r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5501
Expires: Sat, 28 Jan 2023 08:11:32 GMT
Date: Sat, 28 Jan 2023 06:39:51 GMT
Connection: keep-alive
c.srvpcn.com/click?id=cfac5vg56phkia61dor0&e=c672111b-e3af-4049-94b6-4e9f41f9eae9&px=134&c=AP3C1GObPAUA5VgCAFVTFgASAAngsuYA
18.213.204.110303 See Other 0 B URL HTTP/1.1 c.srvpcn.com/click?id=cfac5vg56phkia61dor0&e=c672111b-e3af-4049-94b6-4e9f41f9eae9&px=134&c=AP3C1GObPAUA5VgCAFVTFgASAAngsuYA
IP 18.213.204.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?id=cfac5vg56phkia61dor0&e=c672111b-e3af-4049-94b6-4e9f41f9eae9&px=134&c=AP3C1GObPAUA5VgCAFVTFgASAAngsuYA HTTP/1.1
Host: c.srvpcn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Sat, 28 Jan 2023 06:39:51 GMT
Content-Length: 0
Connection: keep-alive
Location: http://p.rapolok.com/ad/ad?p=155861&w=538820&d=507b272f908168a0a570-1579017217538820
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4237
Expires: Sat, 28 Jan 2023 07:50:28 GMT
Date: Sat, 28 Jan 2023 06:39:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 06:35:29 GMT
content-type: application/json
age: 262
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3474
Expires: Sat, 28 Jan 2023 07:37:45 GMT
Date: Sat, 28 Jan 2023 06:39:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: llYl2FdPHuKOBoCy/9UwCZiAqIn05y3z5eFjhsO7D1bdj7yM+N7EmBQJJ7Vh0MqfdxAVqTGKt70=
x-amz-request-id: 4MFQHP45M525Z0XG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 06:20:52 GMT
age: 1139
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:39:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
p.rapolok.com/ad/ad?p=155861&w=538820&d=507b272f908168a0a570-1579017217538820
52.20.154.189303 See Other 0 B URL HTTP/1.1 p.rapolok.com/ad/ad?p=155861&w=538820&d=507b272f908168a0a570-1579017217538820
IP 52.20.154.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad/ad?p=155861&w=538820&d=507b272f908168a0a570-1579017217538820 HTTP/1.1
Host: p.rapolok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Sat, 28 Jan 2023 06:39:51 GMT
Location: https://adeumssp.com/smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click
Referrer-Policy: no-referrer
Server: nginx
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9ea781c3617d9d0c759fa56be842957c
6f9e776cf9000e6184d14ff3637e9bfd456a1c95
a2ac746721766906b4677239c4ed707e92b3319bf4a13ad32191f789cb4ac9fd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:39:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 02:30:51 GMT
Expires: Thu, 02 Feb 2023 02:30:50 GMT
Etag: "6f9e776cf9000e6184d14ff3637e9bfd456a1c95"
Cache-Control: max-age=416458,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907bbbc4cb30b49-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 05:49:03 GMT
age: 3048
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18174
Expires: Sat, 28 Jan 2023 11:42:46 GMT
Date: Sat, 28 Jan 2023 06:39:52 GMT
Connection: keep-alive
adeumssp.com/smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click
157.90.90.238302 Found 461 B URL HTTP/2 adeumssp.com/smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click
IP 157.90.90.238:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (459)
Hash e714622089dec997725339010702bcb3
f1e7e37d7f4b67ad548201f26c77b60273f329fd
81b0c0b7fc20f00481e117791b633d5c434bc25e09e9307aae0d08348cbbcfa0
GET /smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click HTTP/1.1
Host: adeumssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 28 Jan 2023 06:39:52 GMT
content-type: text/html; charset=utf-8
content-length: 461
location: https://curvyalpaca.cc/click?a=Csxn&e=gAAAAABj1MM4RRwX51aX7ZwudTLlTwpXSqHdKMRrMfLfvORSjTanHJndQp55YxJ2ImHxluyNcK6WpqJSiNT5ZzOkZUlIig7cNO2-zDHG8tShOBY5bewiCBvoTKmHMALrRkzJ-nb3Ya4WTZ1WX78mcRyGcjBAPr4bfc2_sXFOG5y_90_H-Jc9H5POnnprLQGonOw39nCGruuNDkRhIGLkJl_b2gbYCoUTdidwQ8KszF_DZP0ax5ReNG-p1v-Tfvs2jcsCN3lu7fMa_PWVvs4h-JSVGigkcE2QBzXn5ZFFxECo9kUGC_WpFtkokbef9zgXYNn_DGS0v-5bxD6B_UVU0dmmkLq_9vLZ0bq-jRUbPnWozAxPD1IW5lBJqyL8mdBW3TGkrfWo6xqb
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.210.191.84101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.191.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Rlyi1HmnBqRBZdDy7Me6pA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tWq85GoSbXhXrY8Vxtu1FkVvHUE=
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9b1353b5e85418f342a4f9914869fc90
b07640f8764a272f42b12e7d686384857399406f
7c64d52a02f93b2cf068f09d7c41afc028ccf704bed363776341966bb6510115
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:39:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 02:40:40 GMT
Expires: Sat, 04 Feb 2023 02:40:39 GMT
Etag: "b07640f8764a272f42b12e7d686384857399406f"
Cache-Control: max-age=589846,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907bbbf3df90b49-OSL
curvyalpaca.cc/sc?a=Csxn&c=en2ZrHELZsMJ5gwTyLv9Lh&e=gAAAAABj1MM4B8ITVs_FntU5bIzPACfkgT1IGroVQ6pz7RwjwCmNx2FuNl6B3PnDwXbX6v6ekJJ8xTZS9N1fxeVdw5Rn9UdzA6NGkuPDIjTz2_uZxsMWbDcximTHUne9jLYNB6e9jiomQdbG2h7vX123j7zg_tcbVARV9zhB_DefCCCJkUXpiS6W2lrM99FUNh7SGFlOBmNLncYFRb6lokZyIl5WAWzFpEIqcDNXC5Mijpr41s5Opj722n5RNzqHKV4nNyndCF1vVEb5xZdvZg2R7jBfuyPgkvBJh-HcoafyZKvLK7X0XlzDSlxshyofB4cYMutpJZnjoYDvCVXj3XveYprz3Ow_cK9fRl7ZxivLXHf5uvN6AuM0iJt30E1_Xz4-M_EX1QIL&f=0
157.90.88.166302 Found 70 B URL HTTP/2 curvyalpaca.cc/sc?a=Csxn&c=en2ZrHELZsMJ5gwTyLv9Lh&e=gAAAAABj1MM4B8ITVs_FntU5bIzPACfkgT1IGroVQ6pz7RwjwCmNx2FuNl6B3PnDwXbX6v6ekJJ8xTZS9N1fxeVdw5Rn9UdzA6NGkuPDIjTz2_uZxsMWbDcximTHUne9jLYNB6e9jiomQdbG2h7vX123j7zg_tcbVARV9zhB_DefCCCJkUXpiS6W2lrM99FUNh7SGFlOBmNLncYFRb6lokZyIl5WAWzFpEIqcDNXC5Mijpr41s5Opj722n5RNzqHKV4nNyndCF1vVEb5xZdvZg2R7jBfuyPgkvBJh-HcoafyZKvLK7X0XlzDSlxshyofB4cYMutpJZnjoYDvCVXj3XveYprz3Ow_cK9fRl7ZxivLXHf5uvN6AuM0iJt30E1_Xz4-M_EX1QIL&f=0
IP 157.90.88.166:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 23184bc1e0e940d32b6345a0308a9ea3
14daebd8a6d2574a2057ad89ba3c27f75535b375
e29d4468fb16a6f3e04a87b50ac5f8ec821f6d11c0434989fe70248cfdc7949c
GET /sc?a=Csxn&c=en2ZrHELZsMJ5gwTyLv9Lh&e=gAAAAABj1MM4B8ITVs_FntU5bIzPACfkgT1IGroVQ6pz7RwjwCmNx2FuNl6B3PnDwXbX6v6ekJJ8xTZS9N1fxeVdw5Rn9UdzA6NGkuPDIjTz2_uZxsMWbDcximTHUne9jLYNB6e9jiomQdbG2h7vX123j7zg_tcbVARV9zhB_DefCCCJkUXpiS6W2lrM99FUNh7SGFlOBmNLncYFRb6lokZyIl5WAWzFpEIqcDNXC5Mijpr41s5Opj722n5RNzqHKV4nNyndCF1vVEb5xZdvZg2R7jBfuyPgkvBJh-HcoafyZKvLK7X0XlzDSlxshyofB4cYMutpJZnjoYDvCVXj3XveYprz3Ow_cK9fRl7ZxivLXHf5uvN6AuM0iJt30E1_Xz4-M_EX1QIL&f=0 HTTP/1.1
Host: curvyalpaca.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curvyalpaca.cc/click?a=Csxn&e=gAAAAABj1MM4RRwX51aX7ZwudTLlTwpXSqHdKMRrMfLfvORSjTanHJndQp55YxJ2ImHxluyNcK6WpqJSiNT5ZzOkZUlIig7cNO2-zDHG8tShOBY5bewiCBvoTKmHMALrRkzJ-nb3Ya4WTZ1WX78mcRyGcjBAPr4bfc2_sXFOG5y_90_H-Jc9H5POnnprLQGonOw39nCGruuNDkRhIGLkJl_b2gbYCoUTdidwQ8KszF_DZP0ax5ReNG-p1v-Tfvs2jcsCN3lu7fMa_PWVvs4h-JSVGigkcE2QBzXn5ZFFxECo9kUGC_WpFtkokbef9zgXYNn_DGS0v-5bxD6B_UVU0dmmkLq_9vLZ0bq-jRUbPnWozAxPD1IW5lBJqyL8mdBW3TGkrfWo6xqb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.19.1
date: Sat, 28 Jan 2023 06:39:52 GMT
content-type: text/html; charset=utf-8
content-length: 70
location: https://xml.hueadsxml.com/click?i=XETvDCSsvtQ_0
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 49ed0c7f333361b7dad71e98bb59400c
f115b038fa238bfb07952e6e95761f23507ac02f
a36a1027b53a5a7124ed0c0b481250cbcbfb2684c8c63cb73918152a0718067b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:39:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 06:31:27 GMT
Expires: Thu, 02 Feb 2023 06:31:26 GMT
Etag: "f115b038fa238bfb07952e6e95761f23507ac02f"
Cache-Control: max-age=430892,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907bbc5790f0b49-OSL
xml.hueadsxml.com/click?i=XETvDCSsvtQ_0
198.134.116.16302 Found 0 B URL HTTP/1.1 xml.hueadsxml.com/click?i=XETvDCSsvtQ_0
IP 198.134.116.16:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=XETvDCSsvtQ_0 HTTP/1.1
Host: xml.hueadsxml.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://curvyalpaca.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 28 Jan 2023 06:39:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://feed.us.adrunnr.com/12/?id=916f175d-9ed6-11ed-9676-0318af70b77c
Pragma: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13899
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 06:39:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13899
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 06:39:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13899
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 06:39:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13899
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 06:39:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97118e74a8f60620950e42a11c11d71b
d144bbb82392a6103810ac9baa5346ddbefb5c16
2ce0c9696cf9842243186e86bae28c22896a9f51837f4961b6c7e3cfdfb24bd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3774
x-amzn-requestid: deae2f1e-baec-408c-92a7-4859d4afed47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EgFAgoAMFXRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b6-32a2ff1a369e7b5f41ecbabd;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UYb0x8jVdY5lPTL7paxqk8J2gDYs4Hn27fAtzxJ3CapnyWOHulqy4g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:09 GMT
age: 31844
etag: "d144bbb82392a6103810ac9baa5346ddbefb5c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b5b797e164d0f2c91200829d1ec90f8
15a55176d8e55b6816acabae5c7cc3e4528648c9
16eb29148856512f556b22b86a153e54032caaf98dbf141119f8c126e009591f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7395
x-amzn-requestid: 166e5623-fc91-4b12-80c8-f5e1a762b387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-ELH3eIAMF56w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b4-439b5d2b67b9347d4d634d9d;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L1BWTWAPsW5tfkJO0UBR4dKoW3_0Le7QhZLjBxtsY0fmf7cwEYWrMQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:07 GMT
age: 31846
etag: "15a55176d8e55b6816acabae5c7cc3e4528648c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 28420
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 31387
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:14:23 GMT
age: 30330
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01d78e0bafdf4cbe227afc503124bc55
e2d21a694342773ccbace4742c4b047e7ce92e1c
3e9027f35134d811a50144a9b70c6de2dc97cbade941a5364717b403bcaf3eb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4641
x-amzn-requestid: b2e2ba60-21e7-4304-a354-2b49b8162cf2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T5FJGoAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-4b292f801433239340edab33;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: irkZKPRcil7YVMxVJXNkIn18zBSt2JWyxo9ZFMfz6aZer4_lnqG8oA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
etag: "e2d21a694342773ccbace4742c4b047e7ce92e1c"
content-type: image/jpeg
age: 31395
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash bfe56b2b49c14e0607619ef3daa985c2
eb12ec1f0374a8b42367d98cc0c04a56bea162ae
7fd6b4a851d974e2a89a5b6eaa69d6208d199d2c677aec6f8075cac54aea618a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112112
Date: Sat, 28 Jan 2023 06:39:53 GMT
Etag: "63d3c9aa-1d7"
Expires: Sun, 29 Jan 2023 13:48:25 GMT
Last-Modified: Fri, 27 Jan 2023 12:55:06 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qyIidIgqQ4EZekjFvHHnRz6HTa7DK6ysJDImE_5Jv7_tTimwvmgXaA==
Age: 3199
feed.us.adrunnr.com/12/?id=916f175d-9ed6-11ed-9676-0318af70b77c
52.44.160.100307 Temporary Redirect 0 B URL HTTP/2 feed.us.adrunnr.com/12/?id=916f175d-9ed6-11ed-9676-0318af70b77c
IP 52.44.160.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /12/?id=916f175d-9ed6-11ed-9676-0318af70b77c HTTP/1.1
Host: feed.us.adrunnr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://curvyalpaca.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Sat, 28 Jan 2023 06:39:53 GMT
content-length: 0
location: https://trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=cc890e53&cost=0.0007&browser=Firefox&carrier=&cid=916f175a-9ed6-11ed-9676-9f3ec6ce0bb6
set-cookie: __sess=92ae4d8d-9ed6-11ed-9676-0318af70b77c; Expires=Thu, 01 Jan 2099 00:00:00 GMT; Domain=adrunnr.com; Secure; SameSite=None
X-Firefox-Spdy: h2
trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=cc890e53&cost=0.0007&browser=Firefox&carrier=&cid=916f175a-9ed6-11ed-9676-9f3ec6ce0bb6
18.158.88.249302 Found 0 B URL HTTP/2 trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=cc890e53&cost=0.0007&browser=Firefox&carrier=&cid=916f175a-9ed6-11ed-9676-9f3ec6ce0bb6
IP 18.158.88.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=cc890e53&cost=0.0007&browser=Firefox&carrier=&cid=916f175a-9ed6-11ed-9676-9f3ec6ce0bb6 HTTP/1.1
Host: trk.suprclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://curvyalpaca.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 28 Jan 2023 06:39:54 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=wj54tergf3qf1e7mil3jin68
