252a9a6cf097c357.js
IP 54.230.111.79:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 4ab050de5a6437b8d1f5955ab1dbfb07
498e55a41dc3df84cf825bd946a1300a04b38677
87cbfe168c8537c46132cab67a16afe706796b7f301ac8dc5bd8f9ea847e4a72
GET /modules.dcdf252a9a6cf097c357.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68336
date: Fri, 27 Jan 2023 09:04:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4ab050de5a6437b8d1f5955ab1dbfb07"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rBDgUqtGHCCxeb7ABd-ivXBaptHwfJzXdkbQ4bNUGwrljl8mMKqTlA==
age: 100560
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oe1p0&_p=506937439&_gaz=1&cid=528315482.1674910808&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674910808&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_AFE02FCF4EE84FAB8D0E16C50F2F9650%26clickid%3Dw2i5mmh470pi5l7mis2t8mdi%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
216.239.32.36204 No Content 46 kB URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oe1p0&_p=506937439&_gaz=1&cid=528315482.1674910808&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674910808&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_AFE02FCF4EE84FAB8D0E16C50F2F9650%26clickid%3Dw2i5mmh470pi5l7mis2t8mdi%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
IP 216.239.32.36:0
Hash 6190ca8fed2f049943765dca84720c77
e22135e20697162ac7d89d467ff11004ac9d3471
642ee1d6807dc6ad706024e4f6893e2f78a8317ecd437a59718eb5c9ef5232a1
POST /g/collect?v=2&tid=G-F5V35L3FQK>m=2oe1p0&_p=506937439&_gaz=1&cid=528315482.1674910808&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674910808&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2F%3Fbtag%3D658915_AFE02FCF4EE84FAB8D0E16C50F2F9650%26clickid%3Dw2i5mmh470pi5l7mis2t8mdi%26MSID%3D2052770%26BID%3D5396&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Sat, 28 Jan 2023 13:00:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
104.18.70.113200 OK 6.5 kB URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
IP 104.18.70.113:0
File type ASCII text, with very long lines (23416), with no line terminators
Hash f78db2dfd049f1e1dd7faa1d6f2bd9f6
9131aad360a029f548b2df4bf380c381aee786fe
2763a688441897621776e45c8c685a78edf4951bd70b83384dd4fd5281b8a261
GET /ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:05 GMT
content-type: application/javascript
x-amz-id-2: VYKORFZEK8ncQjbBiiAK6oiTYdRdkzwPfaxRM/jinB20cI8N0LqXAF6x6uRMZJVhRKA1YH5Ltb2qBhbqYLdq5g==
x-amz-request-id: EBZ4ZRD66V3TGNXR
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 25
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pepXberXMAjtUIa4aic5Hdjz3oHo6ZK0cbcfdgK8fbAc1EGydujocV2wZsM%2BxytREi7GTEAM2l8a8vxiCOSwe9%2ByXGzY%2Bg%2FtWpT37Z7h%2BUua0JNT2460PC80HrwHlHvrfud2Oc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7909e8b8c991b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 7.3 kB IP 142.250.74.131:0
Hash 85921460925e62212b263fb508196c3f
9b24f2ba79b60ad75703c62c51bace7ab17e5787
1b7f727138331240586f729e8f7385353432158219c3d028646f40ba635b361c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ecbec772cbaf4200998f1d842963b912
d4023ce395a0aec031d371f9d29c81ffdc017925
33e98b9d40a96f78f672161635be6d9bbe1c0d91445533f491340435f4481e34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:06 GMT
Last-Modified: Sat, 28 Jan 2023 12:12:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 407 kB IP 93.184.220.29:0
Size 407 kB (406653 bytes)
Hash 2f616dd88e6f704f0ecc12ea0c4f0fbb
7a9cc9b4c58f25b994b34cc1a642b99f58dbacc9
6c8a13bb0cd182ce05456f29cfb60ace209c2e1c4209dca264162d86933e3139
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:06 GMT
Last-Modified: Sat, 28 Jan 2023 12:12:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
104.16.152.45200 OK 28 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash caf2e885906d6d25e4bfb3fbd2048463
ea8c3be612ac1b3ee18dae469a4208388ca788b0
d2dec97fc0ea9d58d4426672070c3f09d5a714451fd2bacff2aef9258211aa35
GET /crab/startscreen/cash-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:06 GMT
content-type: image/webp
content-length: 28536
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=29855
content-disposition: inline; filename="cash-crab-logo.webp"
etag: "630f1da0-749f"
expires: Wed, 04 Jan 2023 20:53:05 GMT
last-modified: Wed, 31 Aug 2022 08:36:48 GMT
vary: Accept
cf-cache-status: HIT
age: 2241649
accept-ranges: bytes
server: cloudflare
cf-ray: 7909e8bd496bfab4-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
104.16.152.45200 OK 150 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
IP 104.16.152.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1080, components 3\012- data
