media2.site/id/bx/indosat
194.135.87.146301 Moved Permanently 241 B URL HTTP/1.1 media2.site/id/bx/indosat
IP 194.135.87.146:0
ASN #212531 UAB Interneto vizija
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a6c5be3facd0eb0758d7bc262537f632
01f0b9569e35c927420ca99c53f3ef796c1decc4
9aa0c96ad6b66cb552bb19972e673e3d53a3bfff297531a3f1473b0813b23fea
Analyzer Verdict Alert fortinet Phishing
GET /id/bx/indosat HTTP/1.1
Host: media2.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 06:28:22 GMT
Server: Apache
Location: http://media2.site/id/bx/indosat/
Content-Length: 241
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17805
Expires: Fri, 09 Dec 2022 11:25:07 GMT
Date: Fri, 09 Dec 2022 06:28:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15399
Expires: Fri, 09 Dec 2022 10:45:01 GMT
Date: Fri, 09 Dec 2022 06:28:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 06:08:18 GMT
content-type: application/json
age: 1204
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15082
Expires: Fri, 09 Dec 2022 10:39:44 GMT
Date: Fri, 09 Dec 2022 06:28:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aPvCeeXs9NyP8XH6SjfycA/owOikvyrTUMIFiV5pdUi0veaK+r9VnRNYF3eyIkwyqhbe3+41uns=
x-amz-request-id: M7Q95QVP0DK9G2ZF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 05:50:08 GMT
age: 2294
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
media2.site/id/bx/indosat/
194.135.87.146302 Found 0 B URL HTTP/1.1 media2.site/id/bx/indosat/
IP 194.135.87.146:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /id/bx/indosat/ HTTP/1.1
Host: media2.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 09 Dec 2022 06:28:22 GMT
Server: Apache
Location: //ak.lanopoon.net/4/5087048?var=ed_error
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 06:28:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ak.lanopoon.net/4/5087048?var=ed_error
95.101.10.59200 OK 925 B URL HTTP/1.1 ak.lanopoon.net/4/5087048?var=ed_error
IP 95.101.10.59:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (481)
Hash 75c477355dc525e06d1c119896b63da0
5441e570eac200e21b916c40fbe2937c68f9740e
a3bf068f3a2cfce99d6bb48811aa23069dcac272795ed84720ee5ff8c428be1e
GET /4/5087048?var=ed_error HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
X-Trace-Id: 8ade96d00e91acb4963af5269149a776
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
Expires: Fri, 09 Dec 2022 06:28:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 09 Dec 2022 06:28:22 GMT
Content-Length: 925
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: OAID=c540929b01ee4171a70ba03b0553e261; expires=Sat, 09 Dec 2023 06:28:22 GMT; path=/
oaidts=1670567302; expires=Sat, 09 Dec 2023 06:28:22 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.010000&visitor_id=624967163266216302&rdk=rk1
18.193.209.105302 Found 0 B URL HTTP/2 voices-kerence.com/e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.010000&visitor_id=624967163266216302&rdk=rk1
IP 18.193.209.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e156c3f3-11b0-4914-affc-c6259ac63ded?zoneid=5087048&bannerid=16028613&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6402535&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.010000&visitor_id=624967163266216302&rdk=rk1 HTTP/1.1
Host: voices-kerence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Dec 2022 06:28:22 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://wzb-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=we17mnai94dafu1l26pfrabe
pragma: no-cache
set-cookie: e156c3f3-11b0-4914-affc-c6259ac63ded-v4=M0nOa7rfm_FIZjRrM1N3vZ4cvHEprfdA0QBAhYG1fGo; Max-Age=86400; Expires=Sat, 10-Dec-2022 06:28:22 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=dDAUXCLoSNRAa%2FrE5XheghD0VRQw9KgadGuKBa4yTkHkX5JX5Cy1k59Q%2FzDCuMqdzT1K17WGolxaZ4azfdKggFNYcX%2B3IvTcgkaYFwoRabpe5672AVNpBU0w%2B9PY8gg%2Fwnz1pzN9MFLWCZY9W25eGA%3D%3D; Max-Age=31536000; Expires=Sat, 09-Dec-2023 06:28:22 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 27f907a256adb2c2f78f02a5f9b10c99
3411bd289f7e48859cde22993e8bd795ac9b19b2
907bff5886c7b9a138f540090f7e0010621667c24aa02c3fd075f083d0a3b683
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "907BFF5886C7B9A138F540090F7E0010621667C24AA02C3FD075F083D0A3B683"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2508
Expires: Fri, 09 Dec 2022 07:10:10 GMT
Date: Fri, 09 Dec 2022 06:28:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 06:07:59 GMT
age: 1223
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=c540929b01ee4171a70ba03b0553e261
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=c540929b01ee4171a70ba03b0553e261
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=c540929b01ee4171a70ba03b0553e261 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 06:28:22 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c540929b01ee4171a70ba03b0553e261; expires=Sat, 09 Dec 2023 06:28:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ak.lanopoon.net/favicon.ico
95.101.10.59204 No Content 0 B URL HTTP/1.1 ak.lanopoon.net/favicon.ico
IP 95.101.10.59:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ak.lanopoon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=c540929b01ee4171a70ba03b0553e261; oaidts=1670567302
HTTP/1.1 204 No Content
Pragma: public
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=2591992
Date: Fri, 09 Dec 2022 06:28:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6363
Cache-Control: max-age=102272
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:23 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:52:55 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
wzb-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=we17mnai94dafu1l26pfrabe
23.36.79.24307 Temporary Redirect 0 B URL HTTP/2 wzb-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=we17mnai94dafu1l26pfrabe
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=1360468&lpid=16889&bid=9131&clickid=we17mnai94dafu1l26pfrabe HTTP/1.1
Host: wzb-bc-7s.lptrak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://wazamba100.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 09 Dec 2022 06:28:23 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 09 Dec 2022 06:28:23 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a1360468%2c%22BID%22%3a9131%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670567303239)%5c%2f%22%2c%22CookieTag%22%3a%2291311360468451240919C2022129628%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22556071736%7c1%22%7d%5d; domain=.lptrak.com; expires=Sun, 09-Dec-3021 06:28:23 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=55
X-Firefox-Spdy: h2
wazamba100.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
45.8.106.138301 Moved Permanently 0 B URL HTTP/2 wazamba100.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
IP 45.8.106.138:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131 HTTP/1.1
Host: wazamba100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Dec 2022 06:28:23 GMT
content-length: 0
location: https://wazamba.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
vary: Accept-Encoding
server: cloudflare
