r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2274
Expires: Mon, 14 Nov 2022 00:30:53 GMT
Date: Sun, 13 Nov 2022 23:52:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e969be0f3201087da138cbc8b89f10
d0a27f525f2b242b5dafa157f126c2ba880c8809
f7e5f39372b5adcc30c27e727eee1b19e6d13ed1b54fa1ad67235dc8ee08ac51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5962
Cache-Control: max-age=130664
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:52:59 GMT
Etag: "6370c779-1d7"
Expires: Tue, 15 Nov 2022 12:10:43 GMT
Last-Modified: Sun, 13 Nov 2022 10:31:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14230
Expires: Mon, 14 Nov 2022 03:50:09 GMT
Date: Sun, 13 Nov 2022 23:52:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 13 Nov 2022 23:44:28 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 511
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LO+68us8/AGQK3ITRdNDerxcmp79++MoNpCdYsjl48g3MI6znRErREyKpGJzjXZKYCDg3cjsgz8=
x-amz-request-id: 9G39P4D6N8M8NA0P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 13 Nov 2022 23:50:52 GMT
age: 127
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 13 Nov 2022 23:52:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 13 Nov 2022 23:44:48 GMT
cache-control: public,max-age=3600
age: 491
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0a9a357f652868f9317812b8103ba15d
95a90c7a07b591dce7f39c6f9ab27974d1a1ed2a
16fd52c7ee6806455e724f30af8d58630a141a8a3823c48c20b5da3a71f066da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1422
Cache-Control: max-age=121054
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:00 GMT
Etag: "6370b3ac-1d7"
Expires: Tue, 15 Nov 2022 09:30:34 GMT
Last-Modified: Sun, 13 Nov 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
techflourish.com/categories/apple-pie-clipart-pics.html
64.32.8.67302 Found 11 B URL HTTP/1.1 techflourish.com/categories/apple-pie-clipart-pics.html
IP 64.32.8.67:0
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert quad9 Sinkholed
GET /categories/apple-pie-clipart-pics.html HTTP/1.1
Host: techflourish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 13 Nov 2022 23:52:59 GMT
location: http://click-v4.expmdiadi.com/click?i=e7NQx3O0P-E_0
server: nginx
set-cookie: sid=4d8bcc18-63ae-11ed-aa6d-ac10694a4da6; path=/; domain=.techflourish.com; expires=Sat, 02 Dec 2090 03:07:07 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
34.214.17.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.17.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z7fBrH35GcP1doW6yz+LnQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KZTH3+dJJq0EBtHCaNChKUAVtcU=
click-v4.expmdiadi.com/click?i=e7NQx3O0P-E_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.expmdiadi.com/click?i=e7NQx3O0P-E_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=e7NQx3O0P-E_0 HTTP/1.1
Host: click-v4.expmdiadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://feed.us.adrunnr.com/11/?id=4d97d9d4-63ae-11ed-85eb-dba080deddf7
Pragma: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12302
Expires: Mon, 14 Nov 2022 03:18:03 GMT
Date: Sun, 13 Nov 2022 23:53:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12302
Expires: Mon, 14 Nov 2022 03:18:03 GMT
Date: Sun, 13 Nov 2022 23:53:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12302
Expires: Mon, 14 Nov 2022 03:18:03 GMT
Date: Sun, 13 Nov 2022 23:53:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12302
Expires: Mon, 14 Nov 2022 03:18:03 GMT
Date: Sun, 13 Nov 2022 23:53:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93dfd620-9002-46a5-b0e7-f76908157342.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93dfd620-9002-46a5-b0e7-f76908157342.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91867304df5ea75d02ae48a94d24b62e
4e1159bd964a4c06ec237c81bb93eb1623aad66e
f946d60d53b9d6c8e11a9d15a8127c7a65cb2fad7b604ab8b007fa0137a9d370
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93dfd620-9002-46a5-b0e7-f76908157342.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6716
x-amzn-requestid: f0c6fef3-c522-4641-afba-96bb3ba25cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjybzHzXoAMFv5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371644b-75160f836fb48bda59c470a8;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CuPYHc2of7TQ-WsM96Jjoz0CCQ6Z-pLlM8dqc3xK-gYZyPs1-mcRag==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:53:45 GMT
age: 7156
etag: "4e1159bd964a4c06ec237c81bb93eb1623aad66e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd7b84df82a13b2ea007322eab69b77
e2803d3c0c7dfe4c052b3159f2d54cc66a379d5d
c38b65bba8ec8817930831c76c09b4dd620c8f5394d87c3b60e1753a0ee0ef60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: 4c6840b8-17b3-425e-9b9f-3a44f6a1f53f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjybyH8hoAMFWCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371644b-18076898244705c50282e0c1;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:27 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5hFnfiQW9lh7eMkBGqkHJAkMcokct21U6V7927YNiQTVLdU6Xph1lQ==
via: 1.1 f6fac6150e74e246a088cfa5c1ab6452.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:33:59 GMT
age: 4742
etag: "e2803d3c0c7dfe4c052b3159f2d54cc66a379d5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ae99eef-8784-4c1a-8c91-bd4ef21987a2.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ae99eef-8784-4c1a-8c91-bd4ef21987a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4ac79607215beb845b6e7bf1e92506b
d4ac19f0373649804e9747b30552897a453db42d
ec4691a0573471e50dce4bd5db454dcd0498939aa6d1d9d39a1221ad01578a45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ae99eef-8784-4c1a-8c91-bd4ef21987a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7632
x-amzn-requestid: 2b3de800-a50f-4872-8a7c-54ec33923739
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjzJYFCdIAMFmLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371656f-1ee2b3f21d22619e3381e1a4;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:45:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Dr0oeNxvib4qjo6CAg6YPyXkypbU5eF6GLLK1mN3jJer6G22pE8jLQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:01:14 GMT
age: 6707
etag: "d4ac19f0373649804e9747b30552897a453db42d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e07f52c-038a-455c-999e-d73d0eb46026.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e07f52c-038a-455c-999e-d73d0eb46026.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 558f53737293f89e6ac57744a92fa0af
f943dc15ce5f4b1810d81cb35d03e8961b990abb
33a031ace07e6918493684847ba4b4596ce8cfcd3740d62cc8cc85021f3788e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e07f52c-038a-455c-999e-d73d0eb46026.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7362
x-amzn-requestid: eee8797a-33b0-43a5-9ea6-d5678b166289
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ3beEiPoAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6c49-48ad19f870be15bd639da9f6;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:25:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NEcQPx96kXLJqkXtFVFDQSNk7fwKILrF74unksphlcSHRbfbdNyLiQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:56:20 GMT
age: 3401
etag: "f943dc15ce5f4b1810d81cb35d03e8961b990abb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfc7286992b2cebdf1ebb58f85576e61
a49a1bf9716e32979810931d04d1f84216d096c1
7c5288d4ae39202e00c7fd482faa10b5610d31edf0bba9fc69fa4fc1f422b837
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7494
x-amzn-requestid: b07e424a-c11e-442f-8636-e0670cb6f864
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8heGBtoAMFYQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-7dcda14e5077563d726752ae;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VXu3wEUmBJjK6YiXRFYVAuZ3h-ApKkvK1miRBXpo6faKsx8OOXu0JQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 03:43:34 GMT
age: 72567
etag: "a49a1bf9716e32979810931d04d1f84216d096c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ubqvgLaJlGIxyJC1KBJP4ncx_2ltXS0C5dLGddjtbkt6pJmX84_VAg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:54:01 GMT
age: 7140
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash af222a1ae993b9a54250fa3f41c0aa62
324662596fd3a44ab44a3eaf7aca47c29ad6cc99
8461a17b95a824f7366284ef054c4c148a7fea7c2da1d92af05b15b8a0ba1647
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133323
Date: Sun, 13 Nov 2022 23:53:01 GMT
Etag: "6370e928-1d7"
Expires: Tue, 15 Nov 2022 12:55:04 GMT
Last-Modified: Sun, 13 Nov 2022 12:55:04 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: EsZi4dQd0jgylmvW7BZ05Y9oSvV51XvqthxEsLe-KE7l7CU0qrjEVg==
feed.us.adrunnr.com/11/?id=4d97d9d4-63ae-11ed-85eb-dba080deddf7
44.198.231.1307 Temporary Redirect 0 B URL HTTP/2 feed.us.adrunnr.com/11/?id=4d97d9d4-63ae-11ed-85eb-dba080deddf7
IP 44.198.231.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11/?id=4d97d9d4-63ae-11ed-85eb-dba080deddf7 HTTP/1.1
Host: feed.us.adrunnr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Sun, 13 Nov 2022 23:53:01 GMT
content-length: 0
location: https://trk.suprclicks.com/82464d51-0c69-45bf-8f1f-a7e73c8a358d?pid=a2c9f98a&cost=0.0025&browser=Firefox&carrier=&cid=4d97b2dc-63ae-11ed-ab17-9b815481a677
set-cookie: __sess=4eae7a08-63ae-11ed-85eb-71d2df976072; Expires=Thu, 01 Jan 2099 00:00:00 GMT; Domain=adrunnr.com; Secure; SameSite=None
X-Firefox-Spdy: h2
trk.suprclicks.com/82464d51-0c69-45bf-8f1f-a7e73c8a358d?pid=a2c9f98a&cost=0.0025&browser=Firefox&carrier=&cid=4d97b2dc-63ae-11ed-ab17-9b815481a677
18.158.88.249302 Found 0 B URL HTTP/2 trk.suprclicks.com/82464d51-0c69-45bf-8f1f-a7e73c8a358d?pid=a2c9f98a&cost=0.0025&browser=Firefox&carrier=&cid=4d97b2dc-63ae-11ed-ab17-9b815481a677
IP 18.158.88.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /82464d51-0c69-45bf-8f1f-a7e73c8a358d?pid=a2c9f98a&cost=0.0025&browser=Firefox&carrier=&cid=4d97b2dc-63ae-11ed-ab17-9b815481a677 HTTP/1.1
Host: trk.suprclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 13 Nov 2022 23:53:01 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/1/?payload=wnnqoped4k98svekipbm1p5m
pragma: no-cache
set-cookie: 82464d51-0c69-45bf-8f1f-a7e73c8a358d-v4=ybB7mnRUsrT3RG0qdCRm3lLpkhHueDMA6hjjZm9Yo1c; Max-Age=86400; Expires=Mon, 14-Nov-2022 23:53:01 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=D%2Bo8aARssv%2Br9pUXBPnwOXRNMmZN0gvYFuW5gpv3yD0ZcQVbNkCi2xTs0ovYpWDd8ZHiPxQJbjzd9gy37%2Bp9dkM1fhJNOCTNEjDpZgdn3Cj7ytzND0EqoYvHjYFhxKNMIMcR6UAQFQXmuokcdwKi4Q%3D%3D; Max-Age=31536000; Expires=Mon, 13-Nov-2023 23:53:01 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 994fc4571f5364c5a3588695423d9402
6171593d527ab16542da6c54048eb2616f23a89e
bf543854155130293c6b444756a47a1ca794dfb7d25dfdf0e1cb57d34a936f65
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6427
Cache-Control: max-age=103372
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:01 GMT
Etag: "63705b0f-118"
Expires: Tue, 15 Nov 2022 04:35:53 GMT
Last-Modified: Sun, 13 Nov 2022 02:48:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6342d6c53ace9804c97851185fe58adc
d0f73474a6cf5335a92f4faf8149eb3d4085fea0
cd33b2bb49cb60881b20fce7025791bb7a7f6e762cdcf098cf05bb1f5e4ede6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=123252
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:01 GMT
Etag: "6370c1d1-116"
Expires: Tue, 15 Nov 2022 10:07:13 GMT
Last-Modified: Sun, 13 Nov 2022 10:07:13 GMT
Server: nginx
Content-Length: 278
insider.rizk.com/no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg
104.18.21.91200 OK 130 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 130 kB (130425 bytes)
Hash 794572b9bff04e9c10cd69d8edbd3355
c9dbef9c4e0eabb549c756b63f711c866ba08995
230a06f7ebfa76f4c7b52f4ec0e3e42dacf8ae62362b632f4d88c4715f22f8cc
GET /no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 130425
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=138146, status=webp_bigger
etag: "5ce50804-21ba2"
expires: Sat, 31 Dec 2022 17:47:38 GMT
last-modified: Wed, 22 May 2019 08:27:48 GMT
cf-cache-status: HIT
age: 1058724
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae4f81b500-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4e7f4711aba0859d6a9ead3f434c35c5
459b91573074387ebdfdcda9e7e0d9f5f5aa78dd
fd8fe2ecc14d30057a77f66e98e6a6ed4da7341fbe35da9e34dcfb20bef64350
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1528
Cache-Control: max-age=142048
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:02 GMT
Etag: "63710546-117"
Expires: Tue, 15 Nov 2022 15:20:30 GMT
Last-Modified: Sun, 13 Nov 2022 14:55:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
104.18.21.91200 OK 125 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 125 kB (125078 bytes)
Hash 72f2e83e609637b33061f935cea88b62
bc74db10f461af183eeae38ff48ebfb4ea4a0f87
09cad8ab2b9365e3412d2877a35b31167b68bf8a2f28ab33fd3218661cd581a6
GET /no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 125078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128279, status=webp_bigger
etag: "5f855e98-1f517"
expires: Sat, 31 Dec 2022 17:46:42 GMT
last-modified: Tue, 13 Oct 2020 08:00:24 GMT