Size 150 kB (150149 bytes)
Hash 1292a0631ae7d8704f8ca13b149fb57c
c98f5a6566a16a6eac69cc24fa12dbe3eb6e9b8f
02c32655984641c0f36fde93be7d8bf9c83ab69211f8ebf5e0ae94c2c7ddca8a
GET /crab/backgrounds/start-screen-desktop__balls.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:06 GMT
content-type: image/jpeg
content-length: 150149
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "623b0048-24a85"
expires: Thu, 05 Jan 2023 04:41:28 GMT
last-modified: Wed, 23 Mar 2022 11:11:04 GMT
cf-cache-status: HIT
age: 2407645
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7909e8bd496ffab4-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ecbec772cbaf4200998f1d842963b912
d4023ce395a0aec031d371f9d29c81ffdc017925
33e98b9d40a96f78f672161635be6d9bbe1c0d91445533f491340435f4481e34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:06 GMT
Last-Modified: Sat, 28 Jan 2023 12:12:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
104.16.152.45200 OK 152 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
IP 104.16.152.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 152 kB (151608 bytes)
Hash dc8b0375858d38a5a251333a48e60709
1cbf60c6695c7fe37e90ec49c4ad50ff6fa744f7
60136a4825a2602ae8862ef79ac8d103bc069c507ea76a5699233e249fce82ea
GET /crab/backgrounds/start-screen-desktop__single_ball.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:06 GMT
content-type: image/jpeg
content-length: 151608
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origSize=154594, status=webp_bigger
etag: "623b0046-25be2"
expires: Thu, 05 Jan 2023 04:41:28 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
cf-cache-status: HIT
age: 2153560
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7909e8bd5977fab4-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ecbec772cbaf4200998f1d842963b912
d4023ce395a0aec031d371f9d29c81ffdc017925
33e98b9d40a96f78f672161635be6d9bbe1c0d91445533f491340435f4481e34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:06 GMT
Last-Modified: Sat, 28 Jan 2023 12:12:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
joxi.imgsrcdata.com/crab/startscreen/promo-text.png
104.16.152.45200 OK 21 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/promo-text.png
IP 104.16.152.45:0
Hash 3e33eb42a813a5cb14392f4057bb4a74
304e055fd3ccb66905f138eb9756c63be5335f6f
752c9abc8b82768f763085a2ace36f382f266b8170cf73647e6502447f607000
GET /crab/startscreen/promo-text.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:06 GMT
content-type: image/webp
content-length: 20300
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=21490
content-disposition: inline; filename="promo-text.webp"
etag: "630f1d9d-53f2"
expires: Tue, 10 Jan 2023 05:14:35 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 2241649
accept-ranges: bytes
server: cloudflare
cf-ray: 7909e8bd697efab4-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
104.16.152.45200 OK 125 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 125 kB (124920 bytes)
Hash 6d37ce026529f6dbc461f0a9e779ed52
ee72985a64bfbbe9259d251148d3b6636cf7c948
370323d75ec8339ce5c5e7bdc8dce370701bb98adc28c180b176fca76a40afd3
GET /crab/backgrounds/start-screen-desktop__animals.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:06 GMT
content-type: image/webp
content-length: 124920
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=152171
content-disposition: inline; filename="start-screen-desktop__animals.webp"
etag: "623b0046-2526b"
expires: Thu, 26 Jan 2023 03:26:04 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
vary: Accept
cf-cache-status: HIT
age: 1008377
accept-ranges: bytes
server: cloudflare
cf-ray: 7909e8bd8991fab4-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
104.16.152.45200 OK 34 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash db1d31533283422abf8460024b0fa333
12951c08fcc92366278ce2a006f5f257ed9d6f02
b3894f9a38d87b7cb97a3c72744b34540e2d7d1dce7b65ca0e4281eae643f05d
GET /crab/startscreen/bonus-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:06 GMT
content-type: image/webp
content-length: 33602
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35463
content-disposition: inline; filename="bonus-crab-logo.webp"
etag: "630f1d9d-8a87"
expires: Wed, 04 Jan 2023 20:18:27 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 2241649
accept-ranges: bytes
server: cloudflare
cf-ray: 7909e8bd899bfab4-OSL
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
216.58.207.227200 OK 25 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
IP 216.58.207.227:0
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:12:49 GMT