cf-ray: 776bae2dddef0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.149.51.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.51.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NfcT+QfVNXDrqlLHGf17EQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UBYwtlbRsQ0IWPl/GzIXBoIPO1g=
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 44d429d240e66f636b3a234e1e1102c0
1e63d6ed1ccc5ba699a6a9fa0f70cd162122c00c
854b8f3b3f8f4831e917aad88aed13241a737bd5119ab1d31bd88ea412723633
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=102381
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:23 GMT
Etag: "6391c274-118"
Expires: Sat, 10 Dec 2022 10:54:44 GMT
Last-Modified: Thu, 08 Dec 2022 10:54:44 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 44d429d240e66f636b3a234e1e1102c0
1e63d6ed1ccc5ba699a6a9fa0f70cd162122c00c
854b8f3b3f8f4831e917aad88aed13241a737bd5119ab1d31bd88ea412723633
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=102381
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:23 GMT
Etag: "6391c274-118"
Expires: Sat, 10 Dec 2022 10:54:44 GMT
Last-Modified: Thu, 08 Dec 2022 10:54:44 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
wazamba.com/preloader.css?t=1670251586870
45.8.107.169200 OK 995 B URL HTTP/2 wazamba.com/preloader.css?t=1670251586870
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (1530), with no line terminators
Hash b8071e09e78c5be2bc10765fee0bae4a
19e9ac5d29b3137bf356bc8ab4e967902e27b91e
96981b84d0de3c54fdf83c012c463b7e53f9412cde526691b6a2fe1386d2d52a
GET /preloader.css?t=1670251586870 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:23 GMT
content-type: text/css
cf-ray: 776bae2fda8f1c16-OSL
access-control-allow-origin: *
age: 172
etag: W/"638efcab-604"
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=1540
cf-revalidated: Fri Dec 09 2022 06:25:31 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670567191077
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
142.250.74.174200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-P6V4PQ2
IP 142.250.74.174:0
File type ASCII text, with very long lines (1921)
Hash 7579d17b46e16832f63dbd6153f4a1b4
33739b8cfff3734103b4db5a9c0770da9fdb2f92
374e40fce6f02bd65bf7b928c04250fc7ae65425cf00971e16ed3759f8ea15c3
GET /optimize.js?id=OPT-P6V4PQ2 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 06:28:23 GMT
expires: Fri, 09 Dec 2022 06:28:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 3.2 kB IP 216.58.211.3:0
Hash b024caa102e5dda4c8f37a123596a444
2a2a9fabcf87fd73701e8c68906435ccaf010059
4637befa4201f285c9ef52a58e129135a7bfa589dff4ef893c49c6a3bf9345aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.seondf.com/js/v4/agent.js
172.67.148.159200 OK 101 kB URL HTTP/2 cdn.seondf.com/js/v4/agent.js
IP 172.67.148.159:0
File type C source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size 101 kB (101005 bytes)
Hash c603a286b4edc8a66f910c0a611629db
92f882d4fdf09a4d8e3671a2f3b431777bde90f6
d81bc380360bfe84ff8c8879214fbf231f57693faf92e339938edb2912367a84
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seondf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 09 Sep 2022 15:20:31 GMT
etag: W/"7e416f9feeb805e04c423899736c48e2"
cache-control: max-age=14400
x-amz-version-id: mfjcVMYC8eQg.3.C.jDktKY9HpyiJtFK
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eee6hgQ3xctrF4dTa6r4eh2gurLFeOJYCYPvF_Q4eFwSj9xFdflfXg==
cf-cache-status: HIT
age: 1865
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJ3QMLMd4dRJ1CrsKHXwcux8TiH%2FkoGVHktC62yjbjgKle7L4Um5n0Lw1xQE7gt0K56re8XMOFXS7N8kDUDuM4kC6DkMNZBQ543UpveLohuey3l8oaC1U9X0vndwJ%2BjJKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776bae30afdab4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/CHXiRz4wi-U
216.58.211.3200 OK 68 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CHXiRz4wi-U
IP 216.58.211.3:0
Hash cfc64b2dfd4447f0f2161c10ed8f81df
b4949e87525414d8ec004775355f7c293ed39366
9d3b78fc8ba349a8ce634c8511e354a577a7650b5adcde6d47d131c5f3810601
POST /s/gts1p5/CHXiRz4wi-U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MCXZLND
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (21950), with no line terminators
Hash c47bbe67ef6f4886567077e13bb50376
451ab7e6c0726f1f18615ce840c159e5e6b2d615
350c3e72ac772531d7c460937e2a506b962e2a77834a0f260f0129151d91d367
GET /gtm.js?id=GTM-MCXZLND HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 06:28:24 GMT
expires: Fri, 09 Dec 2022 06:28:24 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 59 kB IP 216.58.211.3:0
Hash 5445355f93b3c90e1f5f8b540e8d4f85
8c2d2135150ac898ebdadfb65306e59089d2ac09
994c8074e10bf66eec69d4c3a38a0877e3457bc0cb5a546c3a58cd59fe74e337
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 604693
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 53 kB IP 216.58.211.3:0
Hash 5a9aaeb6cf403c3aa34af314d8f21c16
be0cb4857b6f3ebe83210418ae34ec7bfe431caa
0c6f2b99ebb906509f990ea0100b3a7b060c495e1606573462038037c1cde4c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/13T696CQ6pM
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/13T696CQ6pM
IP 216.58.211.3:0
Hash 8023797361f65c1a40eab11b1f424a86
ff54d34cc6a022f0d92dffbdc27786adfad8f5f7
7037e93910d0b8696af6c4c073a2a45be475f361440295d06f7abf909cbcdae8
POST /s/gts1d4/13T696CQ6pM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1670251586870
34.120.135.117200 OK 131 kB URL HTTP/2 sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1670251586870
IP 34.120.135.117:0
File type ASCII text, with very long lines (64976)
Size 131 kB (130826 bytes)
Hash 9a067f0d78a0245c0f113e54faac822e
bbde0f6a175bd4f2e10235d41d676c5abfb03cfb
43f2061b95d6cd9102d9fa5ee34d2f284887070a400b1479c43d0d29af81f013
GET /altenarWSDK.js?build=1670251586870 HTTP/1.1
Host: sb2widgetsstatic-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvs2nVr5TrR-8UjqY_7oL84Yxu-C3bMG3TenOndPY6LWqwHuOfYjZZZVGtnr27n7vheyrcsELqfJgctVITvgH0IjQyRDasG
x-goog-generation: 1669705358216734
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 130826
x-goog-meta-goog-reserved-file-mtime: 1669705321
content-encoding: gzip
x-goog-hash: crc32c=ySUPxQ==, md5=mgZ/DXigJFwPET5U+qyCLg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 130826
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Fri, 09 Dec 2022 06:28:24 GMT
expires: Fri, 09 Dec 2022 06:28:24 GMT
cache-control: no-cache,max-age=0
last-modified: Tue, 29 Nov 2022 07:02:38 GMT
etag: "9a067f0d78a0245c0f113e54faac822e"
content-type: application/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/13T696CQ6pM
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/13T696CQ6pM
IP 216.58.211.3:0
Hash 8023797361f65c1a40eab11b1f424a86
ff54d34cc6a022f0d92dffbdc27786adfad8f5f7
7037e93910d0b8696af6c4c073a2a45be475f361440295d06f7abf909cbcdae8
POST /s/gts1d4/13T696CQ6pM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 27fa3d12027fc228912d0c8d43e4b2e5
b5dc45d81c6c4129a58f91546047c05d71fdb4b9
c5fbdbf31692129d3a770ee1b8a397adc1042a172f7de5cd6cd890605be0dff3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 06:28:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 22:25:22 GMT
Expires: Fri, 09 Dec 2022 22:25:22 GMT
ETag: "b5dc45d81c6c4129a58f91546047c05d71fdb4b9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 27fa3d12027fc228912d0c8d43e4b2e5