cf-cache-status: HIT
age: 1058780
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae6f9fb500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png
104.18.21.91200 OK 1.1 kB URL HTTP/2 insider.rizk.com/gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e97b23e842d4df6dfdd7fb049a87a26f
083cda549ea555b23a7b7aee461c0bc6a13070c0
d96df1d19452dbc92d39e276455f2f226b70daa7ca9ab52796be1247d677a689
GET /gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 1100
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5909
content-disposition: inline; filename="Rizk_avatar.webp"
etag: "5a37c146-1715"
expires: Tue, 27 Dec 2022 19:43:08 GMT
last-modified: Mon, 18 Dec 2017 13:23:18 GMT
vary: Accept
cf-cache-status: HIT
age: 976103
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae6f9eb500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg
104.18.21.91200 OK 211 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1031x580, components 3\012- data
Size 211 kB (210675 bytes)
Hash 0275594aa0da61a963b34c14cba7cda2
90ba5e1fc41183812108f7cdee35057e7d8d73ff
9a3c6eaedf96f97bf55bec6950624f26e9e07d49158f24f3e221a400f60ac8db
GET /no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 210675
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=219775, status=webp_bigger
etag: "5ee086d3-35a7f"
expires: Wed, 16 Nov 2022 17:24:45 GMT
last-modified: Wed, 10 Jun 2020 07:08:03 GMT
cf-cache-status: HIT
age: 4808011
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae6fa0b500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg
104.18.21.91200 OK 94 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b99510dc64dceb3317011b5a1dd14066
da97fa0b25758d0d5f35d762bb6e74665e4f4d50
0625ba3c4b37dbd008551eb7e6652a350735305fcf02f24ac2b57ec717f7a403
GET /no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 93626
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=122140
content-disposition: inline; filename="10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.webp"
etag: "5b962484-1dd1c"
expires: Sun, 08 Jan 2023 18:38:05 GMT
last-modified: Mon, 10 Sep 2018 08:00:04 GMT
vary: Accept
cf-cache-status: HIT
age: 271337
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae6fa2b500-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (21747)
Hash 1cdc786dd1264609f9834f4aba53e2ef
fff15e833ab27c356e7723dce3441e194b6350bf
70768bac474def6b0ed3e517083dd9c2f1ae3f0fe714ea550c406ce89906adc9
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: HNx4bdEmRgn5g09KulPi7w==
last-modified: Thu, 10 Nov 2022 22:15:45 GMT
etag: 0x8DAC3691D5A9489
x-ms-request-id: 69d9ff0c-501e-00cd-6162-f5bdae000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 79428
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 769b6cae6f76b4ed-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-no-tm.svg
104.18.21.91200 OK 237 kB URL HTTP/2 rizk.com/assets/img/rizk-logo-no-tm.svg
IP 104.18.21.91:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1498)
Size 237 kB (237365 bytes)
Hash 1214a88ea88bdaf516d5a0c8037fd884
ddfb9c98502f96fc40c182aa265237ca0de2dd21
2fad1284d6d1fdc5f6c83363229d4e6a700a41c41f433c31f9db075fa3e9277e
GET /assets/img/rizk-logo-no-tm.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/svg+xml
last-modified: Thu, 15 Sep 2022 07:49:59 GMT
etag: W/"6322d927-5db"
expires: Fri, 18 Nov 2022 07:13:30 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 3461806
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae3f7bb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
104.18.21.91200 OK 224 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 224 kB (223961 bytes)
Hash 06de96686a021bd5896038a67d8aa373
b6b2e5765cf5696bcd397e1b30fdc195011a40ba
684097549048af5e181aa8d430f60828a9dfb9067444dfa038a5555f1a1e991f
GET /no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 223961
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=233162, status=webp_bigger
etag: "5aeaee7e-38eca"
expires: Wed, 16 Nov 2022 15:04:59 GMT
last-modified: Thu, 03 May 2018 11:11:58 GMT
cf-cache-status: HIT
age: 4808010
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae7fa8b500-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/jewel_reward.svg
104.18.21.91200 OK 280 kB URL HTTP/2 rizk.com/assets/img/jewel_reward.svg
IP 104.18.21.91:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1914)
Size 280 kB (280448 bytes)
Hash 90ab850dad0cc5c2897b77bdefe489cb
0fc7be14e9bd4bc28286215a00b8a5f673e44f73
07814a12e0b1ffeabbe37b8eaebc18def808ce56440b137d127c883a5b412beb
GET /assets/img/jewel_reward.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/svg+xml
last-modified: Thu, 15 Sep 2022 07:49:59 GMT
etag: W/"6322d927-cdb"
expires: Fri, 18 Nov 2022 07:13:48 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 3459528
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae3f7cb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.typekit.net/jdw0csx.js
23.36.76.186200 OK 7.2 kB URL HTTP/2 use.typekit.net/jdw0csx.js
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (6501)
Hash 28429e05f83935c1fb93424ad783e8bb
36b7dd84e6948af59b101520baf8bf2838f6eb3c
6751313549b4090109dfebcaaf8c6512e50fb67c49bafb7542e7e5ebd752e75b
GET /jdw0csx.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 7248
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg
104.18.21.91200 OK 242 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 242 kB (241870 bytes)
Hash 4fb86378cf3ab83690aff25e4bcd84d8
09118e6252fe712f6841888008e11f9533544cf2
b7650624b1e7314d79f112351a8180776b6b2375443901135f01e92f9a60383b
GET /no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 241870
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=412787
content-disposition: inline; filename="rizk_zero2hero.webp"
etag: "57ad98e4-64c73"
expires: Sat, 31 Dec 2022 16:59:53 GMT
last-modified: Fri, 12 Aug 2016 09:37:40 GMT
vary: Accept
cf-cache-status: HIT
age: 973537
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae7fabb500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
104.18.21.91200 OK 174 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 174 kB (174360 bytes)
Hash 723b5a7e7cec506c95f571606f1b6de2
3444eeb2f4b3fea6d959b6a3eea42ee8e783862f
ecbfd5956d791f388ac85fe3411f9cb3ef982bbb3d4b1ad305928b194fc55ece
GET /no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 174360
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=384172
content-disposition: inline; filename="rizk_progressive_jackpot_no.webp"
etag: "579ef777-5dcac"
expires: Sat, 31 Dec 2022 16:27:47 GMT
last-modified: Mon, 01 Aug 2016 07:17:11 GMT
vary: Accept
cf-cache-status: HIT
age: 977995
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae7fb6b500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
104.18.21.91200 OK 200 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 200 kB (199509 bytes)
Hash b57e8271b267921cf7faa4db4d13c313
2f72cbdc71ad2376390a369a7459c2af19cdd3ab
1a2a86f45d3128fcc9b11912f20bf92ce49b2c502dfa996e2133120360678090
GET /no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 199509
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=209043, status=webp_bigger
etag: "5742ff10-33093"
expires: Fri, 18 Nov 2022 02:11:21 GMT
last-modified: Mon, 23 May 2016 13:01:04 GMT
cf-cache-status: HIT
age: 4808010
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae8fbbb500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
104.18.21.91200 OK 3.2 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d40515720b33d1eb7e5bae188a21575
d1503716353b57bb6d1e1ed256021b76e120b439
a33e4475fd94d712ffe38ffc48833281324421808415b90f004ae138a85745b4
GET /no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 3190
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=10475
content-disposition: inline; filename="insider_power_bar.webp"
etag: "568c79c7-28eb"
expires: Sat, 31 Dec 2022 16:27:47 GMT
last-modified: Wed, 06 Jan 2016 02:19:51 GMT
vary: Accept
cf-cache-status: HIT
age: 972813
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae8fbfb500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg
104.18.21.91200 OK 76 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e84e09b2755a7cb78cb96550af24897d
b684e3e4c1fce86f6e4a7f72780343d165cb4760
6ae096074523a6cb45488636c636733c10e35c0e0a27eca9b9d76155068e840b
GET /no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 76412
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=164109
content-disposition: inline; filename="rizk-casino-mobile.webp"
etag: "568c79fd-2810d"
expires: Thu, 15 Dec 2022 21:03:18 GMT
last-modified: Wed, 06 Jan 2016 02:20:45 GMT
vary: Accept
cf-cache-status: HIT
age: 2183493
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae8fc1b500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
104.18.21.91200 OK 163 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 163 kB (163416 bytes)
Hash fd99cab71c6ba9ffe54779befae48d7c
1c84255a3770befc78081b4ed050a29061517bb8
c950567cfa088b0934dc2462b23334ba5be74a3c75a388b7d03c6262c831a6b7
GET /no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 163416
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=411655
content-disposition: inline; filename="rizk_captains_cashback_insider.webp"
etag: "578ddbe4-64807"
expires: Sat, 31 Dec 2022 16:59:54 GMT
last-modified: Tue, 19 Jul 2016 07:51:00 GMT
vary: Accept
cf-cache-status: HIT
age: 976817
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae8fbcb500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
104.18.21.91200 OK 104 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 104 kB (104549 bytes)
Hash 034cc3ec5138ace96420bf5f92da763a
9a6a6cd46ed8c2855eced3a29bac948a96197d8c
4326a495eaf2973adf16b37976efe685ba6818c07f0e041b12a9ed2f81a7a687
GET /no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 104549
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=110109, status=webp_bigger
etag: "62b46fa1-1ae1d"
expires: Thu, 15 Dec 2022 21:03:18 GMT
last-modified: Thu, 23 Jun 2022 13:50:25 GMT
cf-cache-status: HIT
age: 2022601
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae9fd9b500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/11/RZ-10.11-Football-Dice-Early-Adopter-Promo-NO-1030x580.jpg
104.18.21.91200 OK 147 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/11/RZ-10.11-Football-Dice-Early-Adopter-Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 147 kB (147434 bytes)
Hash e306b3618cdcd231c6a4fc767041c63d
03b98e505e501427c3151dfa4110ab66b7b0f3d8
ce224c61eef203dbdfb43942d6eb3eaaad949251800910569d116cca99ceae24
GET /no/wp-content/uploads/sites/5/2022/11/RZ-10.11-Football-Dice-Early-Adopter-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 147434
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=154276, status=webp_bigger
etag: "636a33bf-25aa4"
expires: Sun, 08 Jan 2023 16:19:58 GMT
last-modified: Tue, 08 Nov 2022 10:47:27 GMT
cf-cache-status: HIT
age: 372783
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae9fdeb500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
104.18.21.91200 OK 117 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 117 kB (116891 bytes)
Hash 57d4e12acdf47787731bc06c9fd6112e
1cc607aba15378b7709324e209159b2057ae2066
530c063437bc59d01e044f2cbbd0ccf9e3ae47598818e1be7b8affa1cfa03577
GET /no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 116891
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=118194, status=webp_bigger
etag: "6318b35c-1cdb2"
expires: Thu, 22 Dec 2022 18:59:14 GMT
last-modified: Wed, 07 Sep 2022 15:06:04 GMT
cf-cache-status: HIT
age: 635407
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae9fdfb500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg
104.18.21.91200 OK 123 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 123 kB (123132 bytes)
Hash 341d6a23c5e812aeaf495248004ab7fc
4168e2e4296aa381667ff9c7dd811a63cb67cb6a
b381902f5d9b1b4fe648915947a9ac9432b06457926a35d27a1a1d733483621b
GET /no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 123132
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128662, status=webp_bigger
etag: "63120677-1f696"
expires: Tue, 20 Dec 2022 11:21:15 GMT
last-modified: Fri, 02 Sep 2022 13:34:47 GMT
cf-cache-status: HIT
age: 1073071
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae9fe0b500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/01/ZG-3665-CASINO-Spin-Mania-Level-up-Get-FS-Promo-CA-1-1030x580.jpg
104.18.21.91200 OK 88 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/01/ZG-3665-CASINO-Spin-Mania-Level-up-Get-FS-Promo-CA-1-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Hash 7ad5073d85b44689d4dcee7727ea1068
220eb3a3343a292350c9bbb38b400a935e789e01
c225333d3bc84993b30bc4904d292d68480055851b826222ae69cbbf14fb6dec
GET /no/wp-content/uploads/sites/5/2022/01/ZG-3665-CASINO-Spin-Mania-Level-up-Get-FS-Promo-CA-1-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 88280
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=90386, status=webp_bigger
etag: "61db0b02-16112"
expires: Mon, 09 Jan 2023 16:49:49 GMT
last-modified: Sun, 09 Jan 2022 16:19:14 GMT
cf-cache-status: HIT
age: 206238