expires: Tue, 23 Jan 2024 17:12:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/css
age: 416837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
216.58.207.227200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 216.58.207.227:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 417032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash b78fc36c1be0594353f6c424b056e8d1
34c991081b54ee1ccaee9ca584516d45d7414a20
9f97cee35eb611f8c08dbf51dd02de6c1043d55740433fe560fd6ba7452049e6
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 13:00:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 21:28:20 GMT
Expires: Sat, 28 Jan 2023 21:28:20 GMT
ETag: "34c991081b54ee1ccaee9ca584516d45d7414a20"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.gstatic.com/recaptcha/api2/logo_48.png
216.58.207.227200 OK 2.2 kB URL HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP 216.58.207.227:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 18:48:55 GMT
expires: Tue, 31 Jan 2023 18:48:55 GMT
cache-control: public, max-age=604800
age: 324672
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 141124
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 159564
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
54.175.252.46200 OK 6.6 kB URL HTTP/1.1 logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
IP 54.175.252.46:0
Hash b3e0c7471026b37998e502832cb1dfdf
79f950c47a5da59384032f232e669ef6dab7eaa6
71573b3d149598fa63c87a2dcc5dba89a94a0eab7514e1669f99df3c650afe11
POST /inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger HTTP/1.1
Host: logs-01.loggly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 358
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 13:00:07 GMT
Content-Type: text/html
Content-Length: 19
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
c6767d78-d229-4bf7-aade-bbb51df52b9c.seondnsresolve.com/
54.230.111.44200 OK 633 B URL HTTP/2 c6767d78-d229-4bf7-aade-bbb51df52b9c.seondnsresolve.com/
IP 54.230.111.44:0
File type JSON data\012- , ASCII text, with very long lines (633), with no line terminators
Hash cdc459fed2aab1dd5a8ac56006e8c423
1588726c2caac8227424d85c3f78c3885f02d9ae
5afcf1a48c31b40210c1f271800f41afe3c2a81634dc51630aa3e241ee1fb803
POST / HTTP/1.1
Host: c6767d78-d229-4bf7-aade-bbb51df52b9c.seondnsresolve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 6181
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 633
date: Sat, 28 Jan 2023 13:00:07 GMT
x-amzn-requestid: f7b8f148-965a-4f72-a60b-abbe1d401c58
access-control-allow-origin: *
x-amz-apigw-id: fdFdpGDIjoEFdYg=
x-amzn-trace-id: Root=1-63d51c57-188c35996e95071d5f8aac7a;Sampled=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PVIvDfI60bD1OuA0tGKyn6YPf9Elvd-IYcBrF3T2Air8AXnIlU8waw==
X-Firefox-Spdy: h2
zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
104.85.191.64200 OK 20 B URL HTTP/2 zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
IP 104.85.191.64:0
Hash 163be0a88c70ca629fd516dbaadad96a
c8830ccf3a863e489ca37f4da572bad0e05d077b
ac73670af3abed54ac6fb4695131f4099be9fbe39d6076c5d0264a6bbdae9d83
POST /Wazamba/dcs/tagController/tagData/6db8c7e6cdeb HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 44
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-origin: https://wazamba.com
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Sat, 28 Jan 2023 13:00:07 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 28 Jan 2023 13:00:07 GMT
content-length: 20
set-cookie: CxtId=da0d04ff-cf94-43bf-9132-c324c958b38e; Domain=.connextra.com; Expires=Mon, 27-Jan-2025 13:00:07 GMT; Path=/; Secure
Wazamba=P%7Clandingpage%7C1%7C202301281300; Domain=.connextra.com; Expires=Sun, 28-Jan-2024 13:00:07 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
23.38.200.207200 OK 1.4 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP 23.38.200.207:0
Hash 034809e70bacfb4be8599717ebd8ff77
ee2b36fa99e02fd655923a6b375da0264a0e3af2
6e9564d60e2f203336914d7ba2fb1ba0b8127b39ec02d73cf1cde4f782b04dc4
GET /event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1439
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master iad-pixel-x10 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 28 Jan 2023 13:00:06 GMT
Date: Sat, 28 Jan 2023 13:00:07 GMT
Connection: keep-alive
Set-Cookie: uuid=e54363d5-1c57-4a00-a9d5-ed8318920bd5; domain=.mathtag.com; path=/; expires=Sun, 25-Feb-2024 13:00:07 GMT; SameSite=None; Secure
secure.adnxs.com/seg?add=31078906&t=2
37.252.171.84307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=31078906&t=2
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=31078906&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 28 Jan 2023 13:00:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