b5dc45d81c6c4129a58f91546047c05d71fdb4b9
c5fbdbf31692129d3a770ee1b8a397adc1042a172f7de5cd6cd890605be0dff3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 06:28:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 22:25:22 GMT
Expires: Fri, 09 Dec 2022 22:25:22 GMT
ETag: "b5dc45d81c6c4129a58f91546047c05d71fdb4b9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
wazamba.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
45.8.107.169200 OK 18 kB URL HTTP/2 wazamba.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1786)
Hash c2fd3fda804201e93e011c315ed29c9f
1c9ca1aeff3df180f3f14bcd26c033a026a36d82
cf92404739c39f2a4b3608db8966177b9058612018e304cf3b1b42dfa86be95f
GET /no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:23 GMT
content-type: text/html
cf-ray: 776bae2f1a481c16-OSL
age: 80
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-revalidated: Fri Dec 09 2022 06:27:03 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670567283580
content-security-policy: frame-ancestors 'self' wazamba.com m.wazamba.com
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1670251586870
34.102.156.252200 OK 159 kB URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Integration/wazamba?build=1670251586870
IP 34.102.156.252:0
Size 159 kB (158939 bytes)
Hash 261ef2c465bb71d2498d6856c45d411e
95f2ab5031118598ad204bd062bf3af5e5bc9ff9
c8ec0aaf4405d4fc23abac65f2e514dc6cf653b1334d866f85586fb3933b44a2
GET /api/Integration/wazamba?build=1670251586870 HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
date: Fri, 09 Dec 2022 06:28:24 GMT
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
104.85.191.64200 OK 17 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/6db8c7e6cdeb/landingpage
IP 104.85.191.64:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2771)
Hash ee093d1706a726403e55b592bc2cdf2f
a0149f1735e321d3a7af1b27fa5023ba14f66953
b825a2b9c885382cbb9c98646ea7dea18d248332b8dd38c5691903c4dbf769b6
GET /dcs/tagController/tag/6db8c7e6cdeb/landingpage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript;charset=utf-8
content-length: 16608
vary: Accept-Encoding
cache-control: must-revalidate, max-age=33
expires: Fri, 09 Dec 2022 06:28:57 GMT
date: Fri, 09 Dec 2022 06:28:24 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 835f17b15cc8623fe0c65ccbef72c084
e0b3f6daa2cbc515f461cd65c856f3c0e85f25da
950f2646856281db9391c79e9eb4d927e69af9ba999b9e96bcf61d42d45a52eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5677
Cache-Control: max-age=140081
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Etag: "63923f8c-1d7"
Expires: Sat, 10 Dec 2022 21:23:05 GMT
Last-Modified: Thu, 08 Dec 2022 19:48:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
37.157.4.28200 OK 180 B URL HTTP/2 track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
IP 37.157.4.28:0
File type ASCII text, with no line terminators
Hash 2255005e68a8880fe8846b0ce53772ad
36ba75259314950e35818b9d871b02b09dab56ce
28df773657a07be0bbc8ab226c401438dacd6a9bc8662f38f0a69252c0089fc5
GET /Serving/Cookie/?adfaction=getjs;adfcookname=uid HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 06:28:24 GMT
content-type: text/javascript; charset=utf-8
content-length: 180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
142.250.74.132200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash f536a0a73a847f823b7165aeac7406bb
00681f24bf1e21b1cafb4fa3366496cdae5990ff
5b660ad648092f4b8f79c70ab1fb9ce4e396ae856750f31ed2768c464628cea9
GET /recaptcha/api.js?render=6LeaOBYgAAAAAAEHDb2GQJrmoONPgRxxXj_zCHmv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 09 Dec 2022 06:28:24 GMT
date: Fri, 09 Dec 2022 06:28:24 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 1.4 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b61e61cf449e38d759af0de3afc423f
9cf10e26fd3466762f3797123714f976df2a70c2
9824e5efa916b47002532b3afe2eaa113ee8b87472a443d5d406ca5b17fa54ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19086
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 06:28:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 603 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5b027a940e22c3bedc1f2f3a7ee49836
3d929cc3be94e82b9bd15146df3665fc8892ebc8
730a40b26fcd8025adf8a4168a8f34b9e9327aa87ec742d4df59c67a72ccf4aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19086
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 06:28:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19086
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 06:28:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDD0v-1I1sFVMsJl64nQDe_hHExMrSLXPrbou_J79YEQf3YwS2oklA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:48:13 GMT
age: 81611
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 48440
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRBF_gIAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:37:33 GMT
age: 64251
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34a9b9b25e57f612db5560cd05e44cce
433e295328d6c821a1df907c232bff4195e2860b
139dc677e5725c98a5d90d19b206a34a4c9f43ad87cf1d322881381e992bd5b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 26914070-22ad-49fd-bacb-7842dcb203b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZPGd-oAMF5OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925907-5c62555a65327ff934ae232e;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gGT6ZP9a7ENOcyGNek_ac8WlyRoiYeB4KdqC2UHHlwLdWBQUhHsw7w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 22:00:01 GMT
age: 30503
etag: "433e295328d6c821a1df907c232bff4195e2860b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:33:10 GMT
age: 64514
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1be0ae00ba0c6009ac14c8df38b8ad0
33edd1469c54a08e3c4cb0003b87b225eba55b3f
ab70390c49c5bb3dd7e97ba008c01213a59b3bc271aa8a350ab35ff422d8b3fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3030
x-amzn-requestid: c5e5e4a1-bc45-42e8-a021-9c8f99e22556
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUqCFWBoAMFiqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639134a6-5cc9bdf360f2bfb54e16b448;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: x5FUJ8Cbw9B9BWcHlencYw564Xri5cgoVXkQ2MbhEjYq7Y5v2P0IxQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 14:51:55 GMT
etag: "33edd1469c54a08e3c4cb0003b87b225eba55b3f"
content-type: image/jpeg
age: 56189
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 04:46:55 GMT
expires: Fri, 09 Dec 2022 06:46:55 GMT
cache-control: public, max-age=7200
age: 6089
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1463743286.1670567304>m=2oebu0&aip=1&z=1328227312
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1463743286.1670567304>m=2oebu0&aip=1&z=1328227312
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F5V35L3FQK&cid=1463743286.1670567304>m=2oebu0&aip=1&z=1328227312 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 06:28:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 146902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash f0ce34908aae2f54cabfcef71d0e6665
02ed7b537989141ac64b836bcab09a6e3eff313f