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae9fe2b500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg
104.18.21.91200 OK 150 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 150 kB (149799 bytes)
Hash 9ebb7e0f0f489d3d8a3745f8febb5b15
ea1c8f36a0edf023eb6d39817b7df092f9f54763
dd1b3a8795857591e492cd5510da49c929e3e0e3ae5168b391a00628867f7cff
GET /no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 149799
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=155887, status=webp_bigger
etag: "620227ed-260ef"
expires: Sun, 13 Nov 2022 13:50:45 GMT
last-modified: Tue, 08 Feb 2022 08:21:01 GMT
cf-cache-status: HIT
age: 4808111
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6caeafeab500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg
104.18.21.91200 OK 194 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 194 kB (194157 bytes)
Hash 1cca37417fe863df82c0319381e01e1f
f8b0a8aab239568c0db450be1d6d7b445529e436
694d7c5a7ba696111b5c0db984c9f9121b97c2a1a4f37520bcd6a597252dacd7
GET /no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 194157
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=203250, status=webp_bigger
etag: "6202912a-319f2"
expires: Sat, 31 Dec 2022 17:46:42 GMT
last-modified: Tue, 08 Feb 2022 15:50:02 GMT
cf-cache-status: HIT
age: 1058780
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6caed812b500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
104.18.21.91200 OK 105 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 105 kB (104910 bytes)
Hash 68ef88c9f828a10d55a04133fe5658f3
1aac5886a146873fb39bacf53f76fd55c448bcae
8493ade7db211441aa7cee1689b27b1e5c084ec1a22898ce0443229d186d60e3
GET /no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 104910
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=109099, status=webp_bigger
etag: "56a8a1f4-1aa2b"
expires: Sun, 13 Nov 2022 13:50:45 GMT
last-modified: Wed, 27 Jan 2016 10:54:44 GMT
cf-cache-status: HIT
age: 4808111
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6caef82eb500-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
104.18.21.91200 OK 99 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Hash fc9c3d854084e790e9ceba940b916906
bbe5ab038437a76672dc65c87fcfd4d4a8f1033d
fe129e245e6ef9f8258b84ce83141faa532e5a2e81ed96065aaf7dbdfeee2db9
GET /no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/jpeg
content-length: 99225
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=103824, status=webp_bigger
etag: "56795660-19590"
expires: Tue, 29 Nov 2022 14:40:58 GMT
last-modified: Tue, 22 Dec 2015 13:55:44 GMT
cf-cache-status: HIT
age: 3451443
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6caef830b500-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 53dcce250edca86396f58db5664db861
605c86cb71ee8d5e48e06e08c72d1198af9a4694
b3bbc435eab0c1a22c5738252c7d7cd66cd7d7d64b86c02f6b5feec6d5cea7cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6433
Cache-Control: max-age=166754
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:02 GMT
Etag: "6371529f-118"
Expires: Tue, 15 Nov 2022 22:12:16 GMT
Last-Modified: Sun, 13 Nov 2022 20:25:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32025)
Hash 38a76bd9db7bcd61655d35a37046ad1d
b8aef4bba84d71000810736dd76f643a872ee15c
d4e1d1ccb31338384004beeef249ac102cbd298136b26dfe158ecb7bf4f62937
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 26646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1499c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 269185
expires: Fri, 03 Nov 2023 23:53:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPmYrsDszTsmhsW3tRMHeOVQhfS6T66I19hRbs9%2F89AGAKn0r%2BbFNKzuzqiySNwf6EIX%2BfhqXdg72dVRnYi%2FnNFBNjQw9ra1Vpg2EAq%2BsP%2BOwsS%2BEbdfN50cWjE1p2RmQOB9Jlzj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 769b6caf7d2cb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json
104.16.148.64200 OK 3.2 kB URL HTTP/2 cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (11675), with no line terminators
Hash 3b79a686818167922dfc6b001661b55a
94ea66c1b67195bb514427755595d985ad7319e8
985adf2ba0d8757e25ee00eb414c5809e7a3b8e1a802524f0ec182f245712c8c
GET /consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/x-javascript
content-length: 3159
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: O3mmhoGBZ5It/GsAFmG1Wg==
last-modified: Thu, 11 Aug 2022 10:39:48 GMT
etag: 0x8DA7B85D034938C
x-ms-request-id: 0a85c945-401e-0138-387c-addfea000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 78621
expires: Mon, 14 Nov 2022 23:53:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 769b6caf7b3ab50c-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fbe333d8160e45aad442fd419704337a
e1c41eabcce51f593a2a7c13c25f05e2ab144c1b
5e920d628d7461383462c4509ab734d1c2fbd0e604b7d58f876659bc3b46e2c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6306
Cache-Control: max-age=136405
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:02 GMT
Etag: "6370dc91-117"
Expires: Tue, 15 Nov 2022 13:46:27 GMT
Last-Modified: Sun, 13 Nov 2022 12:01:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
104.16.148.64200 OK 90 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (65455)
Hash 669fc272b6662bb850d92e9cfedf53a7
e573ee887b0ca01445457cc338f510c559a092f4
e77f0bfe908a1ee2181992bad85721333d192528c2a00aac42077549f7d377ba
GET /scripttemplates/6.39.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/javascript
content-length: 90454
content-encoding: gzip
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
etag: 0x8DA87805EB35DE2
x-ms-request-id: a98cb099-e01e-0171-4a83-b9ec8a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 79427
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 769b6cb038c4b4ed-OSL
X-Firefox-Spdy: h2
unpkg.com/yett@0.2.3/dist/yett.min.modern.js
104.16.126.175200 OK 19 kB URL HTTP/2 unpkg.com/yett@0.2.3/dist/yett.min.modern.js
IP 104.16.126.175:0
File type ASCII text, with very long lines (4157)
Hash 9ffde52bbf787e499d26bbf28b38c950
e137b9481079869f2b0a7fdfd0eb11849c3f4db4
80aca6c497c6e7c203f190e6dcc91ae2c7e1667fb69cfdd87bdffe72e260abbd
GET /yett@0.2.3/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"106a-F1kN/vqWtSduU82KJoxqMaLlX70"
via: 1.1 fly.io
fly-request-id: 01G53T04M04VGHTCMPW9JKYWMZ-fra
cf-cache-status: HIT
age: 13619497
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 769b6caefcec0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
104.16.148.64200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (11118)
Hash 5f1f3dee54d56068cc422c2e182af30c
307e86761b9ecbc0262af0358acfc0e0b95e7ea5
482ea2a9ca60ee6292211fcbfb5ea4b28ef501cd7be34899a43384c8f9a113e8
GET /scripttemplates/6.39.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/json
content-length: 3007
content-encoding: gzip
content-md5: Xx897lTVYGjMQiwuGCrzDA==
last-modified: Fri, 26 Aug 2022 16:30:55 GMT
etag: 0x8DA87805972EF22
x-ms-request-id: 77d93883-701e-0112-6b8a-b9aaaf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 78621
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 769b6cb0dc09b50c-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
104.16.148.64200 OK 14 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (51738)
Hash 3e961eb7fdc3f94310047addd52478f7
e653b0a0929096e9aaf34772f5839c6fc3f4da49
221064afa3bffb58aff4d7a036a9f5196c60ff0077e23453ca2aa7a1019be47a
GET /scripttemplates/6.39.0/assets/v2/otPcTab.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/json
content-length: 13981
content-encoding: gzip
content-md5: PpYet/3D+UMQBHrd1SR49w==
last-modified: Fri, 26 Aug 2022 16:30:58 GMT
etag: 0x8DA87805B3CBC97
x-ms-request-id: 8ef1e9a6-d01e-0150-2d8a-b981bb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 78856
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 769b6cb0dc0bb50c-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 16 kB URL HTTP/2 use.typekit.net/af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16488, version 1.0\012- data
Hash 77ee853d54976f653eae7f9bf3756b81
14479919cb6c4795e9681b0116d9b45878e59a27
a3824d6f1e6f3aaa29342418aa60106500897804becaa0305d29e6328c4fe999
GET /af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16488
etag: "4d3b0c26b9e19a72e0c7ed499882c33f6eb1f980"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 703
x-akamai-ssl-client-sid: sOQQtBZBGW4grpdJZkhuDA==
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
rizk.com/assets/images/04532da6-menu-icons-s.png
104.18.21.91200 OK 6.1 kB URL HTTP/2 rizk.com/assets/images/04532da6-menu-icons-s.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 42207df0d63f162c0e4628718aa606e1
f692963891ed031073bdcb796b9a7d8e67e454ea
d3ecbd89b841f3c0873ea22ffb3fc87b270ac5176cb2abc734874cf6441adba4
GET /assets/images/04532da6-menu-icons-s.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1668383582
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 6130
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=11277
content-disposition: inline; filename="04532da6-menu-icons-s.webp"
etag: "633e9749-2c0d"
expires: Wed, 07 Dec 2022 06:21:40 GMT
last-modified: Thu, 06 Oct 2022 08:52:25 GMT
vary: Accept
cf-cache-status: HIT
age: 2772952
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb17a12b500-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23908, version 1.0\012- data
Hash 081509e2766b8e53d3e9629517a5094c
81b9e67814e563e491f3b7ca83129910191d7429
e5212f6b941b7ec75f72829b00476a94f76ad97bd3cbd41000fafff883d93922
GET /af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23908
etag: "f071080bfe4e46008015da21150516f906ef2d5b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 1492
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
104.16.148.64200 OK 124 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
IP 104.16.148.64:0
Size 124 kB (124298 bytes)
Hash d4a1684b609159eb459314906a0715f7
24dc2f3ba728a58e1bfc6db049e44b85a06dc0e4
3b4467436bb350a3f622c0cf5c4e6fc2caddbe5e0980c7d00d2d34377ef1722e
GET /scripttemplates/6.39.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: text/css
content-md5: B55i3ZY9miZIaUrwjufy0w==
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
x-ms-request-id: b3ac1c65-001e-0030-378a-b982cc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 78621
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 769b6cb0dc0db50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 28236, version 1.0\012- data
Hash 4b65d6cda48fa321ba802818f81ba7e5
fe1c677b815b4cb9eeb861916acc1c7155aa5760
5ba8e72d5af3c0cc39c4e804d2ed9478399ff2af3697707c30bd929613c2c2b5
GET /af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 28236
etag: "0e16f9f570445a3af398ac3254132299060fa940"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 485
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 26936, version 1.0\012- data
Hash f12d00a94108d5711ea7d06f09e5c68d
ea0d3da174d13daa20a5a874dd9e2f505a407f9e
cc2543e733021a267b439eb74704905ef328ce55a7ca95aed93e7193b930fe01
GET /af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26936
etag: "fe7fdcb6d53c12b4d0552a6bc637b554f3517dd0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-check-cacheable: YES
x-serial: 1126
x-akamai-ssl-client-sid: 8gqwq4IzJl07NBWNV5EMWA==
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23872, version 1.0\012- data
Hash a27b9659dc0abd423cf8ef68b3b5f090
c6e53b9fa38a64f79de589330ada752e508e1d79
8856e4523739253fa932474ea1297a4bde5154aba949eb0bf526e33a416f80ef
GET /af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23872
etag: "3e9f0bc1bba61dac43bde99f04314859477ffd8d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 908
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27036, version 1.0\012- data
Hash 4b420ce7adfa2d14176827c218589866
c1207ab86cedc1b975be5c32b9d4f795facf1c86
02e354581457b68fd0f38d82f91fc66da60f461348815a478ee777b8e59317f6
GET /af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27036
etag: "aeb323a44d7429e94b480beeda936a742b20393f"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 1759
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/locale-flags-small.png
104.18.21.91200 OK 6.9 kB URL HTTP/2 rizk.com/assets/img/flags/locale-flags-small.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash aff234d24ae8f30ef0b8b988ba092a5b
cb77f448abd456dd241c054883a8b1fd893c48e2
48b76650a2251a714e0241dc423f371033cda0fe789881cb9f690915a9be9919
GET /assets/img/flags/locale-flags-small.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1668383582
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 6942
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=16785
content-disposition: inline; filename="locale-flags-small.webp"
etag: "633e96bc-4191"
expires: Tue, 06 Dec 2022 06:32:08 GMT
last-modified: Thu, 06 Oct 2022 08:50:04 GMT
vary: Accept
cf-cache-status: HIT
age: 2775426
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb19a33b500-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 141 kB URL HTTP/2 use.typekit.net/af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 140860, version 1.0\012- data
Size 141 kB (140860 bytes)
Hash 6bfaf65a2c550ba5bfe4af17a108b036