AN-X-Request-Uuid: 862b8ed5-416c-4595-bf76-fc46461edb09
Set-Cookie: uuid2=1261861086637434080; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 28-Apr-2023 13:00:07 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
37.252.171.84200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP 37.252.171.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 28 Jan 2023 13:00:07 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 46d1fc4a-34ea-4fb7-81d3-b7baff6666a6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3a781ceb35b8e3aea35ce9854296eb48
27ed35b1b329d2422967b62958d28d4a9f8afbf5
d0f1a72b57f1d65b34e9ad00d38118bd9835dd51b437fada8a571078b5cacf0f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4771
Cache-Control: max-age=122906
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:08 GMT
Etag: "63d446cf-1d7"
Expires: Sun, 29 Jan 2023 23:08:34 GMT
Last-Modified: Fri, 27 Jan 2023 21:49:03 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 4b9daef1441313e8049ccc17fd3888a8
07b3144f3b0b2ac09da1fccb7361d39ca0c09237
b68a4ee8521686594cc7a4959813de51f39007f643cd236c8e5c62aeb262822b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 13:00:07 GMT
Last-Modified: Sat, 28 Jan 2023 12:08:06 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DQBeeOdAIEbxRmllC98MSjRH9uzj4d_ekDKn6QhffcjOk7gXvCgAGg==
Age: 3121
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 003afa10ac3daeb97616319aaf2d2da3
49730b7691ced8c0571f5d80d35b3a1840aa2ee4
cfc0b4b19bc55cc60f48fa34c611d90b37b49fc4787bd7bfa46a2965a2eff1fc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 13:00:07 GMT
Last-Modified: Sat, 28 Jan 2023 12:01:25 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xyKsOh-8fwICHoknTn5pfECciKP3nKFKDOgH3btct2FOld93idc4mg==
Age: 3522
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
185.29.132.245302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP 185.29.132.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sat, 28 Jan 2023 13:00:08 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master zrh-pixel-x29 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=a1bc63d5-1c58-4600-a90c-6090eba6872e; domain=.mathtag.com; path=/; expires=Sun, 25-Feb-2024 13:00:08 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/a1bc63d5-1c58-4600-a90c-6090eba6872e
Expires: Sat, 28 Jan 2023 13:00:07 GMT
match.prod.bidr.io/cookie-sync/geniussports
54.229.240.67303 See Other 185 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP 54.229.240.67:0
Hash a22c3a60a5dc986798cde7e28e2956a8
f1bd19fba214f7566ad70325266984557b2aef46
096209a706506a4c892e3936f48bd68e84a95cf0962cb514dc5a6a6d50eb9f69
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 28 Jan 2023 13:00:08 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sat, 28 Jan 2023 13:10:08 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
54.228.37.152303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
IP 54.228.37.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 28 Jan 2023 13:00:08 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sat, 28 Jan 2023 13:10:08 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
54.230.111.94200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
IP 54.230.111.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash c34915675a9e912c93dac934322be7d1
1d0c20a805821d76fdef8b95eace30ac659a9454
091ab4e6d3f86a5e7bc8c7c3e9805df420c13f77627902dd204abc1f28b6336d
GET /box-fc6c0cda90900662e5160cde908b3e86.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 27 Jan 2023 09:04:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "c34915675a9e912c93dac934322be7d1"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 44ZEzHLh5n1AxRBYO3xEqeYt6iGcupYF0brZq3pT6LIMZLZQKywDGg==
age: 100562
X-Firefox-Spdy: h2
pixel.mathtag.com/sync/iframe?mt_uuid=e54363d5-1c57-4a00-a9d5-ed8318920bd5&no_iframe=1&mt_adid=256810&source=mathtag
23.38.200.207200 OK 677 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=e54363d5-1c57-4a00-a9d5-ed8318920bd5&no_iframe=1&mt_adid=256810&source=mathtag
IP 23.38.200.207:0
File type HTML document text\012- HTML document, ASCII text
Hash d40dcbee218af49abbd15f61f5da0ffd
e3ec85d9073fa1cc0be1fed18344a6d4a2076e9d
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
GET /sync/iframe?mt_uuid=e54363d5-1c57-4a00-a9d5-ed8318920bd5&no_iframe=1&mt_adid=256810&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 677
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master iad-pixel-x12 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 28 Jan 2023 13:00:07 GMT
Date: Sat, 28 Jan 2023 13:00:08 GMT
