iuyuyt.3bb94.ij.wy5532.com/
37.48.65.155200 OK 487 B URL HTTP/1.1 iuyuyt.3bb94.ij.wy5532.com/
IP 37.48.65.155:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (487), with no line terminators
Hash ccfd12288360f61408ca7cf2a7f87a1d
8025229c9a05df01b1993b5519cdf2c86ae30d3c
05aa5294207291a7a681d1edca73671a1ca5306d7b29146d2012480d2618d6b9
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: iuyuyt.3bb94.ij.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 487
content-type: text/html; charset=utf-8
date: Mon, 30 Jan 2023 22:46:07 GMT
server: nginx
set-cookie: sid=e2db26c8-a0ef-11ed-954b-337bd9d5ab31; path=/; domain=.wy5532.com; expires=Sun, 18 Feb 2091 02:00:15 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2974
Expires: Mon, 30 Jan 2023 23:35:42 GMT
Date: Mon, 30 Jan 2023 22:46:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3571
Expires: Mon, 30 Jan 2023 23:45:39 GMT
Date: Mon, 30 Jan 2023 22:46:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 22:35:47 GMT
content-type: application/json
age: 621
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4870
Expires: Tue, 31 Jan 2023 00:07:18 GMT
Date: Mon, 30 Jan 2023 22:46:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: i5L4vlFNDPS9EdEtW9luaqeYplcdsQlfW+bx2xlxKs7JlXdQEUwou0OIyqmOLYOBo7IliCuENiM=
x-amz-request-id: 5QW4KH5GMHANSPER
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 21:50:54 GMT
age: 3314
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 22:46:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
iuyuyt.3bb94.ij.wy5532.com/favicon.ico
37.48.65.155404 Not Found 9 B URL HTTP/1.1 iuyuyt.3bb94.ij.wy5532.com/favicon.ico
IP 37.48.65.155:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: iuyuyt.3bb94.ij.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iuyuyt.3bb94.ij.wy5532.com/
Cookie: sid=e2db26c8-a0ef-11ed-954b-337bd9d5ab31
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Mon, 30 Jan 2023 22:46:08 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 22:41:41 GMT
age: 267
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
iuyuyt.3bb94.ij.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTEyNTk2OCwiaWF0IjoxNjc1MTE4NzY4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZqZjk3dm04MGFibjZxb2cwcHNvc2UiLCJuYmYiOjE2NzUxMTg3NjgsInRzIjoxNjc1MTE4NzY4MjA5MDM1fQ.veTz8jJla1uHxUtvjRqdUX95-IBI0tMiGR0PNkd6_TA&sid=e2db26c8-a0ef-11ed-954b-337bd9d5ab31
37.48.65.155302 Found 11 B URL HTTP/1.1 iuyuyt.3bb94.ij.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTEyNTk2OCwiaWF0IjoxNjc1MTE4NzY4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZqZjk3dm04MGFibjZxb2cwcHNvc2UiLCJuYmYiOjE2NzUxMTg3NjgsInRzIjoxNjc1MTE4NzY4MjA5MDM1fQ.veTz8jJla1uHxUtvjRqdUX95-IBI0tMiGR0PNkd6_TA&sid=e2db26c8-a0ef-11ed-954b-337bd9d5ab31
IP 37.48.65.155:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTEyNTk2OCwiaWF0IjoxNjc1MTE4NzY4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZqZjk3dm04MGFibjZxb2cwcHNvc2UiLCJuYmYiOjE2NzUxMTg3NjgsInRzIjoxNjc1MTE4NzY4MjA5MDM1fQ.veTz8jJla1uHxUtvjRqdUX95-IBI0tMiGR0PNkd6_TA&sid=e2db26c8-a0ef-11ed-954b-337bd9d5ab31 HTTP/1.1
Host: iuyuyt.3bb94.ij.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iuyuyt.3bb94.ij.wy5532.com/
Cookie: sid=e2db26c8-a0ef-11ed-954b-337bd9d5ab31
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 30 Jan 2023 22:46:08 GMT
location: http://click-v4.celxkpdir.com/click?i=WDZ*WOVtGGg_0
server: nginx
set-cookie: sid=e2db26c8-a0ef-11ed-954b-337bd9d5ab31; path=/; domain=.wy5532.com; expires=Sun, 18 Feb 2091 02:00:15 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20681
Expires: Tue, 31 Jan 2023 04:30:50 GMT
Date: Mon, 30 Jan 2023 22:46:09 GMT
Connection: keep-alive
click-v4.celxkpdir.com/click?i=WDZ*WOVtGGg_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.celxkpdir.com/click?i=WDZ*WOVtGGg_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=WDZ*WOVtGGg_0 HTTP/1.1
Host: click-v4.celxkpdir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iuyuyt.3bb94.ij.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://feed.us.adrunnr.com/11/?id=e323b7b7-a0ef-11ed-a65c-cf2661bb4fc4