pragma: no-cache
set-cookie: bc98edd7-1543-43f7-b2f0-6108fbb348b2-v4=i81stocRCnwuDtiNpl3zvfsrCUsgdLuhumtKYwlyd-c; Max-Age=86400; Expires=Sun, 29-Jan-2023 06:39:54 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=p0MUroi5z1y88lV5dfFUgETYI5KY9LmRoYR1knCdPjB6QUc2uJBwv9xZkH%2FLoNumY6NWmIYY5SCkYcY6qzbQijkQQoXn8WqjO%2B6tOFVmnmrAnHOkarauWIOHF4oRZ6Lw3ikBZSOr2oQgLbPxYpztaA%3D%3D; Max-Age=31536000; Expires=Sun, 28-Jan-2024 06:39:54 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9c695eba488867dad50fc9153d6e70be
903e75aa4eeca39de86ef3b17ef4864befeb7784
282ed5a4255b5546a129eb7094c85eba0860015338c6502b7d6fa7430f4d3355
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:54 GMT
Etag: "63d0988d-116"
Server: ECS (amb/6B87)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 06cda138121594f229179f1e8c1c3fd1
dfd5f5bafa682355d6317b950eb3a3eb515d269b
934e51c1f745d0b4c6c62b70207b1949e5903cfdef05f221a0f0de9fda5cddf6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:54 GMT
Etag: "63d0ff4d-117"
Server: ECS (amb/6B87)
Content-Length: 280
insider.rizk.com/gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png
104.18.20.91200 OK 1.1 kB URL HTTP/2 insider.rizk.com/gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e97b23e842d4df6dfdd7fb049a87a26f
083cda549ea555b23a7b7aee461c0bc6a13070c0
d96df1d19452dbc92d39e276455f2f226b70daa7ca9ab52796be1247d677a689
GET /gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 1100
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5909
content-disposition: inline; filename="Rizk_avatar.webp"
etag: "5a37c146-1715"
expires: Mon, 13 Mar 2023 20:31:14 GMT
last-modified: Mon, 18 Dec 2017 13:23:18 GMT
vary: Accept
cf-cache-status: HIT
age: 812986
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2ebeeb51b-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 8.1 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (24742)
Hash 59d0843ea535a679e836bfdc4fd847c9
8c8938ff086a2b05eb9e431cb8ff7150f50c7b48
6f5b514345f75508ac2e5827b6e50c804a3d5ec2aa44975ec6a2bdfcb438fd17
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: application/javascript
content-length: 8053
content-encoding: gzip
content-md5: WdCEPqU1pnnoNr/cT9hHyQ==
last-modified: Wed, 25 Jan 2023 15:15:48 GMT
etag: 0x8DAFEE709BC346E
x-ms-request-id: 85e8490b-e01e-017a-6c1a-31f4fe000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 43291
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7907bbd2ea940b4d-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
104.18.20.91200 OK 3.2 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d40515720b33d1eb7e5bae188a21575
d1503716353b57bb6d1e1ed256021b76e120b439
a33e4475fd94d712ffe38ffc48833281324421808415b90f004ae138a85745b4
GET /no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 3190
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=10475
content-disposition: inline; filename="insider_power_bar.webp"
etag: "568c79c7-28eb"
expires: Mon, 27 Feb 2023 05:37:30 GMT
last-modified: Wed, 06 Jan 2016 02:19:51 GMT
vary: Accept
cf-cache-status: HIT
age: 2292946
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd30c08b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg
104.18.20.91200 OK 94 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b99510dc64dceb3317011b5a1dd14066
da97fa0b25758d0d5f35d762bb6e74665e4f4d50
0625ba3c4b37dbd008551eb7e6652a350735305fcf02f24ac2b57ec717f7a403
GET /no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 93626
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=122140
content-disposition: inline; filename="10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.webp"
etag: "5b962484-1dd1c"
expires: Mon, 13 Mar 2023 13:06:43 GMT
last-modified: Mon, 10 Sep 2018 08:00:04 GMT
vary: Accept
cf-cache-status: HIT
age: 1338644
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2ebf0b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg
104.18.20.91200 OK 76 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e84e09b2755a7cb78cb96550af24897d
b684e3e4c1fce86f6e4a7f72780343d165cb4760
6ae096074523a6cb45488636c636733c10e35c0e0a27eca9b9d76155068e840b
GET /no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 76412
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=164109
content-disposition: inline; filename="rizk-casino-mobile.webp"
etag: "568c79fd-2810d"
expires: Sat, 14 Jan 2023 20:04:05 GMT
last-modified: Wed, 06 Jan 2016 02:20:45 GMT
vary: Accept
cf-cache-status: HIT
age: 3502995
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd30c0ab51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
104.18.20.91200 OK 174 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 174 kB (174360 bytes)
Hash 723b5a7e7cec506c95f571606f1b6de2
3444eeb2f4b3fea6d959b6a3eea42ee8e783862f
ecbfd5956d791f388ac85fe3411f9cb3ef982bbb3d4b1ad305928b194fc55ece
GET /no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 174360
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=384172
content-disposition: inline; filename="rizk_progressive_jackpot_no.webp"
etag: "579ef777-5dcac"
expires: Sat, 31 Dec 2022 16:27:47 GMT
last-modified: Mon, 01 Aug 2016 07:17:11 GMT
vary: Accept
cf-cache-status: HIT
age: 3755565
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2ebf9b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg
104.18.20.91200 OK 242 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 242 kB (241870 bytes)
Hash 4fb86378cf3ab83690aff25e4bcd84d8
09118e6252fe712f6841888008e11f9533544cf2
b7650624b1e7314d79f112351a8180776b6b2375443901135f01e92f9a60383b
GET /no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 241870
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=412787
content-disposition: inline; filename="rizk_zero2hero.webp"
etag: "57ad98e4-64c73"
expires: Mon, 13 Mar 2023 13:06:44 GMT
last-modified: Fri, 12 Aug 2016 09:37:40 GMT
vary: Accept
cf-cache-status: HIT
age: 1084332
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2ebf8b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
104.18.20.91200 OK 163 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 163 kB (163416 bytes)
Hash fd99cab71c6ba9ffe54779befae48d7c
1c84255a3770befc78081b4ed050a29061517bb8
c950567cfa088b0934dc2462b23334ba5be74a3c75a388b7d03c6262c831a6b7
GET /no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 163416
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=411655
content-disposition: inline; filename="rizk_captains_cashback_insider.webp"
etag: "578ddbe4-64807"
expires: Sun, 15 Jan 2023 17:19:41 GMT
last-modified: Tue, 19 Jul 2016 07:51:00 GMT
vary: Accept
cf-cache-status: HIT
age: 4017708
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd30c06b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg
104.18.20.91200 OK 279 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 279 kB (278858 bytes)
Hash e9e7535c065a438e4407b2d809511c54
c2c73ee585d77fa4e7e98072073c82e6a3a8199e
f5d32d6e179b67997a72382818a95893217a5d8414679cac7e57f5976c568691
GET /no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 278858
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=322951
content-disposition: inline; filename="Insider-and-Email-1080x450.webp"
etag: "59524281-4ed87"
expires: Mon, 30 Jan 2023 10:33:34 GMT
last-modified: Tue, 27 Jun 2017 11:33:21 GMT
vary: Accept
cf-cache-status: HIT
age: 4017709
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2ebf6b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
104.18.20.91200 OK 104 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 104 kB (104549 bytes)
Hash 034cc3ec5138ace96420bf5f92da763a
9a6a6cd46ed8c2855eced3a29bac948a96197d8c
4326a495eaf2973adf16b37976efe685ba6818c07f0e041b12a9ed2f81a7a687
GET /no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 104549
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=110109, status=webp_bigger
etag: "62b46fa1-1ae1d"
expires: Mon, 13 Feb 2023 21:05:53 GMT
last-modified: Thu, 23 Jun 2022 13:50:25 GMT
cf-cache-status: HIT
age: 3342737
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd30c0bb51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
104.18.20.91200 OK 125 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 125 kB (125078 bytes)
Hash 72f2e83e609637b33061f935cea88b62
bc74db10f461af183eeae38ff48ebfb4ea4a0f87
09cad8ab2b9365e3412d2877a35b31167b68bf8a2f28ab33fd3218661cd581a6
GET /no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 125078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128279, status=webp_bigger
etag: "5f855e98-1f517"
expires: Mon, 27 Feb 2023 05:37:28 GMT
last-modified: Tue, 13 Oct 2020 08:00:24 GMT
cf-cache-status: HIT
age: 2379140
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2ebedb51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg
104.18.20.91200 OK 130 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 130 kB (130425 bytes)
Hash 794572b9bff04e9c10cd69d8edbd3355
c9dbef9c4e0eabb549c756b63f711c866ba08995
230a06f7ebfa76f4c7b52f4ec0e3e42dacf8ae62362b632f4d88c4715f22f8cc
GET /no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 130425
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=138146, status=webp_bigger
etag: "5ce50804-21ba2"
expires: Sat, 18 Feb 2023 20:35:22 GMT
last-modified: Wed, 22 May 2019 08:27:48 GMT
cf-cache-status: HIT
age: 2379099
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2ebefb51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/01/ZG-3665-CASINO-Spin-Mania-Level-up-Get-FS-Promo-CA-1-1030x580.jpg
104.18.20.91200 OK 88 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/01/ZG-3665-CASINO-Spin-Mania-Level-up-Get-FS-Promo-CA-1-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Hash 7ad5073d85b44689d4dcee7727ea1068
220eb3a3343a292350c9bbb38b400a935e789e01
c225333d3bc84993b30bc4904d292d68480055851b826222ae69cbbf14fb6dec
GET /no/wp-content/uploads/sites/5/2022/01/ZG-3665-CASINO-Spin-Mania-Level-up-Get-FS-Promo-CA-1-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 88280
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=90386, status=webp_bigger
etag: "61db0b02-16112"
expires: Tue, 28 Mar 2023 14:59:23 GMT
last-modified: Sun, 09 Jan 2022 16:19:14 GMT
cf-cache-status: HIT
age: 56432
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd30c10b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
104.18.20.91200 OK 117 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 117 kB (116891 bytes)
Hash 57d4e12acdf47787731bc06c9fd6112e
1cc607aba15378b7709324e209159b2057ae2066
530c063437bc59d01e044f2cbbd0ccf9e3ae47598818e1be7b8affa1cfa03577
GET /no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 116891
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=118194, status=webp_bigger
etag: "6318b35c-1cdb2"
expires: Mon, 20 Feb 2023 20:17:59 GMT
last-modified: Wed, 07 Sep 2022 15:06:04 GMT
cf-cache-status: HIT
age: 812985
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd32c20b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg
104.18.20.91200 OK 123 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 123 kB (123132 bytes)
Hash 341d6a23c5e812aeaf495248004ab7fc
4168e2e4296aa381667ff9c7dd811a63cb67cb6a
b381902f5d9b1b4fe648915947a9ac9432b06457926a35d27a1a1d733483621b
GET /no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 123132
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128662, status=webp_bigger
etag: "63120677-1f696"
expires: Sun, 01 Jan 2023 22:48:55 GMT
last-modified: Fri, 02 Sep 2022 13:34:47 GMT
cf-cache-status: HIT
age: 2393262
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd32c22b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
104.18.20.91200 OK 224 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 224 kB (223961 bytes)
Hash 06de96686a021bd5896038a67d8aa373
b6b2e5765cf5696bcd397e1b30fdc195011a40ba
684097549048af5e181aa8d430f60828a9dfb9067444dfa038a5555f1a1e991f
GET /no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 223961
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=233162, status=webp_bigger
etag: "5aeaee7e-38eca"
expires: Mon, 27 Feb 2023 05:37:28 GMT
last-modified: Thu, 03 May 2018 11:11:58 GMT
cf-cache-status: HIT
age: 943985
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2ebf3b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
104.18.20.91200 OK 200 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 200 kB (199509 bytes)
Hash b57e8271b267921cf7faa4db4d13c313
2f72cbdc71ad2376390a369a7459c2af19cdd3ab
1a2a86f45d3128fcc9b11912f20bf92ce49b2c502dfa996e2133120360678090
GET /no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 199509
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=209043, status=webp_bigger
etag: "5742ff10-33093"
expires: Mon, 13 Mar 2023 04:37:11 GMT
last-modified: Mon, 23 May 2016 13:01:04 GMT
cf-cache-status: HIT
age: 943982