eff59096bd0af95b7cafd67753c11e264b576e1d92b97d054c478cb333d422b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160161
Date: Fri, 09 Dec 2022 06:28:25 GMT
Etag: "63929b0b-1d7"
Expires: Sun, 11 Dec 2022 02:57:46 GMT
Last-Modified: Fri, 09 Dec 2022 02:18:51 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TnWBhGyyuxjkIMdTxdFJtXSSYoid39YaePUvMGQkWvIwq9FGIFDzdA==
Age: 2335
script.hotjar.com/modules.bc0a4c72d88d266f15af.js
143.204.55.96200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.bc0a4c72d88d266f15af.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash 2375e31c5dc0ca09d740bee5c1486c2b
d68ad5ffd79e99af40377945f2f41db8b6f00ad0
2197593e6c85391abbb9c0cba866862dc84bad91aedbe5d90d374e413504f5cb
GET /modules.bc0a4c72d88d266f15af.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68590
date: Wed, 07 Dec 2022 14:35:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "2375e31c5dc0ca09d740bee5c1486c2b"
last-modified: Wed, 07 Dec 2022 14:34:24 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sfXP0micWcOifPuSn8Fyjc7QoHPF4PkRT_bBFFWfYpsFg685uRelRQ==
age: 143599
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2021928.js?sv=6
143.204.55.54200 OK 3.1 kB URL HTTP/2 static.hotjar.com/c/hotjar-2021928.js?sv=6
IP 143.204.55.54:0
File type ASCII text, with very long lines (6375)
Hash 28db89d1bb7166830867b91d939e53e3
4a2d8b8d98e6cc64b2b6e93218c9746ca43cf730
e223c70df10bc543997e995ae3a6ec1f2f32b3e1bfce5ab37192dea446f8dca8
GET /c/hotjar-2021928.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 06:28:24 GMT
cache-control: max-age=60
etag: W/8fc3232a6ecd8aa8407dcbbd7094707b
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hCNrezJfy9Pv5eItsi5VCZiB6hyY34pOzPbH00nsTmRkWE08m-Snwg==
age: 6
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
104.16.152.45200 OK 34 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash db1d31533283422abf8460024b0fa333
12951c08fcc92366278ce2a006f5f257ed9d6f02
b3894f9a38d87b7cb97a3c72744b34540e2d7d1dce7b65ca0e4281eae643f05d
GET /crab/startscreen/bonus-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:25 GMT
content-type: image/webp
content-length: 33602
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35463
content-disposition: inline; filename="bonus-crab-logo.webp"
etag: "630f1d9d-8a87"
expires: Thu, 15 Dec 2022 18:34:53 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 576558
accept-ranges: bytes
server: cloudflare
cf-ray: 776bae3a3a9bb4f9-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
104.16.152.45200 OK 28 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash caf2e885906d6d25e4bfb3fbd2048463
ea8c3be612ac1b3ee18dae469a4208388ca788b0
d2dec97fc0ea9d58d4426672070c3f09d5a714451fd2bacff2aef9258211aa35
GET /crab/startscreen/cash-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:25 GMT
content-type: image/webp
content-length: 28536
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=29855
content-disposition: inline; filename="cash-crab-logo.webp"
etag: "630f1da0-749f"
expires: Thu, 15 Dec 2022 17:30:43 GMT
last-modified: Wed, 31 Aug 2022 08:36:48 GMT
vary: Accept
cf-cache-status: HIT
age: 576558
accept-ranges: bytes
server: cloudflare
cf-ray: 776bae3a3aa9b4f9-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4fed77d3b49f08b04115006374dc5214
b18de58d1c3a6795ab5a277cf9a5ab39783f182e
3840dcf10a13d169e253e87126d84e702cc74f1c7b03e074ab5e090dbae1db49
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3794
Cache-Control: max-age=156937
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:25 GMT
Etag: "639288c0-118"
Expires: Sun, 11 Dec 2022 02:04:02 GMT
Last-Modified: Fri, 09 Dec 2022 01:00:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
104.16.152.45200 OK 152 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
IP 104.16.152.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 152 kB (151608 bytes)
Hash dc8b0375858d38a5a251333a48e60709
1cbf60c6695c7fe37e90ec49c4ad50ff6fa744f7
60136a4825a2602ae8862ef79ac8d103bc069c507ea76a5699233e249fce82ea
GET /crab/backgrounds/start-screen-desktop__single_ball.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:25 GMT
content-type: image/jpeg
content-length: 151608
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origSize=154594, status=webp_bigger
etag: "623b0046-25be2"
expires: Mon, 05 Dec 2022 04:41:07 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
cf-cache-status: HIT
age: 488622
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776bae3a5abbb4f9-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
104.16.152.45200 OK 150 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
IP 104.16.152.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1080, components 3\012- data
Size 150 kB (150149 bytes)
Hash 1292a0631ae7d8704f8ca13b149fb57c
c98f5a6566a16a6eac69cc24fa12dbe3eb6e9b8f
02c32655984641c0f36fde93be7d8bf9c83ab69211f8ebf5e0ae94c2c7ddca8a
GET /crab/backgrounds/start-screen-desktop__balls.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:25 GMT
content-type: image/jpeg
content-length: 150149
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "623b0048-24a85"
expires: Mon, 05 Dec 2022 04:41:07 GMT
last-modified: Wed, 23 Mar 2022 11:11:04 GMT
cf-cache-status: HIT
age: 742583
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776bae3a5abfb4f9-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/promo-text.png
104.16.152.45200 OK 20 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/promo-text.png
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 31f9984a6ea4ab039d1ca2be44c40c51
fb0c9dd75d1362fa410877e485ec85c544516cfc
4ee9e1556bae45b29055f28591dc50d54943144a25377eb9ad73cc4b108ff9f6
GET /crab/startscreen/promo-text.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:25 GMT
content-type: image/webp
content-length: 20300
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=21490
content-disposition: inline; filename="promo-text.webp"
etag: "630f1d9d-53f2"
expires: Thu, 15 Dec 2022 18:28:48 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 576558
accept-ranges: bytes
server: cloudflare
cf-ray: 776bae3a4ab2b4f9-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
104.16.152.45200 OK 125 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
IP 104.16.152.45:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 125 kB (124920 bytes)
Hash 6d37ce026529f6dbc461f0a9e779ed52
ee72985a64bfbbe9259d251148d3b6636cf7c948
370323d75ec8339ce5c5e7bdc8dce370701bb98adc28c180b176fca76a40afd3
GET /crab/backgrounds/start-screen-desktop__animals.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:25 GMT
content-type: image/webp
content-length: 124920
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=152171
content-disposition: inline; filename="start-screen-desktop__animals.webp"
etag: "623b0046-2526b"
expires: Thu, 24 Nov 2022 20:52:48 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
vary: Accept
cf-cache-status: HIT
age: 2021736
accept-ranges: bytes
server: cloudflare
cf-ray: 776bae3a5ab8b4f9-OSL