Connection: keep-alive
sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1
104.22.9.90200 OK 9.3 kB URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1
IP 104.22.9.90:0
Hash 4dda4850c52084022b2f0f5eed317092
94872da249d3044fe3f165cbccc00dfed94084f4
84548d9bc0851ac1acb014ee418bcdc1bc52572b6f5d20f769ffb274ec05e1d6
GET /api/widget/StaticTranslations?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:08 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7909e8ca7de8b506-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
37.252.171.84200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
IP 37.252.171.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D31078906%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 28 Jan 2023 13:00:09 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 5c1e1099-7972-446f-9f58-1cf11604e9d9
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVPo/4R7!]tbP6j2F-XstGt!@Dd#$mX.[; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 28-Apr-2023 13:00:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
54.228.37.152200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
IP 54.228.37.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Sat, 28 Jan 2023 13:00:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
104.18.72.113200 OK 218 B URL HTTP/2 ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
IP 104.18.72.113:0
File type JSON data\012- , ASCII text, with very long lines (327), with no line terminators
Hash b9f13b0b161deb1436025f62d18ccc23
08c1a9299de5c5aba587edb528f8d0498adb448d
fe871cf4692edd6f82be8f750f1cbc1ccc13c045b8e634fd93a51ff3a6a6406c
GET /compose/36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:09 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"5995a6fcb40e0960b2ec15a1eabdf4d1"
x-request-id: 78fd28b988940afa-ARN, 78fd28b988940afa-ARN
x-runtime: 0.002486
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: HIT
age: 37
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdFmtyWWrItwGIgnSER8AkORPXafqsdePQSyBcT7Vt%2FxEvMnlObXVc5NjSO%2BZQ6BkT88483xXV0swzo5uLq%2Fpdl3ITGO6hez%2F2QByvJ2M9cg5ZRR0rDadVl7Fe78BKnUd%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7909e8cc4bb2b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
zz.connextra.com/sync/data/uid/6c883bd680/a1bc63d5-1c58-4600-a90c-6090eba6872e
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/a1bc63d5-1c58-4600-a90c-6090eba6872e
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/6c883bd680/a1bc63d5-1c58-4600-a90c-6090eba6872e HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Sat, 28 Jan 2023 13:00:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 28 Jan 2023 13:00:09 GMT
content-length: 64
set-cookie: CxtId=1d5690d8-aabb-4ed2-98fa-82d5d7aa5efd; Domain=.connextra.com; Expires=Sun, 28-Jan-2024 13:00:09 GMT; Path=/; Secure
ex_uuid=6c883bd680%2Ca1bc63d5-1c58-4600-a90c-6090eba6872e; Domain=.connextra.com; Expires=Sun, 28-Jan-2024 13:00:09 GMT; Path=/; Secure
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 13:00:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 13:00:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 13:00:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 13:00:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 13:00:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
zz.connextra.com/sync/data/uid/508a5e2dd5/
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/508a5e2dd5/
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Sat, 28 Jan 2023 13:00:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 28 Jan 2023 13:00:09 GMT
content-length: 64
set-cookie: CxtId=eb5a072f-5e46-492e-aeed-69a54705a35d; Domain=.connextra.com; Expires=Sun, 28-Jan-2024 13:00:09 GMT; Path=/; Secure
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
34.110.191.112204 No Content 0 B URL HTTP/2 sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
IP 34.110.191.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetBonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Sat, 28 Jan 2023 13:00:09 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
34.110.191.112204 No Content 0 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
IP 34.110.191.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetAuth/SignIn HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Sat, 28 Jan 2023 13:00:09 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
34.110.191.112204 No Content 0 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
IP 34.110.191.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/WidgetAuth/GetSystemParameters HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx/1.21.0