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd30c05b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg
104.18.20.91200 OK 211 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1031x580, components 3\012- data
Size 211 kB (210675 bytes)
Hash 0275594aa0da61a963b34c14cba7cda2
90ba5e1fc41183812108f7cdee35057e7d8d73ff
9a3c6eaedf96f97bf55bec6950624f26e9e07d49158f24f3e221a400f60ac8db
GET /no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 210675
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=219775, status=webp_bigger
etag: "5ee086d3-35a7f"
expires: Mon, 13 Mar 2023 13:06:43 GMT
last-modified: Wed, 10 Jun 2020 07:08:03 GMT
cf-cache-status: HIT
age: 783137
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2ebf2b51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg
104.18.20.91200 OK 236 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 236 kB (236534 bytes)
Hash fe1f908a1ea3ad74d7580a4bb10732cc
e563c2ad2593b1fd0ab914c6c06686efc9bd4a72
16e4a3f6178cbac41c7010999daf2c62184fa06a7c02605cdaa75ea6cbfd74f0
GET /no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 236534
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=247916, status=webp_bigger
etag: "59e9e8f9-3c86c"
expires: Mon, 27 Feb 2023 05:37:29 GMT
last-modified: Fri, 20 Oct 2017 12:15:53 GMT
cf-cache-status: HIT
age: 2379140
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2ebf7b51b-OSL
X-Firefox-Spdy: h2
record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=wj54tergf3qf1e7mil3jin68
104.18.189.136301 Moved Permanently 178 kB URL HTTP/2 record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=wj54tergf3qf1e7mil3jin68
IP 104.18.189.136:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 178 kB (178130 bytes)
Hash ea632bbffee05d4ab2c11c1bd0cf156c
1b9b16716f21ed62d448bb5fabdcfe6870510654
8df9b085cc67bb8a10e9de2a1c2cc2dcee36f2c6539a4b2a0b401de9160c7f04
GET /_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=wj54tergf3qf1e7mil3jin68 HTTP/1.1
Host: record.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://curvyalpaca.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 28 Jan 2023 06:39:54 GMT
content-type: text/html; charset=utf-8
location: https://rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
cache-control: private, no-cache, must-revalidate, Cache-Control: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
set-cookie: VID1=KiwzPFguIzxZLjMoVSxgYGAKYAo%3D; expires=Sun, 28-Jan-2024 06:39:54 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; expires=Sun, 28-Jan-2024 06:39:54 GMT; Max-Age=31536000; path=/; domain=.rizk.com; secure; HttpOnly; SameSite=None
PartnerId=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; expires=Mon, 27-Feb-2023 06:39:54 GMT; Max-Age=2592000; path=/; SameSite=Lax
marketingproduct=Casino; expires=Mon, 27-Feb-2023 06:39:54 GMT; Max-Age=2592000; path=/; domain=.rizk.com; SameSite=Lax
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907bbcd5938b4eb-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg
104.18.20.91200 OK 202 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 202 kB (201797 bytes)
Hash 6b236304b4d875c745e572e9fbda254e
c584e908e55b7caa2135ebf25022804e7d1ef0db
e9dbf688fabc7b3452affa6d60690e2ac75536299300fbf5cdd5944e55bf16cb
GET /no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 201797
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=211099, status=webp_bigger
etag: "63c80b0e-3389b"
expires: Fri, 24 Mar 2023 09:03:35 GMT
last-modified: Wed, 18 Jan 2023 15:06:54 GMT
cf-cache-status: HIT
age: 423380
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd30c0eb51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/RZ-CashDrop-Kalamba-Games-Promo-NO-1030x580.jpg
104.18.20.91200 OK 178 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/RZ-CashDrop-Kalamba-Games-Promo-NO-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 178 kB (178222 bytes)
Hash 6ae6be5cd2c1f0fb8080255588009745
aaf233663bd7100a662a519e96e451d426c9df24
1919fbf2d86d19b60bbf054dbfdaa281152643f6c1531ed3e582322a2aa8284a
GET /no/wp-content/uploads/sites/5/2023/01/RZ-CashDrop-Kalamba-Games-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 178222
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=185818, status=webp_bigger
etag: "63c95719-2d5da"
expires: Sat, 25 Mar 2023 15:27:39 GMT
last-modified: Thu, 19 Jan 2023 14:43:37 GMT
cf-cache-status: HIT
age: 313936
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd30c0fb51b-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-no-tm.svg
104.18.20.91200 OK 151 kB URL HTTP/2 rizk.com/assets/img/rizk-logo-no-tm.svg
IP 104.18.20.91:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1498)
Size 151 kB (150630 bytes)
Hash de34566d25497941e895c935ec9a5e7d
b94306c1a2d20f47fc8f94dcc19067a15d62028c
e037d49623c7be72b5ca23480c9b104224de107fda4f10f32f7854f087e1a9f1
GET /assets/img/rizk-logo-no-tm.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 10:59:52 GMT
etag: W/"63761428-5db"
expires: Tue, 17 Jan 2023 07:13:47 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 4782218
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2bbd5b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
104.18.20.91200 OK 105 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 105 kB (104910 bytes)
Hash 68ef88c9f828a10d55a04133fe5658f3
1aac5886a146873fb39bacf53f76fd55c448bcae
8493ade7db211441aa7cee1689b27b1e5c084ec1a22898ce0443229d186d60e3
GET /no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 104910
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=109099, status=webp_bigger
etag: "56a8a1f4-1aa2b"
expires: Mon, 13 Feb 2023 21:05:54 GMT
last-modified: Wed, 27 Jan 2016 10:54:44 GMT
cf-cache-status: HIT
age: 943982
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd40cadb51b-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
104.18.20.91200 OK 99 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Hash fc9c3d854084e790e9ceba940b916906
bbe5ab038437a76672dc65c87fcfd4d4a8f1033d
fe129e245e6ef9f8258b84ce83141faa532e5a2e81ed96065aaf7dbdfeee2db9
GET /no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/jpeg
content-length: 99225
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=103824, status=webp_bigger
etag: "56795660-19590"
expires: Mon, 02 Jan 2023 08:52:09 GMT
last-modified: Tue, 22 Dec 2015 13:55:44 GMT
cf-cache-status: HIT
age: 4771777
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd41cbbb51b-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/jewel_reward.svg
104.18.20.91200 OK 196 kB URL HTTP/2 rizk.com/assets/img/jewel_reward.svg
IP 104.18.20.91:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1914)
Size 196 kB (195747 bytes)
Hash e34620b5784e258b85184c64cbcf2b32
6cd2cbbc9c9d8d25702edbf8cf38fe8734c4ff6a
198e179ad4132539c11c6df6fa9c08e1f4a62adf26310b0ca20b3fbef49501c9
GET /assets/img/jewel_reward.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 10:59:52 GMT
etag: W/"63761428-cdb"
expires: Tue, 17 Jan 2023 07:13:49 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 4779939
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2bbd6b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32025)
Hash 38a76bd9db7bcd61655d35a37046ad1d
b8aef4bba84d71000810736dd76f643a872ee15c
d4e1d1ccb31338384004beeef249ac102cbd298136b26dfe158ecb7bf4f62937
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 26646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1499c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 733210
expires: Thu, 18 Jan 2024 06:39:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGr2QfNNW0cpL7wGPamBazYuNSl7JMmP05NS%2FiqJPILIyk5o5HKwuEiXGQrG0G4oXgzA%2FSeMxoJ9qwFQvHW9pVY%2FZN%2B8TEBGfJN2GOvJsiqL4%2ByuX7LX%2FV%2FuV0qAue6DoZOSV1BQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7907bbd4690fb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.typekit.net/jdw0csx.js
23.36.76.122200 OK 7.2 kB URL HTTP/2 use.typekit.net/jdw0csx.js
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (6501)
Hash 28429e05f83935c1fb93424ad783e8bb
36b7dd84e6948af59b101520baf8bf2838f6eb3c
6751313549b4090109dfebcaaf8c6512e50fb67c49bafb7542e7e5ebd752e75b
GET /jdw0csx.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 7248
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json
104.16.148.64200 OK 3.2 kB URL HTTP/2 cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (11675), with no line terminators
Hash 3b79a686818167922dfc6b001661b55a
94ea66c1b67195bb514427755595d985ad7319e8
985adf2ba0d8757e25ee00eb414c5809e7a3b8e1a802524f0ec182f245712c8c
GET /consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: application/x-javascript
content-length: 3159
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: O3mmhoGBZ5It/GsAFmG1Wg==
last-modified: Thu, 11 Aug 2022 10:39:48 GMT
etag: 0x8DA7B85D034938C
x-ms-request-id: 0a85c945-401e-0138-387c-addfea000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 28799
expires: Sun, 29 Jan 2023 06:39:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7907bbd47af80b39-OSL
X-Firefox-Spdy: h2
unpkg.com/yett@0.2.3/dist/yett.min.modern.js
104.16.126.175200 OK 18 kB URL HTTP/2 unpkg.com/yett@0.2.3/dist/yett.min.modern.js
IP 104.16.126.175:0
File type ASCII text, with very long lines (4157)
Hash 648203f562cea556845d3da66a849659
c94e4a62a6dec0006577c18a84e2b7a6ac6bf5cb
311af397d53291e4f045342831e154d776d62a12b72058e6d5e69b1af36893a1
GET /yett@0.2.3/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"106a-F1kN/vqWtSduU82KJoxqMaLlX70"
via: 1.1 fly.io
fly-request-id: 01G53T04M04VGHTCMPW9JKYWMZ-fra
cf-cache-status: HIT
age: 20123910
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7907bbd34cb00b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.122200 OK 28 kB URL HTTP/2 use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27716, version 1.0\012- data
Hash aae09c973c0e8c1a2ece8d4922e4c72b
d35720d96434aeb1ce0be89a1e817bdd94774a09
07919fde0a59ac04f7fafd0e4a2c510822688affe0e011c996aff25025c7bc7f
GET /af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27716
etag: "8c57889473eaf8566c3bde8fd1b284dadb35fe4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.122200 OK 24 kB URL HTTP/2 use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23908, version 1.0\012- data
Hash 081509e2766b8e53d3e9629517a5094c
81b9e67814e563e491f3b7ca83129910191d7429
e5212f6b941b7ec75f72829b00476a94f76ad97bd3cbd41000fafff883d93922
GET /af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23908
etag: "f071080bfe4e46008015da21150516f906ef2d5b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.122200 OK 28 kB URL HTTP/2 use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 28236, version 1.0\012- data
Hash 4b65d6cda48fa321ba802818f81ba7e5
fe1c677b815b4cb9eeb861916acc1c7155aa5760
5ba8e72d5af3c0cc39c4e804d2ed9478399ff2af3697707c30bd929613c2c2b5
GET /af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 28236
etag: "0e16f9f570445a3af398ac3254132299060fa940"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.122200 OK 27 kB URL HTTP/2 use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 26936, version 1.0\012- data
Hash f12d00a94108d5711ea7d06f09e5c68d
ea0d3da174d13daa20a5a874dd9e2f505a407f9e
cc2543e733021a267b439eb74704905ef328ce55a7ca95aed93e7193b930fe01
GET /af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26936
etag: "fe7fdcb6d53c12b4d0552a6bc637b554f3517dd0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: 8gqwq4IzJl07NBWNV5EMWA==, dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.122200 OK 120 kB URL HTTP/2 use.typekit.net/af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 119904, version 1.0\012- data
Size 120 kB (119904 bytes)
Hash 28a88f4e70f45eb49c96d18da7f44869
3c707b6df2c0d8fdb324bb1883e1890a38644622
a998f1a4c9e921275caf71058390cf6cc33268c25c12ce3d9ccab137bb67f591
GET /af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 119904
etag: "9cf7b880c940e69005d99d254f5c957320db9920"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: MvskAWoTx95/w9xlk4ja1w==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
unpkg.com/yett/dist/yett.min.modern.js
104.16.126.175302 Found 141 kB URL HTTP/2 unpkg.com/yett/dist/yett.min.modern.js
IP 104.16.126.175:0
Size 141 kB (140917 bytes)
Hash a470eb116c59264b1e296140be10ff3f
7b46a131f052cf94079c42856530e0c668b8d290
e0ac250d93956f5a6d2d20382a175bbe41367feda20021c85dd908e874bbee79
GET /yett/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /yett@0.2.3/dist/yett.min.modern.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GQVH70CDE9FA471EH4T4W5N0-fra
cf-cache-status: HIT
age: 467
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7907bbd2bc860b69-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
23.36.76.122200 OK 24 kB URL HTTP/2 use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23872, version 1.0\012- data
Hash a27b9659dc0abd423cf8ef68b3b5f090