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=1072425668&_gaz=1&cid=1463743286.1670567304&ul=en-us&sr=1280x1024&_s=1&sid=1670567303&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2Fseasons%2Fchristmas%3Fbtag%3D658915_5373B1B8C1AD45A5BB4578F3EB064666%26clickid%3Dwe17mnai94dafu1l26pfrabe%26MSID%3D1360468%26BID%3D9131&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=1072425668&_gaz=1&cid=1463743286.1670567304&ul=en-us&sr=1280x1024&_s=1&sid=1670567303&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2Fseasons%2Fchristmas%3Fbtag%3D658915_5373B1B8C1AD45A5BB4578F3EB064666%26clickid%3Dwe17mnai94dafu1l26pfrabe%26MSID%3D1360468%26BID%3D9131&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F5V35L3FQK>m=2oebu0&_p=1072425668&_gaz=1&cid=1463743286.1670567304&ul=en-us&sr=1280x1024&_s=1&sid=1670567303&sct=1&seg=0&dl=https%3A%2F%2Fwazamba.com%2Fno%2Fseasons%2Fchristmas%3Fbtag%3D658915_5373B1B8C1AD45A5BB4578F3EB064666%26clickid%3Dwe17mnai94dafu1l26pfrabe%26MSID%3D1360468%26BID%3D9131&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&up.Acc_Id=Not%20Login HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Fri, 09 Dec 2022 06:28:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=1463743286.1670567304>m=2oebu0&aip=1
64.233.165.157204 No Content 1.3 kB URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-F5V35L3FQK&cid=1463743286.1670567304>m=2oebu0&aip=1
IP 64.233.165.157:0
Hash 7f96592f76cea2af364f32bea7609f17
905715c83445b89ed5da1da9293d7686798d011b
5a07ee4e5337a1be89d8797a9b193ae9f958792978cc9116e7ac734ed97f80ce
POST /g/collect?v=2&tid=G-F5V35L3FQK&cid=1463743286.1670567304>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wazamba.com
date: Fri, 09 Dec 2022 06:28:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
36d8fe54-9b79-4fc6-95c5-a04ce0dedff5.seondnsresolve.com/
143.204.55.12200 OK 633 B URL HTTP/2 36d8fe54-9b79-4fc6-95c5-a04ce0dedff5.seondnsresolve.com/
IP 143.204.55.12:0
File type JSON data\012- , ASCII text, with very long lines (633), with no line terminators
Hash 291395d42a45c87e3dc9a2f837732ada
86d46f8da72d772bf7c5f237e49ca96b842b1269
5a0677fb64379fcad00017458b352d3d8b48e0aa264ae75422228c90381e1753
POST / HTTP/1.1
Host: 36d8fe54-9b79-4fc6-95c5-a04ce0dedff5.seondnsresolve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 6181
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 633
date: Fri, 09 Dec 2022 06:28:25 GMT
x-amzn-requestid: 512125f0-69f6-423f-b93a-c8877c0223bf
access-control-allow-origin: *
x-amz-apigw-id: c3ZNfEsWDoEFyFg=
x-amzn-trace-id: Root=1-6392d589-703e9a1b0cb5b7ac1b28efb8;Sampled=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1750cWOaI4HtX4OZGFA6_PG9BkMK8lkLDDJFDRdmGuVoIsIYtyK7ZA==
X-Firefox-Spdy: h2
static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
104.18.70.113200 OK 12 kB URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11
IP 104.18.70.113:0
File type ASCII text, with very long lines (23416), with no line terminators
Hash 69ad50242168d27202fe8b43d179cd06
031c448184cf82a6be941c17d7bf45bff44d0023
aff362b61cccd2f09bb16f2f55efa0a8b3f63336afd664c342b6fdd816c4e0ef
GET /ekr/snippet.js?key=36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:25 GMT
content-type: application/javascript
x-amz-id-2: 2vczt6VEQAujZh2Sn1saK7Q0yPHQMRKRQuuC+kOwLnJ40itjD1HXfy2Id85tVz8wD4O1ArN10VQ=
x-amz-request-id: 4MARQ9YY8PDZ70A8
x-amz-replication-status: PENDING
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 54
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iH4VHaKHW3NdvJUPhWzuxwP%2B9wnq3c%2F2Fq3kbHD0yTwQeprw38rC1dvbSDXvOLBN2F8qkqibyuo3socUojpck6gyFcWndQ1VOZmJInEtJAn9dXWFeZEaY7ubqRZja2bFILkLeyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 776bae3a896cb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash e165b321d6c11ba6e76587833b7ecb45
7f5f389371d0ad571eb4ff760975c4303a612308
7c0481251494a1b7af5b0680b7a723abf09d4606fcf4edd9497b561f7c199011
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 06:28:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 19:33:36 GMT
Expires: Fri, 09 Dec 2022 19:33:36 GMT
ETag: "7f5f389371d0ad571eb4ff760975c4303a612308"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
54.175.252.46200 OK 19 B URL HTTP/1.1 logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
IP 54.175.252.46:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b5efa112ce475f8bf73086a68521ea2e
4c4e7a9e8feb3e4595b4baf2db4466df001afa61
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
POST /inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger HTTP/1.1
Host: logs-01.loggly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 329
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 06:28:25 GMT
Content-Type: text/html
Content-Length: 19
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
104.85.191.64200 OK 20 B URL HTTP/2 zz.connextra.com/Wazamba/dcs/tagController/tagData/6db8c7e6cdeb
IP 104.85.191.64:0
Hash 163be0a88c70ca629fd516dbaadad96a
c8830ccf3a863e489ca37f4da572bad0e05d077b
ac73670af3abed54ac6fb4695131f4099be9fbe39d6076c5d0264a6bbdae9d83
POST /Wazamba/dcs/tagController/tagData/6db8c7e6cdeb HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 44
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-origin: https://wazamba.com
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Fri, 09 Dec 2022 06:28:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 09 Dec 2022 06:28:26 GMT
content-length: 20
set-cookie: CxtId=47469960-874c-49e0-bbed-9b4f06337e6d; Domain=.connextra.com; Expires=Sun, 08-Dec-2024 06:28:25 GMT; Path=/; Secure
Wazamba=P%7Clandingpage%7C1%7C202212090628; Domain=.connextra.com; Expires=Sat, 09-Dec-2023 06:28:25 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
2.18.172.207200 OK 1.5 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP 2.18.172.207:0
Hash e0d1554ecb933e45817487aa15878145
0363fbba77ad155cc8d464f17f337bca2f243e7d
4544cf4ab473fb7d7c00e92f4427e30f1aef53b0e1ed853328c0f86cee6ad741
GET /event/js?mt_id=1606462&mt_adid=256810&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1493
Access-Control-Allow-Origin: *
Server: MT3 180 1fd3e2d master cdg-pixel-x26 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 09 Dec 2022 06:28:25 GMT
Date: Fri, 09 Dec 2022 06:28:26 GMT
Connection: keep-alive
Set-Cookie: uuid=7bac6392-d58a-4300-98ed-1f73aee857bc; domain=.mathtag.com; path=/; expires=Sat, 06-Jan-2024 06:28:26 GMT; SameSite=None; Secure
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131568742-1&cid=1463743286.1670567304&jid=890299809&gjid=731878604&_gid=1860095840.1670567304&_u=YADAAEAAAAAAACAAI~&z=1192064381
64.233.165.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131568742-1&cid=1463743286.1670567304&jid=890299809&gjid=731878604&_gid=1860095840.1670567304&_u=YADAAEAAAAAAACAAI~&z=1192064381
IP 64.233.165.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131568742-1&cid=1463743286.1670567304&jid=890299809&gjid=731878604&_gid=1860095840.1670567304&_u=YADAAEAAAAAAACAAI~&z=1192064381 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://wazamba.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 06:28:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.mathtag.com/sync/iframe?mt_uuid=7bac6392-d58a-4300-98ed-1f73aee857bc&no_iframe=1&mt_adid=256810&source=mathtag
2.18.172.207200 OK 713 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=7bac6392-d58a-4300-98ed-1f73aee857bc&no_iframe=1&mt_adid=256810&source=mathtag