date: Sat, 28 Jan 2023 13:00:09 GMT
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 14400
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
34.110.191.112200 OK 168 B URL HTTP/2 sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
IP 34.110.191.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4bb0d8e93664d62c57f559f97ceae40a
590fbdb8542ffc1771c62e09c8b8aaf4b2fc03ff
52b5a77257d63de4bf03810962dda90f839a54b0bc4ce03103e35bd1a60fc151
POST /api/WidgetBonus/GetMultipleBonuses HTTP/1.1
Host: sb2bonus-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 77
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Sat, 28 Jan 2023 13:00:09 GMT
content-type: application/json; charset=utf-8
content-length: 168
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
34.110.191.112200 OK 343 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParameters
IP 34.110.191.112:0
File type JSON data\012- , ASCII text, with very long lines (343), with no line terminators
Hash ed6466415bd9c228749ca2f1d0536401
351a7721a22223d56eb393aa3c42f3931bd9f988
589c127437987a330578f8cd7135ede1fb7402cbfea8ae45434dc3e29adb57cb
POST /api/WidgetAuth/GetSystemParameters HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 77
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Sat, 28 Jan 2023 13:00:09 GMT
content-type: application/json; charset=utf-8
content-length: 343
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
34.110.191.112200 OK 72 B URL HTTP/2 sb2auth-altenar2.biahosted.com/api/WidgetAuth/SignIn
IP 34.110.191.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 390406eff768f9cbbffd928bb5cafdb7
618a24b27a6620e8499ac5942ac55e6cfd7fb593
56e2df3addeca698a846301e56be8dda12116c795db1f03ef6242b849be12f43
POST /api/WidgetAuth/SignIn HTTP/1.1
Host: sb2auth-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://wazamba.com
Content-Length: 99
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.0
date: Sat, 28 Jan 2023 13:00:09 GMT
content-type: application/json; charset=utf-8
content-length: 72
access-control-allow-origin: *
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 2.7 kB IP 192.124.249.36:0
File type gzip compressed data, max compression\012- data
Hash 8d1890ae020afee42a721f8fde8d3e26
5aab8eabc676f9501c76e4181bbc603a999f354c
1da10f66c0a9eaa7fdd7c86aac0cac588107d09582b22c4a29286fdad3a4fa76
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 13:00:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 551a68c87a81f446d7dce97f5c66b6fc
bb142c037772c97a59e1eefaffa32091dd5baff6
37d1b483b50f868ece9d832d2cfc56622705424938f32ca2ec2144d28fcaee3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 13:00:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 22:52:31 GMT
Expires: Sat, 28 Jan 2023 22:52:31 GMT
ETag: "bb142c037772c97a59e1eefaffa32091dd5baff6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
23.38.200.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 23.38.200.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master iad-pixel-x13 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 28 Jan 2023 13:00:08 GMT
Date: Sat, 28 Jan 2023 13:00:09 GMT
Connection: keep-alive
Set-Cookie: uuid=e90063d5-1c59-4500-b094-0827fc861383; domain=.mathtag.com; path=/; expires=Sun, 25-Feb-2024 13:00:09 GMT; SameSite=None; Secure
sb2frontend-altenar2.biahosted.com/api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
104.22.9.90200 OK 6.3 kB URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
IP 104.22.9.90:0
File type JSON data\012- , ASCII text, with very long lines (34257), with no line terminators
Hash b5e48d64190665655981df0465d2495a
621888774b2941c9b854e4f93fd5b2338ff355ac
f99bfe9697a0aa5e4e4f3b236cdb9855d1d01379037849cf5626ec6395f8ee8e
GET /api/widget/GetLivenow?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:10 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7909e8d2487cb506-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 345064
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/web-widget-framework-59b8a859ce8a473d961c.js
104.18.70.113200 OK 62 kB URL HTTP/2 static.zdassets.com/web_widget/latest/web-widget-framework-59b8a859ce8a473d961c.js
IP 104.18.70.113:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 8d4b01516ae3e43813f872292520f1b1
990410c05404a51c46652b710697c4f71a60743f
66f3e1bc839ebc0efe884218140881de3c58a4d54d63064e5d913c4dfaeda5ed
GET /web_widget/latest/web-widget-framework-59b8a859ce8a473d961c.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:10 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: eqi5IJQsZltOEPYX18LZfa9yHAtGFvEXQO7zmTiGIn0VvD4F0CwBVgdFmBuHSbbKdhbjAWDPQGE=