c6e53b9fa38a64f79de589330ada752e508e1d79
8856e4523739253fa932474ea1297a4bde5154aba949eb0bf526e33a416f80ef
GET /af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23872
etag: "3e9f0bc1bba61dac43bde99f04314859477ffd8d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
www.clickcease.com/monitor/stat.js
54.230.111.123200 OK 176 kB URL HTTP/2 www.clickcease.com/monitor/stat.js
IP 54.230.111.123:0
Size 176 kB (176051 bytes)
Hash bac994ade4b5c150049671c647231cfd
7aec9df67db56b9390cce975043aef78adeefab9
d915c234f2133bf7a5a480cab1534550c31f2f3094355de2602ba162c3163981
GET /monitor/stat.js HTTP/1.1
Host: www.clickcease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
server: AmazonS3
content-encoding: gzip
date: Sat, 28 Jan 2023 06:39:55 GMT
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gmzdSpEFGYmwelisMLRQLnHohHzAcLvCSAHxYsucVrbhtIzvm8UuIA==
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: microphone 'none'; camera 'none';
X-Firefox-Spdy: h2
use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.122200 OK 141 kB URL HTTP/2 use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 141220, version 1.0\012- data
Size 141 kB (141220 bytes)
Hash 9f122ab64b701b87597137ad1fa662b4
c4fee49ffd9edf8123742b60f0aa0a905f2e96b9
e1506e1413472be6886a35777303ede29d4a113f2dbc71af9806395e47de87e7
GET /af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 141220
etag: "9c467641a743d4e8fda4fd28f2eebdc227275260"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3
23.36.76.122200 OK 27 kB URL HTTP/2 use.typekit.net/af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27036, version 1.0\012- data
Hash 4b420ce7adfa2d14176827c218589866
c1207ab86cedc1b975be5c32b9d4f795facf1c86
02e354581457b68fd0f38d82f91fc66da60f461348815a478ee777b8e59317f6
GET /af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27036
etag: "aeb323a44d7429e94b480beeda936a742b20393f"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.122200 OK 25 kB URL HTTP/2 use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24944, version 1.0\012- data
Hash 4db1a622a8ec326f0b65e39dd2147c3c
6f554080b360e101d1c4c0872559a5770620eb99
125ac250cf3b6bf24697c353ee5db63ffd8eecef03ddf43ed1ade4450ae5d11e
GET /af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24944
etag: "b1fff3be18990092dac37cd165ff020dcdec4dcd"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
23.36.76.122200 OK 24 kB URL HTTP/2 use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24416, version 1.0\012- data
Hash 942518d5490873c5b04873d49668920d
567714dda462382b7f8744a2ef5fed11e095ff8d
1e7e73097a1cb1eb21133807422bbecd3f09a91d8f3fc4e6dbe9a654496b64ea
GET /af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24416
etag: "362038376e4edfd49eadab55e78eb8c8fad75576"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/flag-is.png
104.18.20.91200 OK 142 B URL HTTP/2 rizk.com/assets/img/flags/flag-is.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6d73273e182c35e4f0afd10e5409b46e
0d5a7ec0c80536576e3cfb14092dc96804771aef
d972ebf138951eb06a75652b04a37d1e00e588a620b215af0073ee258b360f8b
GET /assets/img/flags/flag-is.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674887995
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 142
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=776
content-disposition: inline; filename="flag-is.webp"
etag: "63b6a805-308"
expires: Tue, 07 Mar 2023 21:06:33 GMT
last-modified: Thu, 05 Jan 2023 10:35:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1521010
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd66e3eb51b-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.122200 OK 16 kB URL HTTP/2 use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16028, version 1.0\012- data
Hash 0dd4d271ed7ee5c0273e79583ddf8d3e
796801d9390b8253bc98890f8ed5430f58967874
dda79dbffad3c2454d4b8f1560f357ecd9879ec9400a8d732cd6943b28572d66
GET /af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16028
etag: "09f0318a3a474a88e125155447b116ce923c5e58"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/locale-flags-small.png
104.18.20.91200 OK 6.9 kB URL HTTP/2 rizk.com/assets/img/flags/locale-flags-small.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cbf69efd1161ae68af7c62a9ed5aedda
e52470c459f19223c367a6b8f0139b6869babb97
027c3e30e700f7cadb699b50f16e55638f0c5b8e80a6bcd47b4f44924d808868
GET /assets/img/flags/locale-flags-small.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674887995
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 6942
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=16785
content-disposition: inline; filename="locale-flags-small.webp"
etag: "6388832c-4191"
expires: Tue, 31 Jan 2023 05:59:27 GMT
last-modified: Thu, 01 Dec 2022 10:34:20 GMT
vary: Accept
cf-cache-status: HIT
age: 4457075
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd66e3db51b-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
23.36.76.122200 OK 27 kB URL HTTP/2 use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27328, version 1.0\012- data
Hash fe70ae94ddc6f65b13db6a45e89352ae
8d413902aaba44dd5ce275bd78ad959e8de5ece1
007a6041b879f4840186d37bf62cb24354dc0257b1ce663d315c8778e9746fc4
GET /af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27328
etag: "1f5ee00caffae153bc4e97ee7fc744982328dae1"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
rizk.com/assets/images/04532da6-menu-icons-s.png
104.18.20.91200 OK 6.1 kB URL HTTP/2 rizk.com/assets/images/04532da6-menu-icons-s.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 42207df0d63f162c0e4628718aa606e1
f692963891ed031073bdcb796b9a7d8e67e454ea
d3ecbd89b841f3c0873ea22ffb3fc87b270ac5176cb2abc734874cf6441adba4
GET /assets/images/04532da6-menu-icons-s.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674887995
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 6130
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=11277
content-disposition: inline; filename="04532da6-menu-icons-s.webp"
etag: "637614c1-2c0d"
expires: Sat, 21 Jan 2023 21:30:52 GMT
last-modified: Thu, 17 Nov 2022 11:02:25 GMT
vary: Accept
cf-cache-status: HIT
age: 4093312
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd66e3cb51b-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.122200 OK 28 kB URL HTTP/2 use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27684, version 1.0\012- data
Hash 962b0ccdf6555a8b81741bb83f696949
deed4a3bd9835c6fa5fdf47f511874a5f4116b9d
9cfaeffef650a761e27f14dec12810366a0bd679027c13015f95dccf9611e463
GET /af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27684
etag: "e2094b44e42b94d755331c3ee7b8c732b4c5882e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/ecogra.png
104.18.20.91200 OK 28 kB URL HTTP/2 rizk.com/assets/img/footer/ecogra.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 30ffda9881d8c1c2ccb46ff7b2ea50af
e19a29ba3abddb9beff5b09ef264ca81e9b41290
a972cf53714ef5e43e6bda7b67348f3680f9d3810841ac63a061a91ae2430b8d
GET /assets/img/footer/ecogra.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674887995
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 27890
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=80752
content-disposition: inline; filename="ecogra.webp"
etag: "63bfd1ff-13b70"
expires: Mon, 13 Mar 2023 17:26:51 GMT
last-modified: Thu, 12 Jan 2023 09:25:19 GMT
vary: Accept
cf-cache-status: HIT
age: 1343167
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd66e43b51b-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos-colors8.png
104.18.20.91200 OK 59 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos-colors8.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fe6a3d9473736b893ae03740c16c3028
a5e1f8814aa259b908c7fb8cb78b8fe95f5f5b87
053d5dc7fa0a82552a93b9a4de1be785a3a498efbb1064f0cf91522630870a5c
GET /assets/img/footer/footer-logos-colors8.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674887995
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 59014
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=92815
content-disposition: inline; filename="footer-logos-colors8.webp"
etag: "63d27455-16a8f"
expires: Mon, 27 Mar 2023 12:40:09 GMT
last-modified: Thu, 26 Jan 2023 12:38:45 GMT
vary: Accept
cf-cache-status: HIT
age: 151175
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd66e3fb51b-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.122200 OK 27 kB URL HTTP/2 use.typekit.net/af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26656, version 1.0\012- data
Hash 843379cf54b236ae4934db29570421f7
1ecfe53a9b021d8cfbdedd77b995a7f6f13f32b6
46f2ac0d9703243c85b6ad1b9f8ce05ce5a2a9d7adaf550fbfa061ecbf093e53
GET /af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26656
etag: "de5daa0372d6be1d2b0ba0e28b1c2c00515f2fce"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/Hjelpelinjen.png
104.18.20.91200 OK 26 kB URL HTTP/2 rizk.com/assets/img/footer/Hjelpelinjen.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2600acad4fa18b407caa42d12eceef0f
809b9de6ef5c469787ca4a199f737ec0e8d73db5
b5e78ae78e39f47d3acae58ce941aa17ec4620957654948039793460256d03f2
GET /assets/img/footer/Hjelpelinjen.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674887995
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 25908
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=61976
content-disposition: inline; filename="Hjelpelinjen.webp"
etag: "637f4f06-f218"
expires: Mon, 30 Jan 2023 04:43:57 GMT
last-modified: Thu, 24 Nov 2022 11:01:26 GMT
vary: Accept
cf-cache-status: HIT
age: 4969345
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd66e42b51b-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.122200 OK 27 kB URL HTTP/2 use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26668, version 1.0\012- data
Hash f3c582e5ca61298fe63dd09a8c9323f0
8561b44c4a4bc035cbf0c533d9bcfb83edc5a8b5
abb1e2fb045dd6b00673ffa1bc1a51b754e05691c69aa54d9b712b3ccbb7fc96
GET /af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26668
etag: "116e12f7283140ad38d72901d816fba7ce41690e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: PuT1oxgzAM/a8Zag57qtsg==, dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Sat, 28 Jan 2023 06:39:55 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos3.png
104.18.20.91200 OK 30 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos3.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 91f88b0da0473fbd507dcd1a759533af
36133c385d1c171958c5a5fc60ef1f5d12237e30
b75061abacce30de1bddabb464f7ca044dba230382cd1323f59079c8d0cdc260
GET /assets/img/footer/footer-logos3.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674887995
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/webp
content-length: 30078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=63052
content-disposition: inline; filename="footer-logos3.webp"
etag: "639b02c9-f64c"
expires: Mon, 13 Feb 2023 19:41:30 GMT
last-modified: Thu, 15 Dec 2022 11:19:37 GMT
vary: Accept
cf-cache-status: HIT
age: 3503286
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd67e49b51b-OSL
X-Firefox-Spdy: h2
rizk.com/assets/fonts/rizk-icons-font.ttf
104.18.20.91200 OK 7.3 kB URL HTTP/2 rizk.com/assets/fonts/rizk-icons-font.ttf
IP 104.18.20.91:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash e430bba6922f67c139ea3cc3da148146
1403eafe8c68c8822be1253dda00fe96c368d628
0b0beeeb28012258a5016cb95f982a34d443ecd1fae612d579ea5a37d2f085ad
GET /assets/fonts/rizk-icons-font.ttf HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674887995
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: application/octet-stream
content-length: 7264
last-modified: Thu, 20 Oct 2022 08:06:56 GMT
etag: "635101a0-1c60"
expires: Tue, 20 Dec 2022 05:33:18 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 4781837
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd6ce86b51b-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/favicon/favicon-16x16.png
104.18.20.91200 OK 352 B URL HTTP/2 rizk.com/assets/img/favicon/favicon-16x16.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 25a53aaffe9a3246411deb3361d57d32
1d5249c888910c27a6125c0d92dd60d2377738c0
9ca4b1fb97777d6c5b3fbe165f2734e3b38525d586828c526ad7bfa91bab2238
GET /assets/img/favicon/favicon-16x16.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: image/webp
content-length: 352
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=571
content-disposition: inline; filename="favicon-16x16.webp"
etag: "63c9889b-23b"
expires: Mon, 27 Mar 2023 06:07:09 GMT
last-modified: Thu, 19 Jan 2023 18:14:51 GMT
vary: Accept
cf-cache-status: HIT
age: 115352
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd73eceb51b-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/favicon/android-icon-192x192.png
104.18.20.91200 OK 3.1 kB URL HTTP/2 rizk.com/assets/img/favicon/android-icon-192x192.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 314c2b722ec91013441562d73c4d8fb3