IP 2.18.172.207:0
File type HTML document text\012- HTML document, ASCII text
Hash f853f2ecf3f2d763c4057f4ff5c3e4e8
0f9ca6de16aa4261f1202443311462a81717dd85
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
GET /sync/iframe?mt_uuid=7bac6392-d58a-4300-98ed-1f73aee857bc&no_iframe=1&mt_adid=256810&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 180 1fd3e2d master cdg-pixel-x30 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 09 Dec 2022 06:28:25 GMT
Date: Fri, 09 Dec 2022 06:28:26 GMT
Connection: keep-alive
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u0ey__3IG_GdHYeTVqiNyTD35Kg88MsfBWJ6GRNrs2Pvc0I3yqHrcQ==
age: 1358300
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 73a7602e4733c9bf6ab78aaf4d267c52
cc6498210fdeabe840a1d63d4fa954a8e0a055ec
5422df3bef8cc8cab0647d693ddcba122f73c7512d0924e9811c5c21ae3f36b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5380
Cache-Control: max-age=147017
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:26 GMT
Etag: "63925bcf-1d7"
Expires: Sat, 10 Dec 2022 23:18:43 GMT
Last-Modified: Thu, 08 Dec 2022 21:49:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/seg?add=31078906&t=2
37.252.171.84307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=31078906&t=2
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=31078906&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 09 Dec 2022 06:28:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
AN-X-Request-Uuid: b8d316a3-adbf-4653-b739-4a537195af88
Set-Cookie: uuid2=347188099381759113; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 09-Mar-2023 06:28:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
37.252.171.84200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP 37.252.171.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 09 Dec 2022 06:28:26 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 079ff6d6-50bb-44a6-9418-a7be0405eadd
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
185.29.132.245302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP 185.29.132.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 09 Dec 2022 06:28:26 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 180 1fd3e2d master zrh-pixel-x15 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=359c6392-d58a-4800-9ba2-198d8b6567eb; domain=.mathtag.com; path=/; expires=Sat, 06-Jan-2024 06:28:26 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/359c6392-d58a-4800-9ba2-198d8b6567eb
Expires: Fri, 09 Dec 2022 06:28:25 GMT
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 34c0531007fd77ed137e839b814ead19
2cfe90213fa589abdb90989d073c86abd4e47835
903f4471decf132d25a4399fcf1b3736e481f9d629c56cd88716f6da6d2b69a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110727
Date: Fri, 09 Dec 2022 06:28:26 GMT
Etag: "6391cae6-1d7"
Expires: Sat, 10 Dec 2022 13:13:53 GMT
Last-Modified: Thu, 08 Dec 2022 11:30:46 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Bbh9yqyaBT0_VsAWAu2rtAclotlkzgUCfWtxku11mUIm4y-rEetdrQ==
Age: 6187
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 6ae18c059329ef75278055b4ec017da1
9dc25d3dbb5beeb8a9341546b21189170e33e589
d2a0954ebfd0000c9b65cc84c14c173ddb79d73a363fe73ac354930bc40dbcdb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160219
Date: Fri, 09 Dec 2022 06:28:26 GMT
Etag: "63929f31-1d7"
Expires: Sun, 11 Dec 2022 02:58:45 GMT
Last-Modified: Fri, 09 Dec 2022 02:36:33 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: azZEaw5OnIHsCqZ6bNQr5gmp32EePVEB7lGBCkbAn5iEsA4qxE-rew==
Age: 1332
match.prod.bidr.io/cookie-sync/geniussports
54.195.231.201303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP 54.195.231.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 09 Dec 2022 06:28:26 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 09 Dec 2022 06:38:26 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 09 Dec 2022 06:28:26 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 09 Dec 2022 06:38:26 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
37.252.171.84200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31078906%26t%3D2
IP 37.252.171.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D31078906%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 09 Dec 2022 06:28:26 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: ca190370-fc40-417f-98f2-83116ce771de
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2C%wl=iH8!]tbP6j2F-XstGt!@DE3$[dvh; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 09-Mar-2023 06:28:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1778&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 09 Dec 2022 06:28:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
54.195.231.201303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP 54.195.231.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 09 Dec 2022 06:28:26 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
zz.connextra.com/sync/data/uid/6c883bd680/359c6392-d58a-4800-9ba2-198d8b6567eb
104.85.191.64200 OK 973 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/359c6392-d58a-4800-9ba2-198d8b6567eb
IP 104.85.191.64:0
Hash 2ba0a390626d9c5e8e30ebc99f32f38e
2ef4692d3a05afcbddef315be4b51d00d106d7c6
6e12807e6bb56d1cacf7aded33e704708e6dcb415b162a9311744986bcd66326
GET /sync/data/uid/6c883bd680/359c6392-d58a-4800-9ba2-198d8b6567eb HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Fri, 09 Dec 2022 06:28:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 09 Dec 2022 06:28:26 GMT
content-length: 64
set-cookie: CxtId=7c2705a2-da96-462e-8cbb-0715139531a4; Domain=.connextra.com; Expires=Sat, 09-Dec-2023 06:28:26 GMT; Path=/; Secure
ex_uuid=6c883bd680%2C359c6392-d58a-4800-9ba2-198d8b6567eb; Domain=.connextra.com; Expires=Sat, 09-Dec-2023 06:28:26 GMT; Path=/; Secure
X-Firefox-Spdy: h2
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
2.18.172.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 2.18.172.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 180 1fd3e2d master cdg-pixel-x27 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 09 Dec 2022 06:28:25 GMT
Date: Fri, 09 Dec 2022 06:28:26 GMT
Connection: keep-alive
Set-Cookie: uuid=296d6392-d58a-4500-a48e-8fa2463500cc; domain=.mathtag.com; path=/; expires=Sat, 06-Jan-2024 06:28:26 GMT; SameSite=None; Secure
zz.connextra.com/sync/data/uid/508a5e2dd5/
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/508a5e2dd5/
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
expires: Fri, 09 Dec 2022 06:28:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 09 Dec 2022 06:28:26 GMT
content-length: 64
set-cookie: CxtId=23aca15e-7917-4a9e-be84-e449ccf18d99; Domain=.connextra.com; Expires=Sat, 09-Dec-2023 06:28:26 GMT; Path=/; Secure
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 1f5e215f8a7a02c43465654c397e0bbd
167bfd0fe3b0bba7170f6d2b9e345ef6b3b6dfd7
ea8f444a8683640e753d493f1ffed8356ad3280f8e64f5e38e95b6551e84b383
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124814
Date: Fri, 09 Dec 2022 06:28:27 GMT
Etag: "639201e6-1d7"
Expires: Sat, 10 Dec 2022 17:08:41 GMT
Last-Modified: Thu, 08 Dec 2022 15:25:26 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9vfxbHBD7PsQuO53rQbeYCJlW9UuYuTppAh4SNIzCQqNPZbfJ6TI9A==