Pragma: no-cache
push.services.mozilla.com/
52.88.138.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.138.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 98EyU1H13v0F/N4clKvgHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LJsjHtftXAkXvGeXpYseP72lL44=
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash ae15c48d97f258a3f9f6da93c3ff0733
c653dd5596b156faa20300ecfb76f735778f8843
c59c5a503ecfcc285d6d2c7657b8725ab3f993c9198249a1768772d781268106
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142366
Date: Mon, 30 Jan 2023 22:46:09 GMT
Etag: "63d7be2e-1d7"
Expires: Wed, 01 Feb 2023 14:18:55 GMT
Last-Modified: Mon, 30 Jan 2023 12:55:10 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cIO8KJkdqUD-DCV04GlV4YCdt5w76wE4TtEVaXepJQQs3dSmy8N8GA==
Age: 5025
feed.us.adrunnr.com/11/?id=e323b7b7-a0ef-11ed-a65c-cf2661bb4fc4
34.234.118.172307 Temporary Redirect 0 B URL HTTP/2 feed.us.adrunnr.com/11/?id=e323b7b7-a0ef-11ed-a65c-cf2661bb4fc4
IP 34.234.118.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11/?id=e323b7b7-a0ef-11ed-a65c-cf2661bb4fc4 HTTP/1.1
Host: feed.us.adrunnr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://iuyuyt.3bb94.ij.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Mon, 30 Jan 2023 22:46:09 GMT
content-length: 0
location: https://trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=a2c9f98a&cost=0.0007&browser=Firefox&carrier=&cid=e3239097-a0ef-11ed-a65c-8726dc329fd5
set-cookie: __sess=e3c6aecd-a0ef-11ed-a65c-cf2661bb4fc4; Expires=Thu, 01 Jan 2099 00:00:00 GMT; Domain=adrunnr.com; Secure; SameSite=None
X-Firefox-Spdy: h2
trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=a2c9f98a&cost=0.0007&browser=Firefox&carrier=&cid=e3239097-a0ef-11ed-a65c-8726dc329fd5
18.158.88.249302 Found 0 B URL HTTP/2 trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=a2c9f98a&cost=0.0007&browser=Firefox&carrier=&cid=e3239097-a0ef-11ed-a65c-8726dc329fd5
IP 18.158.88.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=a2c9f98a&cost=0.0007&browser=Firefox&carrier=&cid=e3239097-a0ef-11ed-a65c-8726dc329fd5 HTTP/1.1
Host: trk.suprclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://iuyuyt.3bb94.ij.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 22:46:09 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w8vg8mhdk2j1fe9m2dsagkdu
pragma: no-cache
set-cookie: bc98edd7-1543-43f7-b2f0-6108fbb348b2-v4=_WufOUNb3-uGawWA3dL33zUl5N-1ZHvFhbWToBgJZDQ; Max-Age=86400; Expires=Tue, 31-Jan-2023 22:46:09 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=W6jeA%2BHxYmJL2pESbo30i8qUoM7y6n4C2gDViYzJvkjFpIB1jhLfJQpMQIoj8SvJPA%2B7XXIm2J0EVMLxK8m96X4folCdY6JbMFBvYshYt4seG%2FRPsWd7bCiq2VgGLyYEoJ0OG13192oDmsUcBYIvgw%3D%3D; Max-Age=31536000; Expires=Tue, 30-Jan-2024 22:46:09 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2e6845d80683e95c57b5aba11b9cede3
0b607a07bee11409922cb9b6ee4db734504c8367
b4f014cb8434d96012f0816a88aad97d63a0d4e1ed483f8e804a2209196e986a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100954
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:10 GMT
Etag: "63d7300c-118"
Expires: Wed, 01 Feb 2023 02:48:44 GMT
Last-Modified: Mon, 30 Jan 2023 02:48:44 GMT
Server: nginx
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4572
Expires: Tue, 31 Jan 2023 00:02:22 GMT
Date: Mon, 30 Jan 2023 22:46:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4572
Expires: Tue, 31 Jan 2023 00:02:22 GMT
Date: Mon, 30 Jan 2023 22:46:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4572
Expires: Tue, 31 Jan 2023 00:02:22 GMT
Date: Mon, 30 Jan 2023 22:46:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4572
Expires: Tue, 31 Jan 2023 00:02:22 GMT
Date: Mon, 30 Jan 2023 22:46:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4572
Expires: Tue, 31 Jan 2023 00:02:22 GMT
Date: Mon, 30 Jan 2023 22:46:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac9e49e19b226b271d1a6f29d7159e64
df578148d224d67fb6e098da3eeb1d86c233cb73