f7dbb17a8708cb7801ae1e4d449389ec10e7dc81
baced404c8a57e0d0d4f17d00a2850352b98e90a343681b1fea15f263385c82a
GET /assets/img/favicon/android-icon-192x192.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: image/webp
content-length: 3082
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=4135
content-disposition: inline; filename="android-icon-192x192.webp"
etag: "63c9889b-1027"
expires: Mon, 20 Mar 2023 22:54:10 GMT
last-modified: Thu, 19 Jan 2023 18:14:51 GMT
vary: Accept
cf-cache-status: HIT
age: 116816
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd73ecdb51b-OSL
X-Firefox-Spdy: h2
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js
54.230.245.114200 OK 27 kB URL HTTP/1.1 d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js
IP 54.230.245.114:0
File type ASCII text, with very long lines (32806)
Hash fa979f12aafaca9dfc3c01fdb35f2c8a
b2e14da49f38a08294f14376d61dc9b011727f6b
88f23962aff99d99d3d6603b7cc1e6bea1bc37b56c49f1db68f62b19a51f15f5
GET /integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js HTTP/1.1
Host: d2yyd1h5u9mauk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 28 Jan 2023 06:39:44 GMT
Status: 200 OK
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-UA-Compatible: IE=Edge,chrome=1
Cache-Control: max-age=120, public
Content-Security-Policy: default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://*.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://*.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://*.quora.com https://*.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
X-Request-Id: 8668f389da19f1ab2124c0ccd2ca1c2b
X-Runtime: 0.038012
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5M7bEG-GrrDXx-j6af67jIUjxAsB9MtUR0VIESinri21tXJqgls0XQ==
Age: 12
p.typekit.net/p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1674887997533
23.36.76.122200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1674887997533
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1674887997533 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Sat, 28 Jan 2023 06:39:56 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 80bd38dbbba2c622765d84927f15e043
8e16e3799ed64a86d1597ae0748c050755df99bd
2b217451165991f85052d4cdfe8e1061d6eed790da3774dd0bb8794fb83fa501
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5341
Cache-Control: max-age=171125
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:56 GMT
Etag: "63d4a7d4-118"
Expires: Mon, 30 Jan 2023 06:12:01 GMT
Last-Modified: Sat, 28 Jan 2023 04:43:00 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
rizk.com/OneSignalSDKWorker.js
104.18.20.91200 OK 90 kB URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.20.91:0
Hash 25f49c1f2b8d9a2eb90d10af16fe5207
89a4e67526e49094319d268077cf904bc9a085a1
c2e43dc24337858cd2b8ca1b63e1f7cc869964e1618ff47f29283a075592ccaf
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:29 GMT
etag: W/"63d27445-56"
cf-cache-status: HIT
age: 4031
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd85f96b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json
104.16.148.64200 OK 18 kB URL HTTP/2 cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json
IP 104.16.148.64:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65222), with no line terminators
Hash 52edc17dd959eec04919e5f8f7366ebd
b0afc9516325109205e3b7a7656c990ac3ce23f7
f101a7d16badd7407e56c6ecdb70a97147abd8e652d9ec80164cb449f225f8d8
GET /consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: application/x-javascript
content-length: 17666
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: Uu3BfdlZ7sBJGeX49zZuvQ==
last-modified: Thu, 11 Aug 2022 10:56:24 GMT
etag: 0x8DA7B8822255DC0
x-ms-request-id: a06e6807-601e-0142-288a-adb5a7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 14768
expires: Sun, 29 Jan 2023 06:39:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7907bbd95d5f0b39-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
104.16.148.64200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (11118)
Hash 5f1f3dee54d56068cc422c2e182af30c
307e86761b9ecbc0262af0358acfc0e0b95e7ea5
482ea2a9ca60ee6292211fcbfb5ea4b28ef501cd7be34899a43384c8f9a113e8
GET /scripttemplates/6.39.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: application/json
content-length: 3007
content-encoding: gzip
content-md5: Xx897lTVYGjMQiwuGCrzDA==
last-modified: Fri, 26 Aug 2022 16:30:55 GMT
etag: 0x8DA87805972EF22
x-ms-request-id: 77d93883-701e-0112-6b8a-b9aaaf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 15572
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7907bbd99d9e0b39-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
104.16.148.64200 OK 14 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (51738)
Hash 3e961eb7fdc3f94310047addd52478f7
e653b0a0929096e9aaf34772f5839c6fc3f4da49
221064afa3bffb58aff4d7a036a9f5196c60ff0077e23453ca2aa7a1019be47a
GET /scripttemplates/6.39.0/assets/v2/otPcTab.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: application/json
content-length: 13981
content-encoding: gzip
content-md5: PpYet/3D+UMQBHrd1SR49w==
last-modified: Fri, 26 Aug 2022 16:30:58 GMT
etag: 0x8DA87805B3CBC97
x-ms-request-id: 8ef1e9a6-d01e-0150-2d8a-b981bb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 6348
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7907bbd99d9f0b39-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/ef1e7412-c61f-4d80-8864-afd77df9fe19/3c8f4585-e221-4b13-9563-e2283f98b4ed/76734d0d-25b0-4d9e-906d-a2d45303e621/android-icon-192x192.png
104.16.148.64200 OK 4.1 kB URL HTTP/2 cdn.cookielaw.org/logos/ef1e7412-c61f-4d80-8864-afd77df9fe19/3c8f4585-e221-4b13-9563-e2283f98b4ed/76734d0d-25b0-4d9e-906d-a2d45303e621/android-icon-192x192.png
IP 104.16.148.64:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 1cfc5cde5e96f35a24f6db0a76981d91
ff1ac1cecf4b1572b174d753534b644b67d917b6
14430bc422f22b9eb5390f563691365fb38ac5878ebebea5e8bdd528ccac96a6
GET /logos/ef1e7412-c61f-4d80-8864-afd77df9fe19/3c8f4585-e221-4b13-9563-e2283f98b4ed/76734d0d-25b0-4d9e-906d-a2d45303e621/android-icon-192x192.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: image/png
content-length: 4135
content-md5: HPxc3l6W81ok9tsKdpgdkQ==
last-modified: Thu, 24 Mar 2022 10:25:14 GMT
etag: 0x8DA0D8095ED2DEE
x-ms-request-id: d61608bc-601e-010d-7b50-7b71bf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 13400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7907bbd9fd2e0b4d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WVXWPTQ
142.250.74.40200 OK 101 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WVXWPTQ
IP 142.250.74.40:0
File type ASCII text, with very long lines (38551)
Size 101 kB (100864 bytes)
Hash d74e5b26ec65e59a3d5ba2ee321ea4e9
849f704938a7b9b19369d32c2ad9e62a5b34d248
7a4a9959d67acf62b9044ebbec93c718913104d1c6b51205837a4931bb63984a
GET /gtm.js?id=GTM-WVXWPTQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 06:39:56 GMT
expires: Sat, 28 Jan 2023 06:39:56 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100864
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 78a5e115e50d97a9427706177d1ddcca
fd524df3e18ebef26327637bf2d46f0815f8d186
0135ff315e32ba734e8a464f416c8950c03a0e5049a51a74233b0aa11181313d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0135FF315E32BA734E8A464F416C8950C03A0E5049A51A74233B0AA11181313D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15884
Expires: Sat, 28 Jan 2023 11:04:40 GMT
Date: Sat, 28 Jan 2023 06:39:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0e0940a5f7f70785c1318fe7f14026fb
3e8c519bfa9e019b5550b0c2153be9113a3bc266
f3284fd732efe15e038f60f71af86d2ec1ec7604bfa31d0a3ea44fc9fa90d1fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4393
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:56 GMT
Last-Modified: Sat, 28 Jan 2023 05:26:44 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7e6bdd5493bae7913b5f1dae90898c01
069427a4c61e09a4e024d113f8a08a74c4b421f7
56aa9c378dea6f8e20f271cd797ce5753c616efe1f63b3b21a8e9afc442b9ab8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4660
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:56 GMT
Last-Modified: Sat, 28 Jan 2023 05:22:16 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (30923), with no line terminators
Hash 957d65dfa972893511879b4d2abce54b
a0106f59c171c72c527a88cc3b06263af186a5c4
24cae1a14856e2642826fe9d960b0e61ae60fa45a778ec61f2b7d862dc3af603
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Sat, 28 Jan 2023 06:39:56 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sun, 29 Jan 2023 05:47:02 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YVr-YExnwoSkI4qtNy2gu2t_LxU8kXEaXFoYcFDddwxSrYO25eOUnQ==
X-Firefox-Spdy: h2
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
23.36.79.43200 OK 37 kB URL HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (62459)
Hash d2e8fadea66d50de6764cc8815911655
5219f9385a355cddd3cf5893794e2e3c554ead1c
621097f07e85bf9c2eb4b75eea6664762dfc8e3bc3a7f464aa5055295b7cb80d
GET /dist/tag-manager.js?id=STM-AAAAKR HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: fcJuMgZgDoEEJYg=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37261
date: Sat, 28 Jan 2023 06:39:56 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
37.157.4.29302 Found 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
IP 37.157.4.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving/cookie/match?party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 28 Jan 2023 06:39:56 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Tue, 28 Feb 2023 06:39:55 GMT; domain=adform.net; path=/
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 78a5e115e50d97a9427706177d1ddcca
fd524df3e18ebef26327637bf2d46f0815f8d186
0135ff315e32ba734e8a464f416c8950c03a0e5049a51a74233b0aa11181313d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0135FF315E32BA734E8A464F416C8950C03A0E5049A51A74233B0AA11181313D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15884
Expires: Sat, 28 Jan 2023 11:04:40 GMT
Date: Sat, 28 Jan 2023 06:39:56 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 311f04e713e680adc97260bfb25d3447
c9f48c9d10857653ca49660fe8f3035c15335955
eb2d0be4411a67a8a7fc0547795171cb3035113327f300444fedc1901c5a7df3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 06:39:56 GMT
Last-Modified: Sat, 28 Jan 2023 05:34:24 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WQYy4VqZdsz_lrht-WRbeG10rUjzWaBeK8VbBHPy6gLIbdL05YucTg==
Age: 3932
rizk.com/assets/js/mustache.b0b33cad.js
104.18.20.91200 OK 6.4 kB URL HTTP/2 rizk.com/assets/js/mustache.b0b33cad.js
IP 104.18.20.91:0
File type ASCII text, with very long lines (6027)
Hash cb643406a473c825dfcc63dd5e7bd1ab
6af61eb017cca1cbe5ba18eeb3174f7c4d5ad453
9ffeef383f156c95a3eddea9eccdd12d94d22224be368e703d21473d37671464
GET /assets/js/mustache.b0b33cad.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sat+Jan+28+2023+06%3A39%3A57+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-186c"
cf-cache-status: HIT
age: 4419
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd9c8b0b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 721e0bbb21a0b2a057c7b0e86edf8f5d
5eda46a513a448dbe34b0e50abbcb37d177f2186
ac509ff41c016006412b0145a025346e3115b724904f22fe510bc8630a35084c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1737
Cache-Control: max-age=88687
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:57 GMT
Etag: "63d373e3-1d7"
Expires: Sun, 29 Jan 2023 07:18:04 GMT
Last-Modified: Fri, 27 Jan 2023 06:49:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 721e0bbb21a0b2a057c7b0e86edf8f5d
5eda46a513a448dbe34b0e50abbcb37d177f2186
ac509ff41c016006412b0145a025346e3115b724904f22fe510bc8630a35084c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3475
Cache-Control: max-age=90425
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:57 GMT
Etag: "63d373e3-1d7"
Expires: Sun, 29 Jan 2023 07:47:02 GMT
Last-Modified: Fri, 27 Jan 2023 06:49:07 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 721e0bbb21a0b2a057c7b0e86edf8f5d
5eda46a513a448dbe34b0e50abbcb37d177f2186
ac509ff41c016006412b0145a025346e3115b724904f22fe510bc8630a35084c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1737
Cache-Control: max-age=88687
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:57 GMT
Etag: "63d373e3-1d7"
Expires: Sun, 29 Jan 2023 07:18:04 GMT
Last-Modified: Fri, 27 Jan 2023 06:49:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
tracker.ads.sportradar.com/dist/tracker.js
23.36.79.43200 OK 12 kB URL HTTP/2 tracker.ads.sportradar.com/dist/tracker.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (34755)
Hash b34b13d85152f71b7fd15289c78c0583
0bb20191b022bbd0e75f2bbce7f6332886079c2c
7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: EeWcXnw5b_WQBVyQkN3hrtHVebmMaThQpW2F37a44gAqhmPt6qbVZA==
vary: Accept-Encoding