Age: 6195
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8890f5e036857bbaa9d91d6ad9ed9ae1
d98d2caf3a93903e4562c52d162d2679a2b1f5e1
2c13f2209d35c0049748e32cd8833ae51bd65cdbf5aea7c8e7488403fa95daa8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169684
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:28:27 GMT
Etag: "6392c95f-117"
Expires: Sun, 11 Dec 2022 05:36:31 GMT
Last-Modified: Fri, 09 Dec 2022 05:36:31 GMT
Server: nginx
Content-Length: 279
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
54.230.111.96200 OK 68 B URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP 54.230.111.96:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Sat, 12 Nov 2022 13:28:27 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w1XYFgcv9Vk9_TXv5uh312JHw2UhFxuUMHp6P6es7usJfwW8iV5HEw==
age: 2307601
X-Firefox-Spdy: h2
wazamba.com/socket/?lang=no&EIO=3&transport=websocket&sid=csL81-W9CdrLjSzbAEAq
45.8.107.169101 Switching Protocols 0 B URL HTTP/1.1 wazamba.com/socket/?lang=no&EIO=3&transport=websocket&sid=csL81-W9CdrLjSzbAEAq
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket/?lang=no&EIO=3&transport=websocket&sid=csL81-W9CdrLjSzbAEAq HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wazamba.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: u2Z8ADv7an2EiDJXNIFO6A==
Connection: keep-alive, Upgrade
Cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv; data=9c689a33e3e1c5c2bb1f7a73521f843c; _ga_F5V35L3FQK=GS1.1.1670567303.1.0.1670567304.59.0.0; _ga=GA1.2.1463743286.1670567304; _gid=GA1.2.1860095840.1670567304; _gat_UA-131568742-1=1; _hjSessionUser_2021928=eyJpZCI6ImY4NjlkMDc2LTBiZWMtNTFlOC04NTI0LTJjM2I2MTUwZDAyZCIsImNyZWF0ZWQiOjE2NzA1NjczMDQzMjUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2021928=eyJpZCI6IjY4Yzk5NWY3LWQ5YzEtNGIwNS05ZWVjLWNhYjVkNzJiZWRiYiIsImNyZWF0ZWQiOjE2NzA1NjczMDYwNzgsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; io=csL81-W9CdrLjSzbAEAq
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 09 Dec 2022 06:28:27 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tGzS5JvPX7sQK7orjUj7g/2XZqw=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776bae470bb8b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/740616bf1c24abf74149e03ad3526a58-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
54.230.111.96200 OK 46 kB URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/sealassets/740616bf1c24abf74149e03ad3526a58-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid
IP 54.230.111.96:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 375b5b5bcd1d5179f5b789e4c28ca6df
f52bfd097b13f83fa43714f59786efa4082f55a1
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
GET /sealassets/740616bf1c24abf74149e03ad3526a58-wazamba.com-ef031ddc22c48d06a58bfc9228f945b0663c5fd11138a2a4ece87e9257ec474d184219615db2eaee571d1da7e02c353c-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 46382
date: Fri, 09 Dec 2022 06:28:27 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bae47bcb19012-FRA
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8-ingCd1mCOMC76bxo1o-iwP3dCZsPIGjYpQqewN3SumwGKsbzqQ8Q==
X-Firefox-Spdy: h2
wazamba.zendesk.com/embeddable/config
104.16.51.111200 OK 194 kB URL HTTP/2 wazamba.zendesk.com/embeddable/config
IP 104.16.51.111:0
File type JSON data\012- , ASCII text, with very long lines (716), with no line terminators
Size 194 kB (194359 bytes)
Hash ad55c9d3c2670a04104329642f9c09d7
25ca4ad074275b571e50b49463844a0f458d1ed6
551272b83947b6b84e62fdbdb8f619d0886d2c19b868e86d1d8fa9c9df98f4fd
GET /embeddable/config HTTP/1.1
Host: wazamba.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/
Origin: https://wazamba.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:27 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-67c876856-zt4nv
x-request-id: 776bae46ea54b4fd-DUB
x-runtime: 0.001546
vary: Origin, Accept-Encoding
x-cached: MISS
last-modified: Fri, 09 Dec 2022 06:26:43 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34ReQyU3cwT5LoDZOZIqBtBB7s6e6XmxNXs%2B6VDrQOeWNf1B51JfpVjpssRfd9x%2BPy6BCaAJh0N%2BDGZ5pIXwh3Ta75kKutvP8uGjLvkK5rF6btrkLM2wqUjTgV885N8e8hY6ltk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=9ae3afe0ad343c776f1c4a3ea71c1118909e925c-1670567307; path=/; domain=.wazamba.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 776bae46ea54b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 2546df261b46d996d71e860969493b6f
57c7354d1ea7471fc54c0cd38ac77bf1c6475fb2
097e564b6e8b501d8c2d0aea9aab630ccf93639f80b0fab939b9fa9043e89a04
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129708
Date: Fri, 09 Dec 2022 06:28:28 GMT
Etag: "63921c6d-1d7"
Expires: Sat, 10 Dec 2022 18:30:16 GMT
Last-Modified: Thu, 08 Dec 2022 17:18:37 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7To5swvkFlRIwqbyayeneo2dmRDkWYmv42gIsQ7zGa3jis24z_a4qA==
Age: 4299
static.zdassets.com/web_widget/latest/classic/web-widget-classic-4212808.js
104.18.70.113200 OK 172 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-classic-4212808.js
IP 104.18.70.113:0
File type ASCII text, with very long lines (13518), with no line terminators
Size 172 kB (171821 bytes)
Hash e75125771183b29e830410d37b227911
162d6bc2a941b86496a88d4608339bb81169b6d5
75ae924feabdc3b66eb64750406f5899d36efacbdd375ecabc4c1d465d52ff4d
GET /web_widget/latest/classic/web-widget-classic-4212808.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:27 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 8fgeJmvzV9g3aEYPep2pW+u7LQtzvCeT43XJN95yzCbh3pkHrD6nfzmX4QFJNjQwZzobKuNdGHc=
x-amz-request-id: MJA1GD7PX5YDFTXQ
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:11:15 GMT
etag: W/"b7d94d855c96dca34cd270640fe85359"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 02:11:14 GMT
x-amz-version-id: 2mvSx0Vz1zz6nZ5il_Trrwv7JRXSTPvm
cf-cache-status: HIT
age: 177766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0o7K1568G7NTzSbCjp%2B64Hjs3QhSSAS2o3bdFCbToDiRiIMCTRzgk860ao2yO46ZHrPIcBEGkrQgt%2B4xNDhaJxO9f722Ga%2Fjmh5hA1Cgy0NQT2dBm5ksY0yqwabfSBkqL%2F6KJgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 776bae48ae9db50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-4212808.js
104.18.70.113200 OK 20 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-4212808.js
IP 104.18.70.113:0
File type ASCII text, with no line terminators
Hash 7ecbeb9fbae3abfe6ebd258f7d0b9ad3
c51d653cfe5d82402b6d029ad66022cc42cbe190
5dc737f70ad8bc7f9aa0e601985b1c5fba3120f71f3bb29387c12b1df54b5059
GET /web_widget/latest/classic/web-widget-chat-incoming-message-notification-4212808.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:29 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: PB4NA01Eofe+4sqF5b9xMuX3UYpAEQVYtSZ69Kkf+q9BBw63Q8tT9PgKt61CACXWrkJCfv07FfA=
x-amz-request-id: HVFAHJXK2C0ZEP6M
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:11:15 GMT
etag: W/"659635f5ad1b6653645380f46aa42236"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 02:11:14 GMT
x-amz-version-id: bJhOGa.aj0PTDJutXBxga_SKtnqJ7JJ3
cf-cache-status: HIT