f580547cca47791a9bc16d97d3b1a6d9ba7ff1ee
d872a3dcfd2d278eee0ed07ce8ceecff0c5ee30cef33aa92a1224bda28888dec
GET /af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 140860
etag: "bf19a0104a0de96dfd0edb2276eadec4d02bf248"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 1207
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 141 kB URL HTTP/2 use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 141220, version 1.0\012- data
Size 141 kB (141220 bytes)
Hash 9f122ab64b701b87597137ad1fa662b4
c4fee49ffd9edf8123742b60f0aa0a905f2e96b9
e1506e1413472be6886a35777303ede29d4a113f2dbc71af9806395e47de87e7
GET /af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 141220
etag: "9c467641a743d4e8fda4fd28f2eebdc227275260"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 656
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 121 kB URL HTTP/2 use.typekit.net/af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 121276, version 1.0\012- data
Size 121 kB (121276 bytes)
Hash 93a15a2450f801f4a3fe29b883366d36
3b1b4a1e3b64de56da974d3b2d40c1072d33d746
980203ee1e65591546aa6e163eea6f6e0bffdf15a4a8c442ac5ea6b4bbdd1be5
GET /af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 121276
etag: "db81c212189c4bd156df357725724066ea88d6f4"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 1910
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
rizk.com/assets/css/base.css?1668383582
104.18.21.91200 OK 99 kB URL HTTP/2 rizk.com/assets/css/base.css?1668383582
IP 104.18.21.91:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4ecd73fe7f62c28f86787281a194ab47
817f47aacf927d11096b9b99fa447256bd113846
c724945e357dd69446d25bc48497a90b002cff79cd79f6dba3e589c7ab6dcc52
GET /assets/css/base.css?1668383582 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 14:29:29 GMT
etag: W/"636521c9-51643"
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cae3f77b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 25 kB URL HTTP/2 use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24944, version 1.0\012- data
Hash 4db1a622a8ec326f0b65e39dd2147c3c
6f554080b360e101d1c4c0872559a5770620eb99
125ac250cf3b6bf24697c353ee5db63ffd8eecef03ddf43ed1ade4450ae5d11e
GET /af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24944
etag: "b1fff3be18990092dac37cd165ff020dcdec4dcd"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 320
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/1/?payload=wnnqoped4k98svekipbm1p5m
104.18.189.136301 Moved Permanently 16 kB URL HTTP/2 record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/1/?payload=wnnqoped4k98svekipbm1p5m
IP 104.18.189.136:0
Hash e558daf9a38e67b42bab5c02ce654739
375c4e45ec074ce38a48bc4f04a4eb96b754da57
5d632ba5dbbb1e8a670e463b9b493a632f9e08b66b9eb2371e6c9729f08e6aff
GET /_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/1/?payload=wnnqoped4k98svekipbm1p5m HTTP/1.1
Host: record.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sun, 13 Nov 2022 23:53:01 GMT
content-type: text/html; charset=utf-8
location: https://rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
cache-control: private, no-cache, must-revalidate, Cache-Control: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
set-cookie: VID1=KiwzNFYsMyRRLCNEUSwwYGAKYAo%3D; expires=Mon, 13-Nov-2023 23:53:01 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; expires=Mon, 13-Nov-2023 23:53:01 GMT; Max-Age=31536000; path=/; domain=.rizk.com; secure; HttpOnly; SameSite=None
PartnerId=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; expires=Tue, 13-Dec-2022 23:53:01 GMT; Max-Age=2592000; path=/; SameSite=Lax
marketingproduct=Casino; expires=Tue, 13-Dec-2022 23:53:01 GMT; Max-Age=2592000; path=/; domain=.rizk.com; SameSite=Lax
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b6ca90f11b50b-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24416, version 1.0\012- data
Hash 942518d5490873c5b04873d49668920d
567714dda462382b7f8744a2ef5fed11e095ff8d
1e7e73097a1cb1eb21133807422bbecd3f09a91d8f3fc4e6dbe9a654496b64ea
GET /af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24416
etag: "362038376e4edfd49eadab55e78eb8c8fad75576"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 1726
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/Hjelpelinjen.png
104.18.21.91200 OK 26 kB URL HTTP/2 rizk.com/assets/img/footer/Hjelpelinjen.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2600acad4fa18b407caa42d12eceef0f
809b9de6ef5c469787ca4a199f737ec0e8d73db5
b5e78ae78e39f47d3acae58ce941aa17ec4620957654948039793460256d03f2
GET /assets/img/footer/Hjelpelinjen.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1668383582
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 25908
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=61976
content-disposition: inline; filename="Hjelpelinjen.webp"
etag: "63466bfb-f218"
expires: Sun, 11 Dec 2022 21:14:15 GMT
last-modified: Wed, 12 Oct 2022 07:25:47 GMT
vary: Accept
cf-cache-status: HIT
age: 2773317
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb19a36b500-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos-colors7.png
104.18.21.91200 OK 58 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos-colors7.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4c32f77e9a14e0a54b66e8d080453ec4
d03dc738e508cc3ec37e8392798cb8016b74b001
44dc7e07e130115f21531d48bec53e94b5d85b4e429156a849dafea08de050bf
GET /assets/img/footer/footer-logos-colors7.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1668383582
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/webp
content-length: 57746
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=71763
content-disposition: inline; filename="footer-logos-colors7.webp"
etag: "632c26bb-11853"
expires: Fri, 25 Nov 2022 09:51:44 GMT
last-modified: Thu, 22 Sep 2022 09:11:23 GMT
vary: Accept
cf-cache-status: HIT
age: 1539362
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb19a35b500-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27328, version 1.0\012- data
Hash fe70ae94ddc6f65b13db6a45e89352ae
8d413902aaba44dd5ce275bd78ad959e8de5ece1
007a6041b879f4840186d37bf62cb24354dc0257b1ce663d315c8778e9746fc4
GET /af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27328
etag: "1f5ee00caffae153bc4e97ee7fc744982328dae1"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 1291
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 16 kB URL HTTP/2 use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16028, version 1.0\012- data
Hash 0dd4d271ed7ee5c0273e79583ddf8d3e
796801d9390b8253bc98890f8ed5430f58967874
dda79dbffad3c2454d4b8f1560f357ecd9879ec9400a8d732cd6943b28572d66
GET /af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16028
etag: "09f0318a3a474a88e125155447b116ce923c5e58"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 1023
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26656, version 1.0\012- data
Hash 843379cf54b236ae4934db29570421f7
1ecfe53a9b021d8cfbdedd77b995a7f6f13f32b6
46f2ac0d9703243c85b6ad1b9f8ce05ce5a2a9d7adaf550fbfa061ecbf093e53
GET /af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26656
etag: "de5daa0372d6be1d2b0ba0e28b1c2c00515f2fce"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 1494
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos3.png
104.18.21.91200 OK 30 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos3.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 48a08c09c46d6f34a8d4ce96d04a4b9b
254d07cb7d21be300c307b894f76c7d45fe75003
e19259f9cf814a36580db7848e50524148a204b46a6bcc0fbf41898a791b99bf
GET /assets/img/footer/footer-logos3.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1668383582
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: image/webp
content-length: 30076
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=63052
content-disposition: inline; filename="footer-logos3.webp"
etag: "63466bfb-f64c"
expires: Sun, 11 Dec 2022 20:18:17 GMT
last-modified: Wed, 12 Oct 2022 07:25:47 GMT
vary: Accept
cf-cache-status: HIT
age: 2182887
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb1ba46b500-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27684, version 1.0\012- data
Hash 962b0ccdf6555a8b81741bb83f696949
deed4a3bd9835c6fa5fdf47f511874a5f4116b9d
9cfaeffef650a761e27f14dec12810366a0bd679027c13015f95dccf9611e463
GET /af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27684
etag: "e2094b44e42b94d755331c3ee7b8c732b4c5882e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 1777
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27716, version 1.0\012- data
Hash aae09c973c0e8c1a2ece8d4922e4c72b
d35720d96434aeb1ce0be89a1e817bdd94774a09
07919fde0a59ac04f7fafd0e4a2c510822688affe0e011c996aff25025c7bc7f
GET /af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27716
etag: "8c57889473eaf8566c3bde8fd1b284dadb35fe4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-serial: 485
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:02 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26668, version 1.0\012- data
Hash f3c582e5ca61298fe63dd09a8c9323f0
8561b44c4a4bc035cbf0c533d9bcfb83edc5a8b5
abb1e2fb045dd6b00673ffa1bc1a51b754e05691c69aa54d9b712b3ccbb7fc96
GET /af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26668
etag: "116e12f7283140ad38d72901d816fba7ce41690e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-check-cacheable: YES
x-serial: 1868
x-akamai-ssl-client-sid: PuT1oxgzAM/a8Zag57qtsg==
x-akamai-pragma-client-ip: 23.36.76.182, 23.36.76.182
date: Sun, 13 Nov 2022 23:53:03 GMT
X-Firefox-Spdy: h2
rizk.com/assets/fonts/rizk-icons-font.ttf
104.18.21.91200 OK 7.3 kB URL HTTP/2 rizk.com/assets/fonts/rizk-icons-font.ttf
IP 104.18.21.91:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash e430bba6922f67c139ea3cc3da148146
1403eafe8c68c8822be1253dda00fe96c368d628
0b0beeeb28012258a5016cb95f982a34d443ecd1fae612d579ea5a37d2f085ad
GET /assets/fonts/rizk-icons-font.ttf HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1668383582
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: application/octet-stream
content-length: 7264
last-modified: Thu, 15 Sep 2022 07:52:24 GMT
etag: "6322d9b8-1c60"
expires: Fri, 18 Nov 2022 07:15:19 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 3461438
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb1fa82b500-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/favicon/favicon-16x16.png
104.18.21.91200 OK 352 B URL HTTP/2 rizk.com/assets/img/favicon/favicon-16x16.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 25a53aaffe9a3246411deb3361d57d32
1d5249c888910c27a6125c0d92dd60d2377738c0
9ca4b1fb97777d6c5b3fbe165f2734e3b38525d586828c526ad7bfa91bab2238
GET /assets/img/favicon/favicon-16x16.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: image/webp
content-length: 352
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=571
content-disposition: inline; filename="favicon-16x16.webp"
etag: "6365210c-23b"
expires: Mon, 09 Jan 2023 21:34:43 GMT
last-modified: Fri, 04 Nov 2022 14:26:20 GMT
vary: Accept
cf-cache-status: HIT
age: 267500
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb25bc4b500-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/favicon/android-icon-192x192.png
104.18.21.91200 OK 3.1 kB URL HTTP/2 rizk.com/assets/img/favicon/android-icon-192x192.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 314c2b722ec91013441562d73c4d8fb3
f7dbb17a8708cb7801ae1e4d449389ec10e7dc81
baced404c8a57e0d0d4f17d00a2850352b98e90a343681b1fea15f263385c82a
GET /assets/img/favicon/android-icon-192x192.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: image/webp
content-length: 3082
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=4135
content-disposition: inline; filename="android-icon-192x192.webp"
etag: "635a4ced-1027"
expires: Sun, 01 Jan 2023 17:50:00 GMT
last-modified: Thu, 27 Oct 2022 09:18:37 GMT
vary: Accept
cf-cache-status: HIT
age: 272279
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb25bc1b500-OSL
X-Firefox-Spdy: h2
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js
18.244.141.47200 OK 27 kB URL HTTP/1.1 d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js
IP 18.244.141.47:0
File type ASCII text, with very long lines (32806)
Hash fa979f12aafaca9dfc3c01fdb35f2c8a
b2e14da49f38a08294f14376d61dc9b011727f6b
88f23962aff99d99d3d6603b7cc1e6bea1bc37b56c49f1db68f62b19a51f15f5
GET /integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js HTTP/1.1
Host: d2yyd1h5u9mauk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 13 Nov 2022 23:51:47 GMT
Status: 200 OK
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-UA-Compatible: IE=Edge,chrome=1
Cache-Control: max-age=120, public
Content-Security-Policy: default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://*.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
X-Request-Id: b945d3b293e30e01035eaf047db188a7
X-Runtime: 0.044862
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 06b0ae3f7e31c86dd483b6af7dc0cc98.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P7
X-Amz-Cf-Id: IUJSgEIOHJoUrIG7G5GH1MGIjXS2mkWf2U1PYBy2D-BgleK3keXgsg==
Age: 76