content-encoding: gzip
content-length: 11553
date: Sat, 28 Jan 2023 06:39:57 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=7449e0a7-67cd-4f5d-9c90-c40953a2123e&u_sclid=4a972410-c54c-4164-b99f-f8b50d40e8b5
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=7449e0a7-67cd-4f5d-9c90-c40953a2123e&u_sclid=4a972410-c54c-4164-b99f-f8b50d40e8b5
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=7449e0a7-67cd-4f5d-9c90-c40953a2123e&u_sclid=4a972410-c54c-4164-b99f-f8b50d40e8b5 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:57 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 541
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:57 GMT
access-control-allow-origin: https://rizk.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgRHAIAgDwIm4E7GEjKO2mYLh+y/Fq+9x25G0lZLx1LUJDic042a3J1YVSPT4AQd9jKoyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 7
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist//sp-2.14.0.js
23.36.79.43200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: rwLFuH76gyBuOOKfMU6fioIQYlVlN4USMSMuK47JehscNYA176w4qg==
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 28 Jan 2023 06:39:57 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 721e0bbb21a0b2a057c7b0e86edf8f5d
5eda46a513a448dbe34b0e50abbcb37d177f2186
ac509ff41c016006412b0145a025346e3115b724904f22fe510bc8630a35084c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3475
Cache-Control: max-age=90425
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:57 GMT
Etag: "63d373e3-1d7"
Expires: Sun, 29 Jan 2023 07:47:02 GMT
Last-Modified: Fri, 27 Jan 2023 06:49:07 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 05:46:59 GMT
expires: Sat, 28 Jan 2023 07:46:59 GMT
cache-control: public, max-age=7200
age: 3178
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
acdn.adnxs.com/dmp/up/pixie.js
151.101.129.108200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 151.101.129.108:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3340
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: W/"60b79de0-23b3"
Expires: Mon, 31 Oct 2022 05:58:51 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 06:39:57 GMT
Age: 16133
X-Served-By: cache-lga21930-LGA, cache-bma1667-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 13, 719
X-Timer: S1674887998.620169,VS0,VE0
Vary: Accept-Encoding
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash e2df68f777e8c821cb98d957b7112175
6c71ca42d34963aadadfe0f488310a3d6ffcbcdf
ecdad2372e0943724852ae3c57a3a2fa18e435d7be536916d07b812274f53c15
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "ECDAD2372E0943724852AE3C57A3A2FA18E435D7BE536916D07B812274F53C15"
Last-Modified: Fri, 27 Jan 2023 18:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2533
Expires: Sat, 28 Jan 2023 07:22:10 GMT
Date: Sat, 28 Jan 2023 06:39:57 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash e2df68f777e8c821cb98d957b7112175
6c71ca42d34963aadadfe0f488310a3d6ffcbcdf
ecdad2372e0943724852ae3c57a3a2fa18e435d7be536916d07b812274f53c15
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "ECDAD2372E0943724852AE3C57A3A2FA18E435D7BE536916D07B812274F53C15"
Last-Modified: Fri, 27 Jan 2023 18:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2533
Expires: Sat, 28 Jan 2023 07:22:10 GMT
Date: Sat, 28 Jan 2023 06:39:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b10c572a58f34d8fb28433f25bb9c885
8bc11baa4e367bfcf8738f28000a3befc9866cc8
678014c585151112a3bd14158afd8509eeec3d4bad3117d6ccd9ecaa109107bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2945
Cache-Control: max-age=97430
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:57 GMT
Etag: "63d39152-1d7"
Expires: Sun, 29 Jan 2023 09:43:47 GMT
Last-Modified: Fri, 27 Jan 2023 08:54:42 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7d0d870665da3379e37d6b1686d0cd07
c1326323c810ff7915bb36b3f71e82364ff451f9
b5276bb92002e3d5deca2816c02a4e824cd4d6d1c2e8fd1016caeed7ba0ab243
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1723
Cache-Control: max-age=129340
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:57 GMT
Etag: "63d412be-1d7"
Expires: Sun, 29 Jan 2023 18:35:37 GMT
Last-Modified: Fri, 27 Jan 2023 18:06:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
rizk.com/OneSignalSDKWorker.js
104.18.20.91304 Not Modified 0 B URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.20.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sat+Jan+28+2023+06%3A39%3A57+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; _gcl_au=1.1.485038475.1674887998; _ga_0WVZ21C8XH=GS1.1.1674887998.1.0.1674887998.60.0.0; _ga=GA1.1.1911035657.1674887998; _pk_ref.1.dd63=%5B%22%22%2C%22%22%2C1674887998%2C%22https%3A%2F%2Fcurvyalpaca.cc%2F%22%5D; _pk_id.1.dd63=c82e53d02ff27aa6.1674887998.; _pk_ses.1.dd63=1; _scid=19bd98a0-7f7b-4466-a8e7-2773e1a8e98e; _sp_srt_ses.1633=*; _sp_srt_id.1633=3dd1a1d5-4acf-4637-9dfa-bffcaf74772e.1674887999.1.1674887999.1674887999.35f51f95-f2ca-4b73-89a5-22bb715882a1; _gid=GA1.2.1492939855.1674887999
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Thu, 26 Jan 2023 12:38:29 GMT
If-None-Match: W/"63d27445-56"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 28 Jan 2023 06:39:57 GMT
last-modified: Thu, 26 Jan 2023 12:38:29 GMT
etag: "63d27445-56"
cf-cache-status: HIT
age: 4032
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbe16dd7b51b-OSL
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1911035657.1674887998>m=2oe1p0&aip=1&z=793396317
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1911035657.1674887998>m=2oe1p0&aip=1&z=793396317
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1911035657.1674887998>m=2oe1p0&aip=1&z=793396317 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 06:39:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
35.157.254.54302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 35.157.254.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 28 Jan 2023 06:39:57 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=bb3df44c-521a-4384-b61a-53bd4c691665; path=/; expires=Sun, 28-Jan-2024 06:39:57 GMT; domain=sportradarserving.com; samesite=none; secure
c=1674887997; path=/; expires=Sun, 28-Jan-2024 06:39:57 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1674887997; path=/; expires=Sun, 28-Jan-2024 06:39:57 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/pixel?type=js&aid=1263&id=3422
35.157.254.54302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1263&id=3422
IP 35.157.254.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1263&id=3422 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 28 Jan 2023 06:39:57 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
Set-Cookie: zuuid=bbf32773-a471-4018-9f93-0f2fbc4aafd6; path=/; expires=Sun, 28-Jan-2024 06:39:57 GMT; domain=sportradarserving.com; samesite=none; secure
c=1674887997; path=/; expires=Sun, 28-Jan-2024 06:39:57 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1674887997; path=/; expires=Sun, 28-Jan-2024 06:39:57 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
region1.analytics.google.com/g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1p0&_p=355568187&_gaz=1&cid=1911035657.1674887998&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674887998&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dr=https%3A%2F%2Fcurvyalpaca.cc%2F&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_currency=&up.rizk_language=NO&up.rizk_user_id=logged-out
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1p0&_p=355568187&_gaz=1&cid=1911035657.1674887998&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674887998&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dr=https%3A%2F%2Fcurvyalpaca.cc%2F&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_currency=&up.rizk_language=NO&up.rizk_user_id=logged-out
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1p0&_p=355568187&_gaz=1&cid=1911035657.1674887998&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674887998&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dr=https%3A%2F%2Fcurvyalpaca.cc%2F&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_currency=&up.rizk_language=NO&up.rizk_user_id=logged-out HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rizk.com
date: Sat, 28 Jan 2023 06:39:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
matomo.rizk-dev.com/matomo.js
104.18.14.144200 OK 49 kB URL HTTP/2 matomo.rizk-dev.com/matomo.js
IP 104.18.14.144:0
File type ASCII text, with very long lines (1601)
Hash aab83c9d066d2b6eb0654a47b4239d6c
45ce3cbc02aa75bbd40562c6483937354efe3a20
f3e10d4897e69ca1c117fba1c239fdaff48282c520a2b37f87248890a3648da4
GET /matomo.js HTTP/1.1
Host: matomo.rizk-dev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 08:56:29 GMT
etag: W/"6286063d-faed"
expires: Sat, 28 Jan 2023 10:39:56 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 3149
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-robots-tag: noindex
server: cloudflare
cf-ray: 7907bbdcad131bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.bannerflow.net/scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.12.64200 OK 2.4 kB URL HTTP/2 c.bannerflow.net/scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.12.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 82316833e1cf4b67f96e10c03e40f43d
509f779bfff2fc3004bfdfa6fec07ea99fd219f1
2e731a38cfaf7ff3200f93f185a2215154a27323279b0dee88ac7ff413a84872
GET /scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: c.bannerflow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:57 GMT
content-type: text/html
cache-control: public,max-age=3600
content-md5: ECKsFMGYt00AJi96pRIpJw==
last-modified: Mon, 28 Mar 2022 11:38:52 GMT
x-ms-request-id: 892675fa-901e-0070-5c0b-e554d1000000
x-ms-version: 2011-08-18
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2431
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907bbdd4a50b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-0WVZ21C8XH&cid=1911035657.1674887998>m=2oe1p0&aip=1
173.194.221.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-0WVZ21C8XH&cid=1911035657.1674887998>m=2oe1p0&aip=1
IP 173.194.221.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0WVZ21C8XH&cid=1911035657.1674887998>m=2oe1p0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rizk.com
date: Sat, 28 Jan 2023 06:39:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s2.adform.net/banners/scripts/st/trackpoint-async.js
37.157.2.247200 OK 71 kB URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP 37.157.2.247:0
Hash f083d7d2d0452654f537cde262f91720
c395fbbd29993969506e2a74c104818762faf0dd
4172036e33f2276a4c12e6a795140f330aa937215ad5036273714b8269ec1621
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:39:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
x-rgw-object-type: Normal
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-amz-request-id: tx00000b607f2982f72f17d-006385e0d3-3293868f-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b10c572a58f34d8fb28433f25bb9c885
8bc11baa4e367bfcf8738f28000a3befc9866cc8
678014c585151112a3bd14158afd8509eeec3d4bad3117d6ccd9ecaa109107bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2945
Cache-Control: max-age=97430
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:57 GMT
Etag: "63d39152-1d7"
Expires: Sun, 29 Jan 2023 09:43:47 GMT
Last-Modified: Fri, 27 Jan 2023 08:54:42 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
static.hotjar.com/c/hotjar-661774.js?sv=7
54.230.111.39200 OK 4.8 kB URL HTTP/2 static.hotjar.com/c/hotjar-661774.js?sv=7
IP 54.230.111.39:0
File type Unicode text, UTF-8 text, with very long lines (7534)
Hash 0e6e9f2dab4db990909b69fa70d02f34
1aa4f551c1fe1d420d8e7d9e66a55f714b86f0af
5b0e49a4ec6a60c75e39a55e5ef0bbeb3dba545e2a630667e1736fca45140667
GET /c/hotjar-661774.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sat, 28 Jan 2023 06:39:07 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/cd5185467ca7271623cd3e316324e8d6
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IYJOJtQn3yRe4HZX7G0-sPAUWeiG4DgX_aLCpTBQWsfgsKVy0GP39g==
age: 50
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 4.4 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
File type ASCII text, with very long lines (9097)
Hash 004fd9c77a3a4272e382a26278b6ede2
a57b21d0b76bc34d4636ad179a2a541906f75872
77e14658b7410c203a8f1da679b23264f380904c2fbe51a8b0c6ed1358df14d7
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:57 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 859
expires: Tue, 31 Jan 2023 06:39:57 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7907bbe1bcfdb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:39:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.dcdf252a9a6cf097c357.js
54.230.111.93200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.dcdf252a9a6cf097c357.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 4ab050de5a6437b8d1f5955ab1dbfb07