x-amz-request-id: JT3WC3ZCPKE9H3EG
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:03:21 GMT
etag: W/"6337d08bfec6eec8c5e9f218e1ca6471"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:03:19 GMT
x-amz-version-id: .eV5Z5rLMQLzZziY1JqjOEi.7xRQkb6M
cf-cache-status: HIT
age: 134837
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVLDUcZKxu7gJjvBVmc75aOMq72Yg%2B996pWvxv8EY5hguTiFZj4%2FQKGDS%2BmSfPqvypdBQIdlUbUyZsb1BSNtiFSqOztqa8OSJey59JCqq4g6B0%2FJPiHnW9LikVXSUGXgzafr4Zo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7909e8d6dfc8b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9c39db59defe170057f667f5940ba49d
81988d2bed3df9d94757e54b204b3de6bc83b79d
bd9997aa8c570a42cd73ed2d38b2733049db1dcbfe98344f07a88c0dd7848df9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5158
Cache-Control: max-age=151335
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:00:11 GMT
Etag: "63d4b45c-117"
Expires: Mon, 30 Jan 2023 07:02:26 GMT
Last-Modified: Sat, 28 Jan 2023 05:36:28 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/7fdff64c2c6d00f0959b1c09537c7e7f-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
54.230.111.96200 OK 46 kB URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/7fdff64c2c6d00f0959b1c09537c7e7f-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
IP 54.230.111.96:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 375b5b5bcd1d5179f5b789e4c28ca6df
f52bfd097b13f83fa43714f59786efa4082f55a1
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
GET /sealassets/7fdff64c2c6d00f0959b1c09537c7e7f-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 46382
date: Sat, 28 Jan 2023 12:58:11 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7909e5f029138ff2-FRA
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GCWtpNSF0a_yIio_SoZPtHmLE4WsPWyBvzpmWbIcLCstK0gpjwxMEw==
age: 120
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
54.230.111.96200 OK 68 B URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP 54.230.111.96:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Mon, 02 Jan 2023 16:43:26 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _4nQbR50mWiC_uzVaFWAnbksUvXVb0FFnSsM7uJkZGQMaMxVomPehg==
age: 2233006
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
54.230.111.96200 OK 1.6 kB URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
IP 54.230.111.96:0
Hash a9c257bcc0e48de99c72a224725c3a4f
931e6afbe3b1dce35a195f9e121bf4d1015dcb6e
d87f82dc139e4701fb2352b0bb91e4d9ccdb0d33b728319b8e0f8f2478b7a1b2
GET /apg-seal.js HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Sat, 28 Jan 2023 12:58:11 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"bbd-sHso4wK3YD8QLjtZjd/7IA/AO6M"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7909e5ef4bfa9bb0-FRA
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dD_jc0hd2hAEWAW-Q3n6X_Ga1ghW317e1GKrLhsL0vGn-O2G-UpwAQ==
age: 120
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-classic-3789e01.js
104.18.70.113200 OK 4.0 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-classic-3789e01.js
IP 104.18.70.113:0
File type ASCII text, with very long lines (13518), with no line terminators
Hash 1ada71a04e4b5f821817fa2de4490728
5baabe801294ed53bb86ca2f7a16a91626a86be6
659a89a3ed91640822fcd00157cdf70412bbb1005b7f466ce092396ab04048ca
GET /web_widget/latest/classic/web-widget-classic-3789e01.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:11 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: eLswCNR3+snNcmV5ZA7Ixw7RaFFn72sxVkOTwb5i9yiZY1h6sRTeKvt92DowGYacQvMhKNBkx/g=
x-amz-request-id: JT3Y1BVRACV79AY6
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:06:01 GMT
etag: W/"d1e5f0b356064ff6680a59d127c5d617"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:06:00 GMT
x-amz-version-id: m2N7HE7DqdZwJoIBBUB1awf6lJoYOXK8
cf-cache-status: HIT
age: 134837
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bur5WTpVt7eb0ejwujukj8u6Kt0HUR08DhFl0BprFQ1pbpz5P0U0LnqRZ3qoS0oi2K4cTcs%2FbRXB%2Fzj0fJEze%2BGoqwSdQPJ1%2BPPt5G9uNu1lH7zK32eus%2BMyTtQ4KrDnMoKMku0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7909e8dd0fb2b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
sb2frontend-altenar2.biahosted.com/api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
104.22.9.90200 OK 0 B URL HTTP/2 sb2frontend-altenar2.biahosted.com/api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7
IP 104.22.9.90:0
GET /api/widget/GetHighlights?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&sportId=0&eventCount=7 HTTP/1.1
Host: sb2frontend-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:10 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7909e8d25885b506-OSL