1e065f356fe4ae535ec6fa40ddbad8a2ddad1fa1a053bedceb25c90fa3620ad4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12154
x-amzn-requestid: 0ba17a3e-c78c-4634-8706-eedd20d8e3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk303H-mIAMFelA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b8-1d7f813471bcbd3341f06e86;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xPsBUAX9p6j3zfTl4956VqN0aME12n_E5Q2eoHoBaPE1_ElvMrSx5g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:49:14 GMT
etag: "df578148d224d67fb6e098da3eeb1d86c233cb73"
content-type: image/jpeg
age: 3416
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 3473
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 6165
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 0ce16b38-ae58-4cfc-9a7e-0cfd68c3114b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxH0pIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-4c58f0a54d3eb51357dc4bfc;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mdKr3fucht7bqc2dp3mNaXusuYORLOf-YsF54I71mHk09D4AYnVvvQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:49:14 GMT
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
age: 3416
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f9938c0cf6a0073ade7aa5fbe63ee
10b2c53728e16614bc96fbce22e98a135e8fdc16
25c6402614ad4f04d35ea2512b613a5c239609ce03886a22b1a89d62ddf344f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6660
x-amzn-requestid: d1b88b8f-d5c5-4da3-b93a-ade94338e746
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRa8DFMaIAMF2Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d071e6-1fa8a996195c9b3406399769;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:03:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HkhlfofiCFusEluIswICaWL-lR_nnmhszPSRTqZL_tRixYUUqlUZ_g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:49:14 GMT
age: 3416
etag: "10b2c53728e16614bc96fbce22e98a135e8fdc16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 146cb1c622ae62d62090dcaf81709056
c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e
d1a2caf59c5bfb3fd66c804217c60705de91e5beebd006cffab1d712a5aef85b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8755
x-amzn-requestid: 18054ad3-92df-4a07-b7d1-643293ba4a5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1hDGZfoAMFsFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c6c-7aae5ef32459231c25465b1b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:05:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5GkQA5AcFOFc2Wn5rdaX7nH5F4wfy52vtlpbI8Qlai-jQE77inKzqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 10:06:07 GMT
age: 45603
etag: "c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6637cb6225799317f3fac4261776cfdd
359830815d51175bd77a2152ea286c69a58f1c9c
07bf993e3e77cc507bd1fc596b75a01048e40f8a19e4bb615df00098e238d1a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2733
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:10 GMT
Last-Modified: Mon, 30 Jan 2023 22:00:37 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (21747)
Hash 4292e44eba0796aac4d0b7aab80daec2
8131fd92ed85c9e8378d78e2b668cd7163fdf875
0deff459ca0049e97fc03f4a80660ef7e69185057ffdcd1a462cd3bcaffb6e5b
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: QpLkTroHlqrE0LequA2uwg==
last-modified: Fri, 27 Jan 2023 07:38:15 GMT
etag: 0x8DB003973D2D647
x-ms-request-id: 40175fdc-601e-00c5-10ad-32a6dd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 14864
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791dbdfebc82b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
104.18.21.91200 OK 125 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 125 kB (125078 bytes)
Hash 72f2e83e609637b33061f935cea88b62
bc74db10f461af183eeae38ff48ebfb4ea4a0f87
09cad8ab2b9365e3412d2877a35b31167b68bf8a2f28ab33fd3218661cd581a6
GET /no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 125078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128279, status=webp_bigger
etag: "5f855e98-1f517"
expires: Mon, 27 Feb 2023 05:37:28 GMT