498e55a41dc3df84cf825bd946a1300a04b38677
87cbfe168c8537c46132cab67a16afe706796b7f301ac8dc5bd8f9ea847e4a72
GET /modules.dcdf252a9a6cf097c357.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68336
date: Fri, 27 Jan 2023 09:04:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4ab050de5a6437b8d1f5955ab1dbfb07"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jsKrAJlG0_HC0HD83RwH5XgLAtOGoOygi-QxDZ2hrgYWZlrEdp_Hlw==
age: 77752
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
54.230.111.16200 OK 222 B URL HTTP/2 rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
IP 54.230.111.16:0
Hash 40537b1abe9505bb799edac2255a8470
3b26d888b1d5f92da2d20c58863690c5587fa9c7
7f99464c6925fc098677d29ef278b73b2c0160dea8cce855eac94ab703477e78
GET /rules-p-qX80KJDWUUAcD.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 222
last-modified: Thu, 13 Oct 2022 22:18:39 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sat, 28 Jan 2023 05:45:11 GMT
cache-control: max-age=3600
etag: "40537b1abe9505bb799edac2255a8470"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kWzBgsXyyDz2rE9is-mQTrirWKz-PjA6k_pgUFMgCbFZhvr--FfQBQ==
age: 3336
X-Firefox-Spdy: h2
ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1674887999096&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=https%3A%2F%2Fcurvyalpaca.cc%2F&st=1674887999095&et=1674887999096&if=0
185.89.210.122200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1674887999096&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=https%3A%2F%2Fcurvyalpaca.cc%2F&st=1674887999095&et=1674887999096&if=0
IP 185.89.210.122:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1674887999096&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=https%3A%2F%2Fcurvyalpaca.cc%2F&st=1674887999095&et=1674887999096&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 28 Jan 2023 06:39:57 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=533360383376&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=https%3A%2F%2Fcurvyalpaca.cc%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.6.233200 OK 558 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=533360383376&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=https%3A%2F%2Fcurvyalpaca.cc%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.6.233:0
File type ASCII text, with very long lines (413), with CRLF line terminators
Hash ee4ae0fd5969e9fa2adf9002a04635da
a65c523169c81e7dfb68e6cf865b325a5c88488b
33d43c7aac7cdb90b22061b4af73e7c2bb730f6aa1ed3fd80a65e4197091440d
GET /Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=533360383376&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=https%3A%2F%2Fcurvyalpaca.cc%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:39:57 GMT
content-type: text/javascript; charset=utf-8
content-length: 558
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 28-Feb-2023 06:39:57 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=533360383376&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=https%3A%2F%2Fcurvyalpaca.cc%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=7157294711756392359
37.157.6.233200 OK 201 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=533360383376&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=https%3A%2F%2Fcurvyalpaca.cc%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=7157294711756392359
IP 37.157.6.233:0
File type ASCII text, with CRLF line terminators
Hash 58843f6e7478fcbc58ce3f06ebc8a766
38be284fc6f347414e9c4e62966c738f1303a06a
00d40fbf21940008fde10ef8f27648b7a840b379ea469d72008afa81501c74da
GET /Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=533360383376&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=https%3A%2F%2Fcurvyalpaca.cc%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=7157294711756392359 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:39:57 GMT
content-type: text/javascript; charset=utf-8
content-length: 201
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1529569102;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ref=https%3A%2F%2Fcurvyalpaca.cc%2F;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-1152907867-1674887999196;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;d=rizk.com;dst=0;et=1674887999325;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=b3d4eeca-d28d-4ed6-874c-66017b5e3f67
91.228.74.166200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1529569102;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ref=https%3A%2F%2Fcurvyalpaca.cc%2F;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-1152907867-1674887999196;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;d=rizk.com;dst=0;et=1674887999325;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=b3d4eeca-d28d-4ed6-874c-66017b5e3f67
IP 91.228.74.166:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1529569102;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ref=https%3A%2F%2Fcurvyalpaca.cc%2F;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-1152907867-1674887999196;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;d=rizk.com;dst=0;et=1674887999325;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=b3d4eeca-d28d-4ed6-874c-66017b5e3f67 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:57 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EPcBBgGUKAISAa_kpw2e6bRu; expires=Fri, 28-Apr-2023 06:39:57 GMT; path=/; domain=.quantserve.com
mc=63d4c33d-ea0d1-b3ce4-3e463; expires=Wed, 28-Feb-2024 06:39:57 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:39:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=587209,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907bbe43cf20b3d-OSL
x.bidswitch.net/syncd?dsp_id=409&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
18.184.182.132302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 18.184.182.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 28 Jan 2023 06:39:58 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=1ab7bf25-f744-494e-9455-b62547c2cfaf; path=/; expires=Sun, 28-Jan-2024 06:39:58 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674887998; path=/; expires=Sun, 28-Jan-2024 06:39:58 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674887998; path=/; expires=Sun, 28-Jan-2024 06:39:58 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674887998; path=/; expires=Sun, 28-Jan-2024 06:39:58 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=118e2ea9-db73-4075-bc82-2f67aa245c03
18.184.182.132302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=118e2ea9-db73-4075-bc82-2f67aa245c03
IP 18.184.182.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=118e2ea9-db73-4075-bc82-2f67aa245c03 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 28 Jan 2023 06:39:58 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=118e2ea9-db73-4075-bc82-2f67aa245c03
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=96b7836c-24f6-484a-a4d4-111fecb13fea; path=/; expires=Sun, 28-Jan-2024 06:39:58 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674887998; path=/; expires=Sun, 28-Jan-2024 06:39:58 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674887998; path=/; expires=Sun, 28-Jan-2024 06:39:58 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674887998; path=/; expires=Sun, 28-Jan-2024 06:39:58 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=https%3A%2F%2Fcurvyalpaca.cc%2F&if=false&ts=1674887999464&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674887999463.800535688&it=1674887999203&coo=false&tm=1&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=https%3A%2F%2Fcurvyalpaca.cc%2F&if=false&ts=1674887999464&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674887999463.800535688&it=1674887999203&coo=false&tm=1&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=https%3A%2F%2Fcurvyalpaca.cc%2F&if=false&ts=1674887999464&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674887999463.800535688&it=1674887999203&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Jan 2023 06:39:58 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=125966753077306&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=https%3A%2F%2Fcurvyalpaca.cc%2F&if=false&ts=1674887999595&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674887999463.800535688&it=1674887999203&coo=false&tm=1&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=125966753077306&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=https%3A%2F%2Fcurvyalpaca.cc%2F&if=false&ts=1674887999595&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674887999463.800535688&it=1674887999203&coo=false&tm=1&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=125966753077306&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=https%3A%2F%2Fcurvyalpaca.cc%2F&if=false&ts=1674887999595&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674887999463.800535688&it=1674887999203&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Jan 2023 06:39:58 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 9e93cde64ebbbf5f2c14b5f26a093a91
989406e7bdc70e53b2999423cd21cc5052f34011
d479e9e75b095b85a5c61635692680cfaa6b86b861d92b2abe2be1e85b6b0747
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123991
Date: Sat, 28 Jan 2023 06:39:58 GMT
Etag: "63d3ecde-1d7"
Expires: Sun, 29 Jan 2023 17:06:29 GMT
Last-Modified: Fri, 27 Jan 2023 15:25:18 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IoWY9SIW3tM8P3c8kIZM7cHBK0cG4lMDSneyOzNGkLfGx7HRlI8UMw==
Age: 6071
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
18.184.182.132200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 18.184.182.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:58 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=118e2ea9-db73-4075-bc82-2f67aa245c03
18.184.182.132302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=118e2ea9-db73-4075-bc82-2f67aa245c03
IP 18.184.182.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=118e2ea9-db73-4075-bc82-2f67aa245c03 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 28 Jan 2023 06:39:58 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.166200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.166:0
Hash a5b73100da452a66f4d80a9c33d687ed
6a5c141e66c3d82af2f88ccbae920f92de1da5ca
2520b2c9b7a174e086749e0b871926c2af6c694750e4116e1e8e96a8cd535285
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:57 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "OVi4z6W4qM+KoQEZlRgh5w=="
expires: Sat, 04 Feb 2023 06:39:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:39:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=587209,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907bbe43df8b511-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:39:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=587209,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907bbe43f0a0b06-OSL
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=f8aa118e-e3c4-4a9d-a880-dd869fe0e206
18.184.182.132302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=f8aa118e-e3c4-4a9d-a880-dd869fe0e206
IP 18.184.182.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=f8aa118e-e3c4-4a9d-a880-dd869fe0e206 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 28 Jan 2023 06:39:58 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=00ef2727-4ba0-42f7-9f38-892a412ec369
18.184.182.132302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=00ef2727-4ba0-42f7-9f38-892a412ec369
IP 18.184.182.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&cb=00ef2727-4ba0-42f7-9f38-892a412ec369 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 28 Jan 2023 06:39:58 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dbbf32773-a471-4018-9f93-0f2fbc4aafd6
18.184.182.132200 OK 43 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dbbf32773-a471-4018-9f93-0f2fbc4aafd6
IP 18.184.182.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /syncd?dsp_id=409&user_group=1&user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dbbf32773-a471-4018-9f93-0f2fbc4aafd6 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:58 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e6d15c4de4c8ba1bd619812c40a1162e
ff9bfa25103d351dba69c29b5b56390c4a7e52ad
f6c9c5943fe0fb150ecd091234d49cc8ec55d212d62da617c9296bf008c96016
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170331
Date: Sat, 28 Jan 2023 06:39:58 GMT
Etag: "63d4abfb-1d7"
Expires: Mon, 30 Jan 2023 05:58:49 GMT
Last-Modified: Sat, 28 Jan 2023 05:00:43 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nLh88DbH9uXXjyvKOvkhwKuYLODtc-lT63TsQuafdSGg_cf2LkeTmA==
Age: 3486
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.158.43.18204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.158.43.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 28 Jan 2023 06:39:58 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e6d15c4de4c8ba1bd619812c40a1162e