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2021928.js?sv=6
54.230.111.8200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2021928.js?sv=6
IP 54.230.111.8:0
GET /c/hotjar-2021928.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sat, 28 Jan 2023 12:59:29 GMT
cache-control: max-age=60
etag: W/9be91618d26d2976eb0b3661eae766cf
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: loYP-X6TzViLYxSh2qwFkqljfFrtF8A5d1T0MucTKF4ttfM3mxPxXA==
age: 57
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
IP 142.250.74.106:0
GET /css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 13:00:04 GMT
date: Sat, 28 Jan 2023 13:00:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.seondf.com/js/v4/agent.js
188.114.97.1200 OK 0 B URL HTTP/2 cdn.seondf.com/js/v4/agent.js
IP 188.114.97.1:0
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seondf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
cache-control: max-age=14400
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r3vBq8zJ-CY-NYQu_l7H4C5pSplwPeCF8zFIyJyqVW6saqZZag2g2w==
cf-cache-status: HIT
age: 919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3po1tboWFDyD%2B14pGJXmsQFzffczagdAgktXFG5k8QE7k9Lau%2FrK%2Bagq8l6ql2hMNCfp9kyotxA8DbLM0PGwatPW4jK0%2FfDCIDJKR%2F3K%2FZVrYBUpRtVkH73udWqfDeCow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7909e8af6f31fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1674816726507
104.22.9.90200 OK 0 B URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1674816726507
IP 104.22.9.90:0
GET /api/Integration/wazamba?build=1674816726507 HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:04 GMT
content-type: text/plain; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7909e8b2286cb512-OSL
X-Firefox-Spdy: h2
sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=light
104.22.9.90200 OK 0 B URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=light
IP 104.22.9.90:0
GET /api/Widget/GetWidgetsConfiguration?culture=no-NO&timezoneOffset=0&integration=wazamba&deviceType=1&theme=light HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:08 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7909e8ca1f770b45-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-8165-3789e01.js
104.18.70.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-8165-3789e01.js
IP 104.18.70.113:0
GET /web_widget/latest/classic/web-widget-8165-3789e01.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:11 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 3l2QEFjOGn7gb5wcEFZ79CHuLKV6LBOJqsvqW7I3b1li7jGSnO5id5UI8PWsvDT0+Je8O5wuQp0=
x-amz-request-id: NQRJJAQT92KAX1GC
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:06:01 GMT
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:06:00 GMT
x-amz-version-id: XkgxmNKTmDVQU4edOT7cokqmxhL.gbuw
cf-cache-status: HIT
age: 134837
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fepycB1zi5%2BZT8LltzFmglJ8%2BmtAHSWbkGf7yc%2Bl6L9VcWy1eRs4VUFG8F0tas12NoKqL26rCtJEgEkCiY%2FtVrswoZa%2Bcdy0b9fsDhUPtc%2BC3tje9DFIVjFJVzBXRqps0qIcuTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7909e8dd8855b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-5324-3789e01.js
104.18.70.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-5324-3789e01.js
IP 104.18.70.113:0
GET /web_widget/latest/classic/web-widget-5324-3789e01.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:11 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 5iEbvRNjpo2HmT4W8W8hFe7XYYzerZGVBZIzH0czqdD7jh+Yk56/4A4Nv4FXTOQ5ijvn38d10mg=
x-amz-request-id: NQRPZ93Y070WT5KM
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Jan 2023 07:06:01 GMT
etag: W/"a0d9b904197466a0a807d792b0b139b6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 07:06:00 GMT
x-amz-version-id: wdUhzTP_PBU4zLulSlUyuH.2qRiLFsd2
cf-cache-status: HIT
age: 134837
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mBTAl0QfDLX4OUsaHH3ke3k52KDtnXLKn1TskoqVF402rTWVI9JenyS%2B5bzgKJ61NydVz8qiOG6D%2FYcp26ok%2BNinG5yTX9%2BSGX19qiizVd4spSABAe1zoy8NyNFsdUtC8iHwNA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7909e8dd885ab523-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/swiper@7.4.1/swiper-bundle.min.js
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/swiper@7.4.1/swiper-bundle.min.js
IP 104.16.124.175:0
GET /swiper@7.4.1/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 13:00:04 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
via: 1.1 fly.io
fly-request-id: 01G4XGYFFRBMSG82JZ2H3KRTZA-fra
cf-cache-status: HIT
age: 20357529
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7909e8af0d38b521-OSL
content-encoding: br
X-Firefox-Spdy: h2