last-modified: Tue, 13 Oct 2020 08:00:24 GMT
cf-cache-status: HIT
age: 2609916
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedb3b4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
104.18.21.91200 OK 3.2 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d40515720b33d1eb7e5bae188a21575
d1503716353b57bb6d1e1ed256021b76e120b439
a33e4475fd94d712ffe38ffc48833281324421808415b90f004ae138a85745b4
GET /no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 3190
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=10475
content-disposition: inline; filename="insider_power_bar.webp"
etag: "568c79c7-28eb"
expires: Mon, 27 Feb 2023 05:37:30 GMT
last-modified: Wed, 06 Jan 2016 02:19:51 GMT
vary: Accept
cf-cache-status: HIT
age: 2523722
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedacb4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png
104.18.21.91200 OK 1.1 kB URL HTTP/2 insider.rizk.com/gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e97b23e842d4df6dfdd7fb049a87a26f
083cda549ea555b23a7b7aee461c0bc6a13070c0
d96df1d19452dbc92d39e276455f2f226b70daa7ca9ab52796be1247d677a689
GET /gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 1100
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5909
content-disposition: inline; filename="Rizk_avatar.webp"
etag: "5a37c146-1715"
expires: Mon, 13 Mar 2023 20:31:14 GMT
last-modified: Mon, 18 Dec 2017 13:23:18 GMT
vary: Accept
cf-cache-status: HIT
age: 1043762
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedb0b4f1-OSL
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32025)
Hash 38a76bd9db7bcd61655d35a37046ad1d
b8aef4bba84d71000810736dd76f643a872ee15c
d4e1d1ccb31338384004beeef249ac102cbd298136b26dfe158ecb7bf4f62937
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 26646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1499c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 963986
expires: Sat, 20 Jan 2024 22:46:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcOvyyYquvQu%2Be8v%2FdFrjvthG1p2m0fIHUe8%2Fb%2B2ne5Fh2TrpS8sOQyzwxRkXcwXqomM79qBy2%2BS%2FLUvNnp3C8j0oleOcLbC9MwvPjsqE6536CinQdmtYaBGnvF4v8N9rkO25ZB0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791dbdff2b3a0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
104.18.21.91200 OK 163 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 163 kB (163416 bytes)
Hash fd99cab71c6ba9ffe54779befae48d7c
1c84255a3770befc78081b4ed050a29061517bb8
c950567cfa088b0934dc2462b23334ba5be74a3c75a388b7d03c6262c831a6b7
GET /no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 163416
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=411655
content-disposition: inline; filename="rizk_captains_cashback_insider.webp"
etag: "578ddbe4-64807"
expires: Sun, 15 Jan 2023 17:19:41 GMT
last-modified: Tue, 19 Jul 2016 07:51:00 GMT
vary: Accept
cf-cache-status: HIT
age: 4248484
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedaab4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
104.18.21.91200 OK 174 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 174 kB (174360 bytes)
Hash 723b5a7e7cec506c95f571606f1b6de2
3444eeb2f4b3fea6d959b6a3eea42ee8e783862f
ecbfd5956d791f388ac85fe3411f9cb3ef982bbb3d4b1ad305928b194fc55ece
GET /no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 174360
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=384172
content-disposition: inline; filename="rizk_progressive_jackpot_no.webp"
etag: "579ef777-5dcac"
expires: Sat, 31 Dec 2022 16:27:47 GMT
last-modified: Mon, 01 Aug 2016 07:17:11 GMT
vary: Accept
cf-cache-status: HIT
age: 3986341
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeeda8b4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg
104.18.21.91200 OK 242 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 242 kB (241870 bytes)
Hash 4fb86378cf3ab83690aff25e4bcd84d8
09118e6252fe712f6841888008e11f9533544cf2
b7650624b1e7314d79f112351a8180776b6b2375443901135f01e92f9a60383b
GET /no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 241870