p.typekit.net/p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1668383581766
23.36.76.186200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1668383581766
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1668383581766 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Sun, 13 Nov 2022 23:53:03 GMT
X-Firefox-Spdy: h2
rizk.com/assets/js/mustache.b0cf7596.js
104.18.21.91200 OK 6.9 kB URL HTTP/2 rizk.com/assets/js/mustache.b0cf7596.js
IP 104.18.21.91:0
File type ASCII text, with very long lines (6358)
Hash d809bfe46c40814dd7e1899f0d7ed701
34def3fb2b7446f355d692db5efb433724412062
01f84204985d705dcca4ec3de90dec36eb1606bad4d057dfd2e411183603d82b
GET /assets/js/mustache.b0cf7596.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:29:29 GMT
etag: W/"636521c9-19b7"
cf-cache-status: HIT
age: 724
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb35c7ab500-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d6dcd32d23f1840e1ed591b30b098bb6
98defcbcd3ae6d45e12b7ed0a55d7d32da675289
f7a78d0502af553972a836a0deb4a0239a3506fcf962f23f58c73fbb84c2313b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1fba1f16f8ef316239c989f535f21664
d36549605365740b90ed3d2443b202d2b8b2002c
c5a6062e9751e369fd78a059ce617ebe1e91f215a40a6ce972a1f552ed800b54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4957
Cache-Control: max-age=120306
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:03 GMT
Etag: "6370a2f4-117"
Expires: Tue, 15 Nov 2022 09:18:09 GMT
Last-Modified: Sun, 13 Nov 2022 07:55:32 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtm.js?id=GTM-WVXWPTQ
142.250.74.168200 OK 103 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WVXWPTQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (38706)
Size 103 kB (102828 bytes)
Hash e01d7d375b3dee1d8e7bf95aeb4d86d4
b1c4e286448a9b6f7be87592f3b8818ca9bb8259
d722d0e101d49b26c7319d4999d2d15186c9752c7ea3d80b9f6eae54682faad9
GET /gtm.js?id=GTM-WVXWPTQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 13 Nov 2022 23:53:03 GMT
expires: Sun, 13 Nov 2022 23:53:03 GMT
cache-control: private, max-age=900
last-modified: Sun, 13 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102828
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d6dcd32d23f1840e1ed591b30b098bb6
98defcbcd3ae6d45e12b7ed0a55d7d32da675289
f7a78d0502af553972a836a0deb4a0239a3506fcf962f23f58c73fbb84c2313b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 819961d31d0a2ca2fd3e24ff3bbfc0d3
633bfc91f5bf36261fbe5e844dd5a12176337646
873641f606de905080d439dc80c6d1e2c12a6fa6c67d4968a30f8e716585fc6c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "873641F606DE905080D439DC80C6D1E2C12A6FA6C67D4968A30F8E716585FC6C"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19808
Expires: Mon, 14 Nov 2022 05:23:11 GMT
Date: Sun, 13 Nov 2022 23:53:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 56e091e92db77dece5a187b87c72a21e
08b9a874adcbea7b490b32b532e46c3a92be04b0
35992d5ff819680536bfe47bcae79a08536a8c98f032fd57e544f89197533c4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5906
Cache-Control: max-age=140655
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:03 GMT
Etag: "6370eebc-117"
Expires: Tue, 15 Nov 2022 14:57:18 GMT
Last-Modified: Sun, 13 Nov 2022 13:18:52 GMT
Server: ECS (amb/6BB4)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3b8bbd3d57266adbd9be915ec7ec097e
fc20477dcd8466ee9627c1742972c24984213aee
cb8037aa4cbf5cf8b34737e3cc94b5839c325eb761c69c493ff28b86f82f8c98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3846
Cache-Control: max-age=161973
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:03 GMT
Etag: "63714a0e-1d7"
Expires: Tue, 15 Nov 2022 20:52:36 GMT
Last-Modified: Sun, 13 Nov 2022 19:48:30 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
23.36.79.43200 OK 37 kB URL HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (62459)
Hash f258aaeb9fa153036eed918a029b476e
16a86ce25550a5493a60626b368bc67352e9494e
e1f3156e9563928e7d9057e211adca50e58beb5989e7273aefcf122522535ac6
GET /dist/tag-manager.js?id=STM-AAAAKR HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: bkBH6iDADoEEMDA=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37020
date: Sun, 13 Nov 2022 23:53:03 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 819961d31d0a2ca2fd3e24ff3bbfc0d3
633bfc91f5bf36261fbe5e844dd5a12176337646
873641f606de905080d439dc80c6d1e2c12a6fa6c67d4968a30f8e716585fc6c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "873641F606DE905080D439DC80C6D1E2C12A6FA6C67D4968A30F8E716585FC6C"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19808
Expires: Mon, 14 Nov 2022 05:23:11 GMT
Date: Sun, 13 Nov 2022 23:53:03 GMT
Connection: keep-alive
c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
37.157.3.30302 Found 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving/cookie/match?party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 13 Nov 2022 23:53:03 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Tue, 13 Dec 2022 14:31:20 GMT; domain=adform.net; path=/
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
99.84.0.246200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 99.84.0.246:0
File type ASCII text, with very long lines (27626), with no line terminators
Hash 035ae7d8997231fd2bf263fda3301a2e
5bb59971bb5b00c731b1b6d63ff62d3d15ed3e01
3d692a6509f8e07ecd55a04baeb315df58e4fd15fc92182889d3de5c25e58e60
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11952
server: CloudFront
date: Sun, 13 Nov 2022 23:53:03 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Mon, 14 Nov 2022 23:44:01 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 8539a9444fdb758c7be5c4643e65a12e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C2
x-amz-cf-id: SB0fUuwOBZAV8bAestd-c17F0x6COH22-zq1l3lOmfidnR0niPd94A==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f72adf4bb751ba2b295112014a6aa51f
fb497ba154c0846e6cd90800ff7761177ce07bc4
96174b055d7777303282877eb0aa0b48d478c1f839637219e35a37454dd47641
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5071
Cache-Control: max-age=109569
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:03 GMT
Etag: "63707891-117"
Expires: Tue, 15 Nov 2022 06:19:12 GMT
Last-Modified: Sun, 13 Nov 2022 04:54:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash c997cb0e864497d619cc3edc6db4cbc3
2179a07c7b111eff141563d87acd9bc5381b83fc
964209a44391466e6944207657ef357b91928798d7000d553db170ce2d04cfb0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142819
Date: Sun, 13 Nov 2022 23:53:03 GMT
Etag: "6370f5d1-1d7"
Expires: Tue, 15 Nov 2022 15:33:22 GMT
Last-Modified: Sun, 13 Nov 2022 13:49:05 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 7JUZblVbJ3k4grOu-W1ZHtZ6rfzTtw2XMI-YM7_cZrgT5hOFc7H-Ow==
Age: 6257
tracker.ads.sportradar.com/dist/tracker.js
23.36.79.43200 OK 12 kB URL HTTP/2 tracker.ads.sportradar.com/dist/tracker.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (34755)
Hash b34b13d85152f71b7fd15289c78c0583
0bb20191b022bbd0e75f2bbce7f6332886079c2c
7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: EeWcXnw5b_WQBVyQkN3hrtHVebmMaThQpW2F37a44gAqhmPt6qbVZA==
vary: Accept-Encoding
content-encoding: gzip
content-length: 11553
date: Sun, 13 Nov 2022 23:53:03 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
carma-scripts-cf.s3.amazonaws.com/roi.js
52.219.171.87200 OK 3.7 kB URL HTTP/1.1 carma-scripts-cf.s3.amazonaws.com/roi.js
IP 52.219.171.87:0
File type ASCII text, with CRLF line terminators
Hash 04cb6a245b3c82cab89108b117a879e4
7470d1ea561f19a331558ebc901eb3d214dfbea4
061840fb42ac4bf71ce18b139324b7d4a89ce7bc08cee4696649ea4b892fa8b7
GET /roi.js HTTP/1.1
Host: carma-scripts-cf.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: p8jzoLpOlEIXyKZR0hXWe52DOaNNU6Y1AuV6MfpoWtmAw5jETrIFFR0HUKLnxdu6grdNPA8v74M=
x-amz-request-id: QF5NC0RR21E3R2NP
Date: Sun, 13 Nov 2022 23:53:04 GMT
Last-Modified: Mon, 15 Feb 2021 12:30:52 GMT
ETag: "04cb6a245b3c82cab89108b117a879e4"
x-amz-meta-sha256: 061840fb42ac4bf71ce18b139324b7d4a89ce7bc08cee4696649ea4b892fa8b7
x-amz-meta-s3b-last-modified: 20210215T122739Z
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 3737
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3bafdffb4848e3e73938309d5c96e282
9d5b5c6c62a566a417ec5da22b474517f1e075f1
0af65d8e8caed5f1e19cc73f8df41430d6c24b25d2ebe51c0c96c939ea80ade1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1619
Cache-Control: max-age=112984
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:03 GMT
Etag: "63709364-1d7"
Expires: Tue, 15 Nov 2022 07:16:07 GMT
Last-Modified: Sun, 13 Nov 2022 06:49:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
tracker.ads.sportradar.com/dist//sp-2.14.0.js
23.36.79.43200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: rwLFuH76gyBuOOKfMU6fioIQYlVlN4USMSMuK47JehscNYA176w4qg==
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 13 Nov 2022 23:53:03 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3bafdffb4848e3e73938309d5c96e282
9d5b5c6c62a566a417ec5da22b474517f1e075f1
0af65d8e8caed5f1e19cc73f8df41430d6c24b25d2ebe51c0c96c939ea80ade1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3996
Cache-Control: max-age=115361
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:03 GMT
Etag: "63709364-1d7"
Expires: Tue, 15 Nov 2022 07:55:44 GMT
Last-Modified: Sun, 13 Nov 2022 06:49:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.170.188200 OK 644 B URL HTTP/2 cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.170.188:0
File type ASCII text, with very long lines (551)
Hash 3ed756bdeb835b0b5210bbf3c30f6d13
f830ffe2dbf2be692eda6eaee796e79deb541e93
9ea705dbaa6f3e44c137817394f3c9be8c67f8ab88cd88ba12de229ea5e4767d
GET /resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=3650
content-md5: 9U0JZZEfvIjj+rfzna0fNA==
etag: W/"0x8D7A4C7B64A6317"
last-modified: Wed, 29 Jan 2020 14:29:55 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 1b1234c4-701e-0091-595e-a55502000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 188
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b6cb5cdb80b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.170.188200 OK 1.4 kB URL HTTP/2 cdn.bannerflow.com/resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.170.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Hash 47ba41e9696f2f80be4e6984788f78db
4fc74bfe25322c42c4e4f4307b7acd2422bb9729
e87497bb80a130fac7deb92551ecf903cdfc06d72556e0e0351cbfffa2841a01
GET /resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: text/html
content-md5: qRcQewUQpBCpHWX0csvwPQ==
last-modified: Thu, 10 Sep 2020 09:09:07 GMT
x-ms-request-id: ff32aea2-d01e-005f-750f-2aa63e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 187
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b6cb63df90b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3bafdffb4848e3e73938309d5c96e282
9d5b5c6c62a566a417ec5da22b474517f1e075f1
0af65d8e8caed5f1e19cc73f8df41430d6c24b25d2ebe51c0c96c939ea80ade1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1619
Cache-Control: max-age=112984
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:03 GMT
Etag: "63709364-1d7"
Expires: Tue, 15 Nov 2022 07:16:07 GMT
Last-Modified: Sun, 13 Nov 2022 06:49:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 5ac5244fefcc60e82bd2b33d8cb41749
cd5cb2656f870b58649a99109d136dd3ad3ef31e
294a661b1af9b98de72a3da274ef67ae3b22e5775e8208cfc6a41c47c0aa6169
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "294A661B1AF9B98DE72A3DA274EF67AE3B22E5775E8208CFC6A41C47C0AA6169"
Last-Modified: Sun, 13 Nov 2022 18:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=575
Expires: Mon, 14 Nov 2022 00:02:39 GMT
Date: Sun, 13 Nov 2022 23:53:04 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 41 kB IP 104.110.10.32:0
Hash 35d6e90b130bab5fadc8008cc4504951
38d695c264b12838bf14b9c9ce34e213de091420
aa854ce262a62330681fd83860faa1f74e15a1c93578e95a3fb02cd52c022983
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "294A661B1AF9B98DE72A3DA274EF67AE3B22E5775E8208CFC6A41C47C0AA6169"
Last-Modified: Sun, 13 Nov 2022 18:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=575
Expires: Mon, 14 Nov 2022 00:02:39 GMT
Date: Sun, 13 Nov 2022 23:53:04 GMT
Connection: keep-alive
a.sportradarserving.com/pixel?type=js&aid=1263&id=3422
3.123.120.111302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1263&id=3422
IP 3.123.120.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1263&id=3422 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 13 Nov 2022 23:53:04 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
Set-Cookie: zuuid=a2a38173-0098-4bae-a1aa-0efe395f8815; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
c=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
matomo.rizk-dev.com/matomo.js
104.18.15.144200 OK 21 kB URL HTTP/2 matomo.rizk-dev.com/matomo.js
IP 104.18.15.144:0
File type ASCII text, with very long lines (1601)
Hash 56d1349fa92ede518c35ee330ce07986
09fc5427dfc324117e944a025f2f1e4cc936fca0
3817ba24aa407f0ea312fb73633ae738aca058f785c9a538c67dfc170cf55c1e
GET /matomo.js HTTP/1.1
Host: matomo.rizk-dev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 08:56:29 GMT