age: 177767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ebCzG5Y1kdWWTbD%2B6DTXgaXJ1RAFOSoPiFKHpN%2F7v3SqdVokfw1RbOTU%2FmZn8Zv6DpZO76UWBgvI2VBhDZUb2QIg2dSX49O1wn4oF%2FaDeVv43UcJb%2F1a0oM4rOPELQviFZYxz8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 776bae557995b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/web-widget-framework-1093f9028f4cca987b45.js
104.18.70.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/web-widget-framework-1093f9028f4cca987b45.js
IP 104.18.70.113:0
GET /web_widget/latest/web-widget-framework-1093f9028f4cca987b45.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:27 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: kQxEq3PPgdlY1izeEv6n0+5L58b/ITSlUdeAgxFrQDahT14Bhsm7+xNrXVPTPIUhwHGl5xrsJd0=
x-amz-request-id: RCXM3W9R7Q7QX0Y1
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:08:34 GMT
etag: W/"846098504af683a844d3f70b804bf01b"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 02:08:32 GMT
x-amz-version-id: cgk7b96mG7gQJ0zeZheRUETOiRKsbvR5
cf-cache-status: HIT
age: 177766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5F1HEU9weXRXSCcj0hI4xU%2F9G8pOQyPvXtw%2BQo6s%2Bvc2f%2Bhowisici0hR6Ng6rua2SrIeNx5NuWHvqGxoX1TaXVtDWlD7YXfIkdj2SIAxHt1wq9Bvb3xqNkMgrjl2rdC9GPp9pY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 776bae452b8fb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
wazamba.com/funid-index.css?t=1670251586870
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/funid-index.css?t=1670251586870
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /funid-index.css?t=1670251586870 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:23 GMT
content-type: text/css
cf-ray: 776bae2fda971c16-OSL
access-control-allow-origin: *
age: 172
etag: W/"638efcab-24dd"
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=9437
cf-revalidated: Fri Dec 09 2022 06:25:31 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670567191082
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
IP 142.250.74.106:0
GET /css2?family=Jost:wght@800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 06:28:23 GMT
date: Fri, 09 Dec 2022 06:28:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
54.230.111.96200 OK 0 B URL HTTP/2 b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com/apg-seal.js
IP 54.230.111.96:0
GET /apg-seal.js HTTP/1.1
Host: b9acd1c1-b5a7-41d4-b9fd-784d8e2cba8b.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Fri, 09 Dec 2022 06:28:27 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c44-fbcoexp6amRR2shp6WUUlnbRgWU"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bae46ab726921-FRA
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ql_Vpq1phdHywdr0rAjmE3uZVnmqpy7h7TIpFcgxEO-zBcaDTiRRng==
X-Firefox-Spdy: h2
wazamba.com/index.css?t=1670251586870
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/index.css?t=1670251586870
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /index.css?t=1670251586870 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:23 GMT
content-type: text/css
cf-ray: 776bae2fda901c16-OSL
access-control-allow-origin: *
age: 172
etag: W/"638efcab-9ffdc"
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-revalidated: Fri Dec 09 2022 06:25:31 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670567191075
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext
IP 142.250.74.106:0
GET /css?family=Montserrat:400,500,600,700,800,900&subset=cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 06:28:23 GMT
date: Fri, 09 Dec 2022 06:28:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2021928/visit-data?sv=6
54.76.221.57200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2021928/visit-data?sv=6
IP 54.76.221.57:0
POST /api/v2/client/sites/2021928/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 130
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:27 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/swiper@7.4.1/swiper-bundle.min.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/swiper@7.4.1/swiper-bundle.min.js
IP 104.16.126.175:0
GET /swiper@7.4.1/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:23 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
via: 1.1 fly.io
fly-request-id: 01G4XGYFFRBMSG82JZ2H3KRTZA-fra
cf-cache-status: HIT
age: 16014028
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776bae3038770b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
151.101.2.133200 OK 0 B URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 151.101.2.133:0
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "E1AB323595515B7262B9C603D3FF5C6B36DD9C32"
Expires: Fri, 09 Dec 2022 17:00:00 UTC
Last-Modified: Fri, 09 Dec 2022 05:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Fri, 09 Dec 2022 06:28:23 GMT
Via: 1.1 varnish
Age: 1832
X-Served-By: cache-bma1655-BMA
X-Cache: HIT
X-Cache-Hits: 5
X-Timer: S1670567304.849511,VS0,VE0
wazamba.com/_sprite.css?t=1670251586870
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/_sprite.css?t=1670251586870
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /_sprite.css?t=1670251586870 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:23 GMT
content-type: text/css
cf-ray: 776bae2fda911c16-OSL
access-control-allow-origin: *
age: 172
etag: W/"638efcab-2a48d"
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-revalidated: Fri Dec 09 2022 06:25:31 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670567191087
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wazamba.com/christmas-promo/styles.css?t=1670251586870
45.8.107.169200 OK 0 B URL HTTP/2 wazamba.com/christmas-promo/styles.css?t=1670251586870
IP 45.8.107.169:0
ASN #209242 Cloudflare London, LLC
GET /christmas-promo/styles.css?t=1670251586870 HTTP/1.1
Host: wazamba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wazamba.com/no/seasons/christmas?btag=658915_5373B1B8C1AD45A5BB4578F3EB064666&clickid=we17mnai94dafu1l26pfrabe&MSID=1360468&BID=9131
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:23 GMT
content-type: text/css
cf-ray: 776bae2fda991c16-OSL
access-control-allow-origin: *
age: 172
etag: W/"638efcab-a384"
last-modified: Tue, 06 Dec 2022 08:26:19 GMT
set-cookie: _cf_reyid=2TicYOcLZiCJOWqUa7zBfnXW0eGoiSbymaCecZbYoT38zNgysYFv3cO1EPczjVRv
vary: null, Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=41860
cf-revalidated: Fri Dec 09 2022 06:25:31 GMT+0000 (Coordinated Universal Time)
cf-ttl: 1670567191085
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
104.18.72.113200 OK 0 B URL HTTP/2 ekr.zdassets.com/compose/36e871f2-12b4-4579-9bd9-c22c3e609e11
IP 104.18.72.113:0
GET /compose/36e871f2-12b4-4579-9bd9-c22c3e609e11 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wazamba.com
Connection: keep-alive
Referer: https://wazamba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:28:27 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
etag: W/"b34e45487cc8e0891a1072c5f63a0273"
x-request-id: 775affed3d990a24-YYZ, 775affed3d990a24-YYZ
x-runtime: 0.002071
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BA1aa6%2FWcTh3oIdAKhCMO6aYIFqAUzvpilameSMWCuS5r%2FBCZhC%2FHzVKjizu0gpVHFtbbsFi8yI%2B3Z16PyPAf9k48C0CBGMAqZbDM9hMuWjoUruCoP4xmwjxokXz30i01DQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 776bae42bbd3b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2