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=412787
content-disposition: inline; filename="rizk_zero2hero.webp"
etag: "57ad98e4-64c73"
expires: Mon, 13 Mar 2023 13:06:44 GMT
last-modified: Fri, 12 Aug 2016 09:37:40 GMT
vary: Accept
cf-cache-status: HIT
age: 1315108
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeeda7b4f1-OSL
X-Firefox-Spdy: h2
record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w8vg8mhdk2j1fe9m2dsagkdu
104.18.189.136301 Moved Permanently 130 kB URL HTTP/2 record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w8vg8mhdk2j1fe9m2dsagkdu
IP 104.18.189.136:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 130 kB (130425 bytes)
Hash 794572b9bff04e9c10cd69d8edbd3355
c9dbef9c4e0eabb549c756b63f711c866ba08995
230a06f7ebfa76f4c7b52f4ec0e3e42dacf8ae62362b632f4d88c4715f22f8cc
GET /_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w8vg8mhdk2j1fe9m2dsagkdu HTTP/1.1
Host: record.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://iuyuyt.3bb94.ij.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 30 Jan 2023 22:46:10 GMT
content-type: text/html; charset=utf-8
location: https://rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
cache-control: private, no-cache, must-revalidate, Cache-Control: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
set-cookie: VID1=KiwzPFktUyhYLSNEVixQYGAKYAo%3D; expires=Tue, 30-Jan-2024 22:46:10 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; expires=Tue, 30-Jan-2024 22:46:10 GMT; Max-Age=31536000; path=/; domain=.rizk.com; secure; HttpOnly; SameSite=None
PartnerId=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; expires=Wed, 01-Mar-2023 22:46:10 GMT; Max-Age=2592000; path=/; SameSite=Lax
marketingproduct=Casino; expires=Wed, 01-Mar-2023 22:46:10 GMT; Max-Age=2592000; path=/; domain=.rizk.com; SameSite=Lax
vary: Accept-Encoding
server: cloudflare
cf-ray: 791dbdfacd34b4e8-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
104 kB URL insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
IP :0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 104 kB (104549 bytes)
Hash 034cc3ec5138ace96420bf5f92da763a
9a6a6cd46ed8c2855eced3a29bac948a96197d8c
4326a495eaf2973adf16b37976efe685ba6818c07f0e041b12a9ed2f81a7a687
GET /no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
104.18.21.91200 OK 117 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 117 kB (116891 bytes)
Hash 57d4e12acdf47787731bc06c9fd6112e
1cc607aba15378b7709324e209159b2057ae2066
530c063437bc59d01e044f2cbbd0ccf9e3ae47598818e1be7b8affa1cfa03577
GET /no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 116891
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=118194, status=webp_bigger
etag: "6318b35c-1cdb2"
expires: Mon, 20 Feb 2023 20:17:59 GMT
last-modified: Wed, 07 Sep 2022 15:06:04 GMT
cf-cache-status: HIT
age: 1043761
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedbbb4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
104.18.21.91200 OK 105 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 105 kB (104910 bytes)
Hash 68ef88c9f828a10d55a04133fe5658f3
1aac5886a146873fb39bacf53f76fd55c448bcae
8493ade7db211441aa7cee1689b27b1e5c084ec1a22898ce0443229d186d60e3
GET /no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 104910
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=109099, status=webp_bigger
etag: "56a8a1f4-1aa2b"
expires: Mon, 13 Feb 2023 21:05:54 GMT
last-modified: Wed, 27 Jan 2016 10:54:44 GMT
cf-cache-status: HIT
age: 1174758
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfefdceb4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
104.18.21.91200 OK 200 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 200 kB (199509 bytes)
Hash b57e8271b267921cf7faa4db4d13c313
2f72cbdc71ad2376390a369a7459c2af19cdd3ab
1a2a86f45d3128fcc9b11912f20bf92ce49b2c502dfa996e2133120360678090
GET /no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 199509
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=209043, status=webp_bigger
etag: "5742ff10-33093"