etag: W/"6286063d-faed"
expires: Mon, 14 Nov 2022 03:53:03 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 2842
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb59bcab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
3.123.120.111302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 3.123.120.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Cookie: zuuid=5e8a7674-180a-49b5-8cc2-97772df789e6; c=1668383584; zuuid_lu=1668383584
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 13 Nov 2022 23:53:04 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D5e8a7674-180a-49b5-8cc2-97772df789e6
Set-Cookie: zuuid=5e8a7674-180a-49b5-8cc2-97772df789e6; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
3.123.120.111200 OK 2.3 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
IP 3.123.120.111:0
File type ASCII text, with very long lines (2325), with no line terminators
Hash 6025faa6d1e8b21d5c6902df746e43af
efa94cdf3a76a31d16a0d438706818be4ffb430c
e72f09aa58497e13aa6f6a7102bd416b2e883fd2f47f783a0b838bd49f1b7c44
GET /ul_cb/pixel?type=js&aid=1263&id=3422 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Cookie: zuuid=5e8a7674-180a-49b5-8cc2-97772df789e6; c=1668383584; zuuid_lu=1668383584
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Sun, 13 Nov 2022 23:53:04 GMT
Set-Cookie: zuuid=5e8a7674-180a-49b5-8cc2-97772df789e6; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,437640784; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,437712784; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 2325
Connection: keep-alive
acdn.adnxs.com/dmp/up/pixie.js
23.38.200.189200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 23.38.200.189:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: "60b79de0-23b3"
X-Serial: 327
X-Check-Cacheable: YES
X-Akamai-Pragma-Client-IP: 23.36.79.13, 146.247.142.2
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 3340
Cache-Control: max-age=86402
Expires: Mon, 14 Nov 2022 23:53:06 GMT
Date: Sun, 13 Nov 2022 23:53:04 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 25e43ddf8623077222fd85e2e27997c5
1b92bc7e8cf6be84f02f75981a428b877fd152ac
4d91ca4a4207493951f048d0b97f9a277548b107c63ec408c340dec364808116
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6536
Cache-Control: max-age=131961
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:04 GMT
Etag: "6370ca51-1d7"
Expires: Tue, 15 Nov 2022 12:32:25 GMT
Last-Modified: Sun, 13 Nov 2022 10:43:29 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 13 Nov 2022 22:41:09 GMT
expires: Mon, 14 Nov 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 4315
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f5563b8eaa8bbe5076e53dcb10e434a5
ce068739a71489f4991632ce5c6cd0943267a91a
c917e4ff0251bc6bbe67aab3858e5d3421fa743fe8e4e612a0938c2d2bb19e53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: uAoHJE+y6+FIW1DK2p08JwxWhxCy+OfoBrGXe5ILijQT5IrmPEyiMj65GiLGfoBT1Nqt06TXQ/MFFXGeZ92W7A==
content-length: 27337
x-fb-trip-id: 1904183273
date: Sun, 13 Nov 2022 23:53:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 541edfe19e95d8b6d00a366c3b5dd2f3
23a3fb44a7d2ea29028816cef54c96d1ea1151ac
c4fdbd42255a768bcdf93b32806bc92218ffc61ae935c83e8d39523dbbf1b8fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6124
Cache-Control: max-age=158150
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:04 GMT
Etag: "6371323a-1d7"
Expires: Tue, 15 Nov 2022 19:48:54 GMT
Last-Modified: Sun, 13 Nov 2022 18:06:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1539540179.1668383582>m=2oeb90&aip=1&z=677884329
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1539540179.1668383582>m=2oeb90&aip=1&z=677884329
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1539540179.1668383582>m=2oeb90&aip=1&z=677884329 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 23:53:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 25e43ddf8623077222fd85e2e27997c5
1b92bc7e8cf6be84f02f75981a428b877fd152ac
4d91ca4a4207493951f048d0b97f9a277548b107c63ec408c340dec364808116
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6536
Cache-Control: max-age=131961
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:04 GMT
Etag: "6370ca51-1d7"
Expires: Tue, 15 Nov 2022 12:32:25 GMT
Last-Modified: Sun, 13 Nov 2022 10:43:29 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/tTkxSEAAs8c
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/tTkxSEAAs8c
IP 142.250.74.35:0
Hash 97f24fe94dfab264185fad63f484e526
c31801723854ae815691d6db7aa466f4aef6e941
adcd53fd4d4b21c506dadab9f5a4cc397d6756f0239493cd7b87068df3d97325
POST /s/gts1d4/tTkxSEAAs8c HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/mxoWbFvua2o
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/mxoWbFvua2o
IP 142.250.74.35:0
Hash b7773e5f7cd3090e7141fbbea95e66b5
edc4c5806ac519c6a4191f988bc32f10f541e08a
c567c5329a84765bb651def05dd72d22ea7854cbb4062367b4c7cb8da7fa0726
POST /s/gts1d4/mxoWbFvua2o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f5563b8eaa8bbe5076e53dcb10e434a5
ce068739a71489f4991632ce5c6cd0943267a91a
c917e4ff0251bc6bbe67aab3858e5d3421fa743fe8e4e612a0938c2d2bb19e53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
matomo.rizk-dev.com/matomo.php?action_name=rizk.com%2FVelkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&idsite=1&rec=1&r=416185&h=23&m=53&s=2&url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&_id=d219cb2acf49e261&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=hflBK3&pf_net=0&pf_srv=154&pf_tfr=33&pf_dm1=679&pf_dm2=179&pf_onl=2
104.18.15.144204 No Content 0 B URL HTTP/2 matomo.rizk-dev.com/matomo.php?action_name=rizk.com%2FVelkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&idsite=1&rec=1&r=416185&h=23&m=53&s=2&url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&_id=d219cb2acf49e261&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=hflBK3&pf_net=0&pf_srv=154&pf_tfr=33&pf_dm1=679&pf_dm2=179&pf_onl=2
IP 104.18.15.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=rizk.com%2FVelkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&idsite=1&rec=1&r=416185&h=23&m=53&s=2&url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&_id=d219cb2acf49e261&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=hflBK3&pf_net=0&pf_srv=154&pf_tfr=33&pf_dm1=679&pf_dm2=179&pf_onl=2 HTTP/1.1
Host: matomo.rizk-dev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.19
access-control-allow-origin: https://rizk.com
access-control-allow-credentials: true
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb5fc0fb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=5e8a7674-180a-49b5-8cc2-97772df789e6
216.239.36.21200 OK 42 B URL HTTP/2 api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=5e8a7674-180a-49b5-8cc2-97772df789e6
IP 216.239.36.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=5e8a7674-180a-49b5-8cc2-97772df789e6 HTTP/1.1
Host: api.feedad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=5e8a7674-180a-49b5-8cc2-97772df789e6; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: 3f366691db583d0122f92845c3725d49
date: Sun, 13 Nov 2022 23:53:04 GMT
server: Google Frontend
content-length: 42
expires: Sun, 13 Nov 2022 23:53:04 GMT
cache-control: private
X-Firefox-Spdy: h2
tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=5e8a7674-180a-49b5-8cc2-97772df789e6
216.239.38.21200 OK 42 B URL HTTP/2 tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=5e8a7674-180a-49b5-8cc2-97772df789e6
IP 216.239.38.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=5e8a7674-180a-49b5-8cc2-97772df789e6 HTTP/1.1
Host: tags.feedad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=5e8a7674-180a-49b5-8cc2-97772df789e6; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: e598a9e1e06c5a2f1c9a9b6dd060c45d
date: Sun, 13 Nov 2022 23:53:04 GMT
server: Google Frontend
content-length: 42
expires: Sun, 13 Nov 2022 23:53:04 GMT
cache-control: private
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-0WVZ21C8XH>m=2oeb90&_p=284816413&_gaz=1&cid=1539540179.1668383582&ul=en-us&sr=1280x1024&_s=1&sid=1668383582&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_language=NO&up.rizk_user_id=logged-out
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-0WVZ21C8XH>m=2oeb90&_p=284816413&_gaz=1&cid=1539540179.1668383582&ul=en-us&sr=1280x1024&_s=1&sid=1668383582&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_language=NO&up.rizk_user_id=logged-out
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0WVZ21C8XH>m=2oeb90&_p=284816413&_gaz=1&cid=1539540179.1668383582&ul=en-us&sr=1280x1024&_s=1&sid=1668383582&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_language=NO&up.rizk_user_id=logged-out HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rizk.com
date: Sun, 13 Nov 2022 23:53:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 0df79cbc834bd5e53cf14431365341dc
00e5191435de6d5804d36e8db45d1858dfc67e62
6a4d0997ea345b437ad5f53d41699920f946ba31bbc2b01e005516485328d033
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
143.204.68.26200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
IP 143.204.68.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash b6d25d1350d6a014d80689f389e76f97
a957e3d99790759f71a4d9e2fdaf819f60e8c569
fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079
GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bdbd00aed84ab2a1b2623adb63c9331e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: eQ-aqval1xX857ncg6Fku_PG9NAjcPyk29MfMtdn5P7wE_LRvWEsYQ==
age: 819058
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-0WVZ21C8XH&cid=1539540179.1668383582>m=2oeb90&aip=1
142.250.150.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-0WVZ21C8XH&cid=1539540179.1668383582>m=2oeb90&aip=1
IP 142.250.150.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0WVZ21C8XH&cid=1539540179.1668383582>m=2oeb90&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rizk.com
date: Sun, 13 Nov 2022 23:53:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ce4e508120ccc7a289feb203006dac93
13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1
a058745f8ae18e2b883213483a50de493d78f5561cf51b099da90893b554dd90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 23:53:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 01:56:50 GMT
Expires: Sat, 19 Nov 2022 01:56:49 GMT
Etag: "13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1"
Cache-Control: max-age=438824,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 769b6cb968c9b512-OSL
track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=279974081431&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.4.39200 OK 531 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=279974081431&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.4.39:0
File type ASCII text, with very long lines (375), with CRLF line terminators
Hash 63f14ced0180a07c4fd1e25a8360790d
36c07f350b68730411fb0269c12ba26253c18489
2d934a74b145a0624275e9e1bee69a52f6debf6c532a1fe691658918af58bfc2
GET /Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=279974081431&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: text/javascript; charset=utf-8
content-length: 531
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 13-Dec-2022 23:53:04 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D5e8a7674-180a-49b5-8cc2-97772df789e6
3.127.121.199302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D5e8a7674-180a-49b5-8cc2-97772df789e6
IP 3.127.121.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_group=1&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D5e8a7674-180a-49b5-8cc2-97772df789e6 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 13 Nov 2022 23:53:04 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D5e8a7674-180a-49b5-8cc2-97772df789e6
Set-Cookie: tuuid=8385801b-072c-4209-aa10-0c47f41fa38d; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
18.244.140.113200 OK 222 B URL HTTP/2 rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
IP 18.244.140.113:0
Hash 40537b1abe9505bb799edac2255a8470
3b26d888b1d5f92da2d20c58863690c5587fa9c7
7f99464c6925fc098677d29ef278b73b2c0160dea8cce855eac94ab703477e78
GET /rules-p-qX80KJDWUUAcD.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 222
last-modified: Thu, 13 Oct 2022 22:18:39 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sun, 13 Nov 2022 23:29:18 GMT
cache-control: max-age=3600
etag: "40537b1abe9505bb799edac2255a8470"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ff29478875e81c359f37e63f1a4370c0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
x-amz-cf-id: aU8I-5zqOpElGPlKLP5d8U1qJJVB7mLxWER8gAUBFoA16NKNTYEyAA==
age: 2026
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=279974081431&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2066648920270838310
37.157.4.39200 OK 201 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=279974081431&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2066648920270838310
IP 37.157.4.39:0
File type ASCII text, with CRLF line terminators
Hash 58843f6e7478fcbc58ce3f06ebc8a766
38be284fc6f347414e9c4e62966c738f1303a06a