ff9bfa25103d351dba69c29b5b56390c4a7e52ad
f6c9c5943fe0fb150ecd091234d49cc8ec55d212d62da617c9296bf008c96016
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 06:39:58 GMT
Last-Modified: Sat, 28 Jan 2023 05:42:10 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rJtRn3r4TYEXN9sZfDHS6xt4UcCdJYGnZIv_JvvjuvBXUUQsYqFYdA==
Age: 3468
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.158.43.18204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.158.43.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 28 Jan 2023 06:39:58 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e6d15c4de4c8ba1bd619812c40a1162e
ff9bfa25103d351dba69c29b5b56390c4a7e52ad
f6c9c5943fe0fb150ecd091234d49cc8ec55d212d62da617c9296bf008c96016
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170589
Date: Sat, 28 Jan 2023 06:39:58 GMT
Etag: "63d4abfb-1d7"
Expires: Mon, 30 Jan 2023 06:03:07 GMT
Last-Modified: Sat, 28 Jan 2023 05:00:43 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0FMwwl9_yTnfK3-UCmeDhVxZ1GcwdRwbLUxI1Gk4w1_d2jADCNOBuA==
Age: 3744
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.158.43.18204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.158.43.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=bbf32773-a471-4018-9f93-0f2fbc4aafd6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 28 Jan 2023 06:39:58 GMT
X-Firefox-Spdy: h2
rizk.com/OneSignalSDKWorker.js
104.18.20.91304 Not Modified 0 B URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.20.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sat+Jan+28+2023+06%3A39%3A57+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; _gcl_au=1.1.485038475.1674887998; _ga_0WVZ21C8XH=GS1.1.1674887998.1.0.1674887998.60.0.0; _ga=GA1.1.1911035657.1674887998; _pk_ref.1.dd63=%5B%22%22%2C%22%22%2C1674887998%2C%22https%3A%2F%2Fcurvyalpaca.cc%2F%22%5D; _pk_id.1.dd63=c82e53d02ff27aa6.1674887998.; _pk_ses.1.dd63=1; _scid=19bd98a0-7f7b-4466-a8e7-2773e1a8e98e; _sp_srt_ses.1633=*; _sp_srt_id.1633=3dd1a1d5-4acf-4637-9dfa-bffcaf74772e.1674887999.1.1674887999.1674887999.35f51f95-f2ca-4b73-89a5-22bb715882a1; _gid=GA1.2.1492939855.1674887999; adformfrpid=7157294711756392359; _hjSessionUser_661774=eyJpZCI6IjZiMGQ3ZDAzLWYxY2MtNTcyYy1iYzdlLTg3MzUxZWQ5ODdlNSIsImNyZWF0ZWQiOjE2NzQ4ODc5OTkzNzIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_661774=eyJpZCI6ImU4NGIwNjViLTFmZmUtNGIyOS05MDFmLTMxYjJkYzE4MTFlNiIsImNyZWF0ZWQiOjE2NzQ4ODc5OTkzOTMsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; __qca=P0-1152907867-1674887999196; _fbp=fb.1.1674887999463.800535688
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Thu, 26 Jan 2023 12:38:29 GMT
If-None-Match: W/"63d27445-56"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 28 Jan 2023 06:39:58 GMT
last-modified: Thu, 26 Jan 2023 12:38:29 GMT
etag: "63d27445-56"
cf-cache-status: HIT
age: 4033
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbe7f9d0b51b-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-footer.svg
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/rizk-logo-footer.svg
IP 104.18.20.91:0
GET /assets/img/rizk-logo-footer.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Oct 2022 08:50:04 GMT
etag: W/"633e96bc-789"
expires: Tue, 06 Dec 2022 01:38:03 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 4776809
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd42cc1b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/js/runtime.ab229b8c.js
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/runtime.ab229b8c.js
IP 104.18.20.91:0
GET /assets/js/runtime.ab229b8c.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-8fc"
cf-cache-status: HIT
age: 1941
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd42cc4b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/no/translations/selection
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/no/translations/selection
IP 104.18.20.91:0
POST /no/translations/selection HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 3581
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd68e54b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/js/scripts.a59bec0c.js
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/scripts.a59bec0c.js
IP 104.18.20.91:0
GET /assets/js/scripts.a59bec0c.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-654b4"
cf-cache-status: HIT
age: 6694
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd42cc6b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/css/base.css?1674887995
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/css/base.css?1674887995
IP 104.18.20.91:0
GET /assets/css/base.css?1674887995 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: text/css
last-modified: Thu, 26 Jan 2023 12:38:44 GMT
etag: W/"63d27454-5026a"
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd2abd4b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.27.85200 OK 0 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.27.85:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7907bbd89af7b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
IP 104.16.148.64:0
GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: image/svg+xml
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Wed, 25 Jan 2023 15:15:50 GMT
x-ms-request-id: 8678c3cd-f01e-0180-400c-313d19000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 30681
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7907bbd9fd2f0b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.172.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.172.188:0
GET /resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: text/html
content-md5: qRcQewUQpBCpHWX0csvwPQ==
last-modified: Thu, 10 Sep 2020 09:09:07 GMT
x-ms-request-id: ff32aea2-d01e-005f-750f-2aa63e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 45
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907bbdcfecbb506-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logo-odr.svg
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/footer/footer-logo-odr.svg
IP 104.18.20.91:0
GET /assets/img/footer/footer-logo-odr.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674887995
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/svg+xml
last-modified: Thu, 15 Dec 2022 11:19:37 GMT
etag: W/"639b02c9-1c73"
expires: Sat, 18 Feb 2023 04:38:06 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 791394
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd67e4bb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 858
expires: Tue, 31 Jan 2023 06:39:56 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7907bbd90cf2b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
IP 104.16.148.64:0
GET /scripttemplates/6.39.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: text/css
content-md5: B55i3ZY9miZIaUrwjufy0w==
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
x-ms-request-id: b3ac1c65-001e-0030-378a-b982cc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 14480
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7907bbd99da00b39-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
tr.snapchat.com/config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js
IP 35.190.43.134:0
GET /config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:57 GMT
access-control-allow-origin: https://rizk.com
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
curvyalpaca.cc/click?a=Csxn&e=gAAAAABj1MM4RRwX51aX7ZwudTLlTwpXSqHdKMRrMfLfvORSjTanHJndQp55YxJ2ImHxluyNcK6WpqJSiNT5ZzOkZUlIig7cNO2-zDHG8tShOBY5bewiCBvoTKmHMALrRkzJ-nb3Ya4WTZ1WX78mcRyGcjBAPr4bfc2_sXFOG5y_90_H-Jc9H5POnnprLQGonOw39nCGruuNDkRhIGLkJl_b2gbYCoUTdidwQ8KszF_DZP0ax5ReNG-p1v-Tfvs2jcsCN3lu7fMa_PWVvs4h-JSVGigkcE2QBzXn5ZFFxECo9kUGC_WpFtkokbef9zgXYNn_DGS0v-5bxD6B_UVU0dmmkLq_9vLZ0bq-jRUbPnWozAxPD1IW5lBJqyL8mdBW3TGkrfWo6xqb
157.90.88.166200 OK 0 B URL HTTP/2 curvyalpaca.cc/click?a=Csxn&e=gAAAAABj1MM4RRwX51aX7ZwudTLlTwpXSqHdKMRrMfLfvORSjTanHJndQp55YxJ2ImHxluyNcK6WpqJSiNT5ZzOkZUlIig7cNO2-zDHG8tShOBY5bewiCBvoTKmHMALrRkzJ-nb3Ya4WTZ1WX78mcRyGcjBAPr4bfc2_sXFOG5y_90_H-Jc9H5POnnprLQGonOw39nCGruuNDkRhIGLkJl_b2gbYCoUTdidwQ8KszF_DZP0ax5ReNG-p1v-Tfvs2jcsCN3lu7fMa_PWVvs4h-JSVGigkcE2QBzXn5ZFFxECo9kUGC_WpFtkokbef9zgXYNn_DGS0v-5bxD6B_UVU0dmmkLq_9vLZ0bq-jRUbPnWozAxPD1IW5lBJqyL8mdBW3TGkrfWo6xqb
IP 157.90.88.166:0
ASN #24940 Hetzner Online GmbH
GET /click?a=Csxn&e=gAAAAABj1MM4RRwX51aX7ZwudTLlTwpXSqHdKMRrMfLfvORSjTanHJndQp55YxJ2ImHxluyNcK6WpqJSiNT5ZzOkZUlIig7cNO2-zDHG8tShOBY5bewiCBvoTKmHMALrRkzJ-nb3Ya4WTZ1WX78mcRyGcjBAPr4bfc2_sXFOG5y_90_H-Jc9H5POnnprLQGonOw39nCGruuNDkRhIGLkJl_b2gbYCoUTdidwQ8KszF_DZP0ax5ReNG-p1v-Tfvs2jcsCN3lu7fMa_PWVvs4h-JSVGigkcE2QBzXn5ZFFxECo9kUGC_WpFtkokbef9zgXYNn_DGS0v-5bxD6B_UVU0dmmkLq_9vLZ0bq-jRUbPnWozAxPD1IW5lBJqyL8mdBW3TGkrfWo6xqb HTTP/1.1
Host: curvyalpaca.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.19.1
date: Sat, 28 Jan 2023 06:39:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.18.20.91:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-4d7"
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd42cc3b51b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 30 Jan 2023 06:39:55 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/MGA.svg
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/footer/MGA.svg
IP 104.18.20.91:0
GET /assets/img/footer/MGA.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674887995
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Jan 2023 10:35:49 GMT
etag: W/"63b6a805-49ef"
expires: Mon, 13 Mar 2023 05:08:21 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 784273
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd67e4db51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.172.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.172.188:0
GET /resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=3650
content-md5: 9U0JZZEfvIjj+rfzna0fNA==
etag: W/"0x8D7A4C7B64A6317"
last-modified: Wed, 29 Jan 2020 14:29:55 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 1b1234c4-701e-0091-595e-a55502000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 1
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907bbdcbeaeb506-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/no/user/setOBtag
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/no/user/setOBtag
IP 104.18.20.91:0
POST /no/user/setOBtag HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sat+Jan+28+2023+06%3A39%3A57+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; _gcl_au=1.1.485038475.1674887998
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:57 GMT
content-type: application/json
x-powered-by: PHP/7.1.33
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbdc8a6eb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
37.157.4.29200 OK 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
IP 37.157.4.29:0
GET /serving/cookie/match?CC=1&party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:39:57 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
104.18.20.91301 Moved Permanently 0 B URL HTTP/2 rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
IP 104.18.20.91:0
GET /no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://curvyalpaca.cc/
Connection: keep-alive
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: text/html; charset=UTF-8
location: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
x-powered-by: PHP/7.1.33
set-cookie: PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; path=/; secure; HttpOnly
btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; expires=Sat, 11-Feb-2023 06:39:55 GMT; Max-Age=1209600; path=/; secure
Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; expires=Mon, 27-Feb-2023 06:39:55 GMT; Max-Age=2592000; path=/; secure; httponly
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd07a3db51b-OSL
X-Firefox-Spdy: h2
rizk.com/assets/js/base.66506201.js
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/base.66506201.js
IP 104.18.20.91:0
GET /assets/js/base.66506201.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=sb8kl8avrqhi9m6i77u2dg695k; btag=a_10689784b_c_kVWv6XQf8wW7wKYKxDlGEGNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=https%3A%2F%2Fcurvyalpaca.cc%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:55 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-7ba24"
cf-cache-status: HIT
age: 6695
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7907bbd42cc5b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/661774/visit-data?sv=7
3.248.94.213200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/661774/visit-data?sv=7
IP 3.248.94.213:0
POST /api/v2/client/sites/661774/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 130
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:39:58 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2