00d40fbf21940008fde10ef8f27648b7a840b379ea469d72008afa81501c74da
GET /Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=279974081431&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2066648920270838310 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: text/javascript; charset=utf-8
content-length: 201
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1668383582763&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&st=1668383582763&et=1668383582763&if=0
185.89.210.20200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1668383582763&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&st=1668383582763&et=1668383582763&if=0
IP 185.89.210.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1668383582763&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&st=1668383582763&et=1668383582763&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 13 Nov 2022 23:53:04 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x.bidswitch.net/syncd?dsp_id=409&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
3.127.121.199200 OK 43 B URL HTTP/1.1 x.bidswitch.net/syncd?dsp_id=409&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 3.127.121.199:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /syncd?dsp_id=409&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 13 Nov 2022 23:53:04 GMT
Content-Length: 43
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ce4e508120ccc7a289feb203006dac93
13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1
a058745f8ae18e2b883213483a50de493d78f5561cf51b099da90893b554dd90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 23:53:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 01:56:50 GMT
Expires: Sat, 19 Nov 2022 01:56:49 GMT
Etag: "13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1"
Cache-Control: max-age=438824,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 769b6cbaa94cb4f3-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ce4e508120ccc7a289feb203006dac93
13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1
a058745f8ae18e2b883213483a50de493d78f5561cf51b099da90893b554dd90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 23:53:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 01:56:50 GMT
Expires: Sat, 19 Nov 2022 01:56:49 GMT
Etag: "13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1"
Cache-Control: max-age=438824,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 769b6cbaae8db51b-OSL
www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=&if=false&ts=1668383583062&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668383583061.1695208421&it=1668383582831&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=&if=false&ts=1668383583062&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668383583061.1695208421&it=1668383582831&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=&if=false&ts=1668383583062&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668383583061.1695208421&it=1668383582831&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Nov 2022 23:53:04 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 0df79cbc834bd5e53cf14431365341dc
00e5191435de6d5804d36e8db45d1858dfc67e62
6a4d0997ea345b437ad5f53d41699920f946ba31bbc2b01e005516485328d033
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash e31e77254bcc3a933e3367a8a41fbfff
d258731de016140b00679f060ca028276e00958f
a4e10c1ac07622c3f4781b431c93451d59eee2fa6747759d02b15e1933939bd0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137779
Date: Sun, 13 Nov 2022 23:53:04 GMT
Etag: "6370eaa1-1d7"
Expires: Tue, 15 Nov 2022 14:09:23 GMT
Last-Modified: Sun, 13 Nov 2022 13:01:21 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: A0NWCLdkP0_fSp4jmehhpFlowsil1jfTWMUr3FkHVpiyMsBvbE-Xpw==
Age: 4082
pixel.quantserve.com/pixel;r=1014670115;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-831788886-1668383582885;pbc=;ns=0;ce=1;qjs=1;qv=4a00825e-20221110201859;cm=;gdpr=0;ref=;d=rizk.com;dst=0;et=1668383583101;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=e1fe1681-fb65-418c-93db-ac665fcd823c
91.228.74.159200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1014670115;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-831788886-1668383582885;pbc=;ns=0;ce=1;qjs=1;qv=4a00825e-20221110201859;cm=;gdpr=0;ref=;d=rizk.com;dst=0;et=1668383583101;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=e1fe1681-fb65-418c-93db-ac665fcd823c
IP 91.228.74.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1014670115;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-831788886-1668383582885;pbc=;ns=0;ce=1;qjs=1;qv=4a00825e-20221110201859;cm=;gdpr=0;ref=;d=rizk.com;dst=0;et=1668383583101;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=e1fe1681-fb65-418c-93db-ac665fcd823c HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EMUBBgHIJwISAbmVoQ2e6bRu; expires=Sat, 11-Feb-2023 23:53:04 GMT; path=/; domain=.quantserve.com
mc=63718360-7cbb5-6641d-845d8; expires=Thu, 14-Dec-2023 23:53:04 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=68c63c44-bc95-4a09-9131-bffa38de3e68
3.127.121.199302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=68c63c44-bc95-4a09-9131-bffa38de3e68
IP 3.127.121.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=68c63c44-bc95-4a09-9131-bffa38de3e68 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 13 Nov 2022 23:53:04 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=68c63c44-bc95-4a09-9131-bffa38de3e68
Set-Cookie: tuuid=f7810a42-6603-4aec-b073-e77cd1e8ef03; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=653c5fe2-1f52-4da1-af10-dded572c179b
3.127.121.199302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=653c5fe2-1f52-4da1-af10-dded572c179b
IP 3.127.121.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=653c5fe2-1f52-4da1-af10-dded572c179b HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 13 Nov 2022 23:53:04 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=653c5fe2-1f52-4da1-af10-dded572c179b
Set-Cookie: tuuid=b8ca1062-9aa5-42b6-a188-11126fd5f3ca; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668383584; path=/; expires=Mon, 13-Nov-2023 23:53:04 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D5e8a7674-180a-49b5-8cc2-97772df789e6
3.127.121.199200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D5e8a7674-180a-49b5-8cc2-97772df789e6
IP 3.127.121.199:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_group=1&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D5e8a7674-180a-49b5-8cc2-97772df789e6 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 13 Nov 2022 23:53:04 GMT
Content-Length: 43
Connection: keep-alive
eb2.3lift.com/xuid?mid=7963&xuid=5e8a7674-180a-49b5-8cc2-97772df789e6&dongle=3oy7
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=7963&xuid=5e8a7674-180a-49b5-8cc2-97772df789e6&dongle=3oy7
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=7963&xuid=5e8a7674-180a-49b5-8cc2-97772df789e6&dongle=3oy7 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=68c63c44-bc95-4a09-9131-bffa38de3e68
3.127.121.199302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=68c63c44-bc95-4a09-9131-bffa38de3e68
IP 3.127.121.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=68c63c44-bc95-4a09-9131-bffa38de3e68 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 13 Nov 2022 23:53:04 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=653c5fe2-1f52-4da1-af10-dded572c179b
3.127.121.199302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=653c5fe2-1f52-4da1-af10-dded572c179b
IP 3.127.121.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=653c5fe2-1f52-4da1-af10-dded572c179b HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 13 Nov 2022 23:53:04 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
script.hotjar.com/heatmap-dynamic-view.abc6add9fe82de4bc928.js
18.165.227.74200 OK 2.8 kB URL HTTP/2 script.hotjar.com/heatmap-dynamic-view.abc6add9fe82de4bc928.js
IP 18.165.227.74:0
File type ASCII text, with very long lines (9695)
Hash 69db3e11d56206ea3b0cd85602070f73
ba6a1059058cda9086f8f1084095c0ff7d2b308a
8e337b888851b17c10f32dc001baca5aeb1ca9cb4bde6b0a0829f8b20ff362be
GET /heatmap-dynamic-view.abc6add9fe82de4bc928.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2828
date: Fri, 04 Nov 2022 12:22:08 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "69db3e11d56206ea3b0cd85602070f73"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc218b65080849bc6e273a2299fa4aec.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
x-amz-cf-id: huSigjPBq_gKC50FwTJF_Bk0gpoDNroEWS9svAQLwVQ_nZLNMkkrzw==
age: 819056
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ce4e508120ccc7a289feb203006dac93
13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1
a058745f8ae18e2b883213483a50de493d78f5561cf51b099da90893b554dd90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 23:53:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 01:56:50 GMT
Expires: Sat, 19 Nov 2022 01:56:49 GMT
Etag: "13d6e09cb2ea439b0d3ff00b165cdd90776eb4d1"
Cache-Control: max-age=438824,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 769b6cbaa91b0b55-OSL
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=1eec8d08-d90b-4bbc-a44b-90a15ce857d8
3.127.121.199302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=1eec8d08-d90b-4bbc-a44b-90a15ce857d8
IP 3.127.121.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&cb=1eec8d08-d90b-4bbc-a44b-90a15ce857d8 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 13 Nov 2022 23:53:04 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
rizk.com/OneSignalSDKWorker.js
104.18.21.91304 Not Modified 0 B URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.21.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644; _gcl_au=1.1.1051401865.1668383582; _pk_id.1.dd63=d219cb2acf49e261.1668383582.; _pk_ses.1.dd63=1; _ga_0WVZ21C8XH=GS1.1.1668383582.1.0.1668383582.60.0.0; _ga=GA1.1.1539540179.1668383582; _sp_srt_ses.1633=*; _sp_srt_id.1633=213b3803-a869-4bdc-adc9-9127b8982ca7.1668383583.1.1668383583.1668383583.bdbfd12c-a430-40b6-bc65-8acf46e46902; _gid=GA1.2.1859983587.1668383583; _fbp=fb.1.1668383583061.1695208421; adformfrpid=2066648920270838310; __qca=P0-831788886-1668383582885; _hjSessionUser_661774=eyJpZCI6IjNjZDE4ZDFkLWM0YjYtNTFlOS04NDI4LWEwNjQ5ZmRiYzZkYSIsImNyZWF0ZWQiOjE2NjgzODM1ODMxODMsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=1; _hjSession_661774=eyJpZCI6ImRhZGI1NzZhLWJiNWMtNDIwZS04Nzk5LWViZjQwNDIxMTAxNiIsImNyZWF0ZWQiOjE2NjgzODM1ODMxOTYsImluU2FtcGxlIjp0cnVlfQ==; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 04 Nov 2022 14:37:49 GMT
If-None-Match: W/"636523bd-56"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 13 Nov 2022 23:53:04 GMT
last-modified: Fri, 04 Nov 2022 14:37:49 GMT
etag: "636523bd-56"
cf-cache-status: HIT
age: 3334
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cbc9bc9b500-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1fba1f16f8ef316239c989f535f21664
d36549605365740b90ed3d2443b202d2b8b2002c
c5a6062e9751e369fd78a059ce617ebe1e91f215a40a6ce972a1f552ed800b54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4958
Cache-Control: max-age=120306
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 23:53:04 GMT
Etag: "6370a2f4-117"
Expires: Tue, 15 Nov 2022 09:18:10 GMT
Last-Modified: Sun, 13 Nov 2022 07:55:32 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash a6d1a1c3eb242871bae645040882ee0b
8a92000397b975ca6bddb168e3fb50c0b6e905b1
59dbb8efbfa023ef2299072b2fe64df7b7ee7c29e88f09c1cd36bdc75089298d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148857
Date: Sun, 13 Nov 2022 23:53:04 GMT
Etag: "63710c60-1d7"
Expires: Tue, 15 Nov 2022 17:14:01 GMT
Last-Modified: Sun, 13 Nov 2022 15:25:20 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: CCGeXuFbQD0sp0MpJE9EieghWTdWBvWlYZXbwxXVqNX430_941HvAA==
Age: 6521
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash 5b209783c388129409611af49342494c
9074f5848b54b27c4341d39eb3485ba220936d76
7ff3cab1bfe747b89ac1373b0a1715fce13dd4d0ae61dcef821023cc320d86f9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106081
Date: Sun, 13 Nov 2022 23:53:04 GMT
Etag: "637079fd-1d7"
Expires: Tue, 15 Nov 2022 05:21:05 GMT
Last-Modified: Sun, 13 Nov 2022 05:00:45 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 398a51ec785027c0cfb5003d3a46ab0a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 9ZcLtYl6e-fXDjgT0ENrqMPw_4mv7xmNtM7WvUmxJEEs3N3pHIOe7Q==
Age: 1220
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash 5b209783c388129409611af49342494c
9074f5848b54b27c4341d39eb3485ba220936d76
7ff3cab1bfe747b89ac1373b0a1715fce13dd4d0ae61dcef821023cc320d86f9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108488
Date: Sun, 13 Nov 2022 23:53:04 GMT
Etag: "637079fd-1d7"
Expires: Tue, 15 Nov 2022 06:01:12 GMT
Last-Modified: Sun, 13 Nov 2022 05:00:45 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 f5db034a9eef3b097715a6b5d2c824a8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: bKTqUNJ4NUaJ0OsMuuqx0ytBMugZCJ5oQPXBUPJ2VbBC6-NUQ_SGYg==
Age: 3627
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash 5b209783c388129409611af49342494c
9074f5848b54b27c4341d39eb3485ba220936d76
7ff3cab1bfe747b89ac1373b0a1715fce13dd4d0ae61dcef821023cc320d86f9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107178
Date: Sun, 13 Nov 2022 23:53:04 GMT
Etag: "637079fd-1d7"
Expires: Tue, 15 Nov 2022 05:39:22 GMT
Last-Modified: Sun, 13 Nov 2022 05:00:45 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 4c3c0be12954d0bfb5e695119bb76338.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: v_UoOraDVVJXGiaEqBUbGPnWvosAfGCZ7a5bFuPeAEsJo4fiz08zGw==
Age: 2317
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
3.123.115.183204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 3.123.115.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 13 Nov 2022 23:53:04 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
3.123.115.183204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 3.123.115.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 13 Nov 2022 23:53:04 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
3.123.115.183204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 3.123.115.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5e8a7674-180a-49b5-8cc2-97772df789e6&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 13 Nov 2022 23:53:04 GMT
X-Firefox-Spdy: h2
ws13.hotjar.com/api/v2/client/ws
52.31.217.27101 Switching Protocols 0 B URL HTTP/1.1 ws13.hotjar.com/api/v2/client/ws
IP 52.31.217.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws13.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://rizk.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BwGOUnPwXY3HJieXZKkLFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 13 Nov 2022 23:53:05 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sV/0taq0V47ElKIfwMY2QlgMTrE=
Sec-WebSocket-Extensions: permessage-deflate
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe28d811-107a-493e-9c36-93a37a7dfe1a.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe28d811-107a-493e-9c36-93a37a7dfe1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e04eab17e36899c3b3f67f6774d7a842
e4f3a076810adab8f034e34044aced853ffd1d35
45ab81ce9082af29333f76fb84791f2fde2e666a39671984196306f75f332187
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe28d811-107a-493e-9c36-93a37a7dfe1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14493
x-amzn-requestid: c12b0588-18f2-4444-b5a2-4e066c428c33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDvEE2IAMF7zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-3242621f173516376089985c;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lGKR4HCVUtL0KlyMgAVULWpL1dopxSbu2oh337vM7ldK4zRDmYRluQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:53:03 GMT
age: 7205
etag: "e4f3a076810adab8f034e34044aced853ffd1d35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-footer.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/rizk-logo-footer.svg
IP 104.18.21.91:0
GET /assets/img/rizk-logo-footer.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: image/svg+xml
last-modified: Thu, 04 Aug 2022 08:08:03 GMT
etag: W/"62eb7e63-789"
expires: Fri, 07 Oct 2022 01:26:54 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 3456404
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6caf0838b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/js/runtime.99df232f.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/runtime.99df232f.js
IP 104.18.21.91:0
GET /assets/js/runtime.99df232f.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:29:29 GMT
etag: W/"636521c9-8fc"
cf-cache-status: HIT
age: 920
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6caf3859b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/no/translations/selection
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/no/translations/selection
IP 104.18.21.91:0
POST /no/translations/selection HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 3537
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: max-age=0, must-revalidate, private
set-cookie: Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644; expires=Tue, 13-Dec-2022 23:53:03 GMT; Max-Age=2592000; path=/; secure; httponly
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb1da65b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 910
expires: Wed, 16 Nov 2022 23:53:03 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 769b6cb41e9efabc-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-661774.js?sv=7
13.224.245.27200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-661774.js?sv=7
IP 13.224.245.27:0
GET /c/hotjar-661774.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sun, 13 Nov 2022 23:52:25 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/836bac98f7c9279eb32ef51c843601f6
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a3e4fc96eb3662731567c2fe42feda9a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: BuZtPwWWhgPf0gszRCpDSUrJ1rr8gAdbGrWaVLRZiF8UjTw51DHzqg==
age: 39
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDKWorker.js?v=151514
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDKWorker.js?v=151514
IP 104.18.225.52:0
GET /sdks/OneSignalSDKWorker.js?v=151514 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: application/javascript
etag: W/"2c6db169c2c60079c09fc4c994322b13"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1853
expires: Wed, 16 Nov 2022 23:53:04 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 769b6cbcda29b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.clickcease.com/monitor/stat.js
99.86.114.124200 OK 0 B URL HTTP/2 www.clickcease.com/monitor/stat.js
IP 99.86.114.124:0
GET /monitor/stat.js HTTP/1.1
Host: www.clickcease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 09:02:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: DoKKBN.SQEEmdtM866dvIghkC0E1NkLT
server: AmazonS3
content-encoding: gzip
date: Sun, 13 Nov 2022 23:52:54 GMT
etag: W/"8718c28d35d9705fdb01ea55f1f62706"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04dc9ebdebde1811f62e65be6d89b8c8.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C1
x-amz-cf-id: rXFJOzieRVTSejc6KwtO5tJ2fsODbHtzVdm9OEVK9DIoeOVpPMYh2g==
age: 11
X-Firefox-Spdy: h2
rizk.com/assets/js/scripts.7417294e.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/scripts.7417294e.js
IP 104.18.21.91:0
GET /assets/js/scripts.7417294e.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:29:29 GMT
etag: W/"636521c9-62ef7"
cf-cache-status: HIT
age: 1343
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6caf4861b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
IP 104.16.148.64:0
GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: image/svg+xml
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Thu, 10 Nov 2022 22:15:47 GMT
x-ms-request-id: 074aaaa4-201e-00a4-4568-f5e202000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 79431
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 769b6cb38b14b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
rizk.com/serviceWorker.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/serviceWorker.js
IP 104.18.21.91:0
GET /serviceWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/OneSignalSDKWorker.js
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:37:50 GMT
etag: W/"636523be-4e5"
cf-cache-status: HIT
age: 6740
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb3ecbeb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
37.157.3.30200 OK 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
IP 37.157.3.30:0
GET /serving/cookie/match?CC=1&party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=b07823ad-e115-456a-8e89-cc6b0b76459e&tld=com
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=b07823ad-e115-456a-8e89-cc6b0b76459e&tld=com
IP 35.190.43.134:0
GET /collector/is_enabled?pids=b07823ad-e115-456a-8e89-cc6b0b76459e&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
access-control-allow-origin: https://rizk.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 911
expires: Wed, 16 Nov 2022 23:53:04 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 769b6cbcda24b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/661774/visit-data?sv=7
34.248.5.173200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/661774/visit-data?sv=7
IP 34.248.5.173:0
POST /api/v2/client/sites/661774/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 129
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.18.21.91:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 12:52:00 GMT
etag: W/"636ba270-4d7"
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6caf0839b500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 15 Nov 2022 23:53:02 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
rizk.com/assets/js/base.dc9d77ff.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/base.dc9d77ff.js
IP 104.18.21.91:0
GET /assets/js/base.dc9d77ff.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:29:29 GMT
etag: W/"636521c9-93942"
cf-cache-status: HIT
age: 885
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6caf385ab500-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/MGA.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/footer/MGA.svg
IP 104.18.21.91:0
GET /assets/img/footer/MGA.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1668383582
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: image/svg+xml
last-modified: Thu, 15 Sep 2022 07:49:59 GMT
etag: W/"6322d927-49ef"
expires: Fri, 18 Nov 2022 07:14:30 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 3604875
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb1ca5fb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
s2.adform.net/banners/scripts/st/trackpoint-async.js
37.157.5.72200 OK 0 B URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP 37.157.5.72:0
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 12:23:24 GMT
x-rgw-object-type: Normal
etag: W/"4cb8e818a3c8dda5fd80d6d9a55d958d"
x-amz-request-id: tx00000a68fce1b3c0c1cd7-00635ba098-329354d9-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
c.bannerflow.net/scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.13.64200 OK 0 B URL HTTP/2 c.bannerflow.net/scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.13.64:0
GET /scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: c.bannerflow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: text/html
cache-control: public,max-age=3600
content-md5: ECKsFMGYt00AJi96pRIpJw==
last-modified: Mon, 28 Mar 2022 11:38:52 GMT
x-ms-request-id: 892675fa-901e-0070-5c0b-e554d1000000
x-ms-version: 2011-08-18
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2298
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b6cb66a9cfab4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ws13.hotjar.com/api/v2/sites/661774/recordings/content
52.31.217.27200 OK 0 B URL HTTP/2 ws13.hotjar.com/api/v2/sites/661774/recordings/content
IP 52.31.217.27:0
POST /api/v2/sites/661774/recordings/content HTTP/1.1
Host: ws13.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 267083
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:05 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logo-odr.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/footer/footer-logo-odr.svg
IP 104.18.21.91:0
GET /assets/img/footer/footer-logo-odr.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1668383582
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: image/svg+xml
last-modified: Thu, 15 Sep 2022 07:49:59 GMT
etag: W/"6322d927-1c73"
expires: Fri, 18 Nov 2022 07:14:30 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 4811897
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb1ba48b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/yett/dist/yett.min.modern.js
104.16.126.175302 Found 0 B URL HTTP/2 unpkg.com/yett/dist/yett.min.modern.js
IP 104.16.126.175:0
GET /yett/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 13 Nov 2022 23:53:02 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /yett@0.2.3/dist/yett.min.modern.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GHSP9F5G9153EQF6CMPCX0RB-ams
cf-cache-status: HIT
age: 290
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 769b6caeccd90b59-OSL
X-Firefox-Spdy: h2
rizk.com/OneSignalSDKWorker.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.21.91:0
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=rlrffqn9r0op8t1468v09umcp5; btag=a_10689784b_c_u3uTHe3u2Inkd9Mgv0S_DWNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+13+2022+23%3A53%3A01+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:03 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:37:49 GMT
etag: W/"636523bd-56"
cf-cache-status: HIT
age: 3333
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 769b6cb32c51b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.159200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.159:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 13 Nov 2022 23:53:04 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "dGMVEkJqMDGUKmTNQCF+Mg=="
expires: Sun, 20 Nov 2022 23:53:04 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2