expires: Mon, 13 Mar 2023 04:37:11 GMT
last-modified: Mon, 23 May 2016 13:01:04 GMT
cf-cache-status: HIT
age: 1174758
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeeda9b4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg
104.18.21.91200 OK 178 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 178 kB (178130 bytes)
Hash ea632bbffee05d4ab2c11c1bd0cf156c
1b9b16716f21ed62d448bb5fabdcfe6870510654
8df9b085cc67bb8a10e9de2a1c2cc2dcee36f2c6539a4b2a0b401de9160c7f04
GET /no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 178130
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=186454, status=webp_bigger
etag: "63cead1e-2d856"
expires: Sat, 25 Mar 2023 15:27:38 GMT
last-modified: Mon, 23 Jan 2023 15:51:58 GMT
cf-cache-status: HIT
age: 544713
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedb6b4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg
104.18.21.91200 OK 211 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1031x580, components 3\012- data
Size 211 kB (210675 bytes)
Hash 0275594aa0da61a963b34c14cba7cda2
90ba5e1fc41183812108f7cdee35057e7d8d73ff
9a3c6eaedf96f97bf55bec6950624f26e9e07d49158f24f3e221a400f60ac8db
GET /no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 210675
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=219775, status=webp_bigger
etag: "5ee086d3-35a7f"
expires: Mon, 13 Mar 2023 13:06:43 GMT
last-modified: Wed, 10 Jun 2020 07:08:03 GMT
cf-cache-status: HIT
age: 1013913
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedb2b4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/RZ-CashDrop-Kalamba-Games-Promo-NO-1030x580.jpg
104.18.21.91200 OK 178 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/RZ-CashDrop-Kalamba-Games-Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 178 kB (178222 bytes)
Hash 6ae6be5cd2c1f0fb8080255588009745
aaf233663bd7100a662a519e96e451d426c9df24
1919fbf2d86d19b60bbf054dbfdaa281152643f6c1531ed3e582322a2aa8284a
GET /no/wp-content/uploads/sites/5/2023/01/RZ-CashDrop-Kalamba-Games-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 178222
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=185818, status=webp_bigger
etag: "63c95719-2d5da"
expires: Sat, 25 Mar 2023 15:27:39 GMT
last-modified: Thu, 19 Jan 2023 14:43:37 GMT
cf-cache-status: HIT
age: 544712
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedbab4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg
104.18.21.91200 OK 150 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 150 kB (149799 bytes)
Hash 9ebb7e0f0f489d3d8a3745f8febb5b15
ea1c8f36a0edf023eb6d39817b7df092f9f54763
dd1b3a8795857591e492cd5510da49c929e3e0e3ae5168b391a00628867f7cff
GET /no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 149799
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=155887, status=webp_bigger
etag: "620227ed-260ef"
expires: Sat, 18 Feb 2023 20:35:22 GMT
last-modified: Tue, 08 Feb 2022 08:21:01 GMT
cf-cache-status: HIT
age: 1174758
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedc6b4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg
104.18.21.91200 OK 202 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 202 kB (201797 bytes)
Hash 6b236304b4d875c745e572e9fbda254e
c584e908e55b7caa2135ebf25022804e7d1ef0db
e9dbf688fabc7b3452affa6d60690e2ac75536299300fbf5cdd5944e55bf16cb
GET /no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 201797
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=211099, status=webp_bigger
etag: "63c80b0e-3389b"
expires: Fri, 24 Mar 2023 09:03:35 GMT
last-modified: Wed, 18 Jan 2023 15:06:54 GMT
cf-cache-status: HIT
age: 654156
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedb9b4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg
104.18.21.91200 OK 194 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 194 kB (194157 bytes)
Hash 1cca37417fe863df82c0319381e01e1f
f8b0a8aab239568c0db450be1d6d7b445529e436
694d7c5a7ba696111b5c0db984c9f9121b97c2a1a4f37520bcd6a597252dacd7
GET /no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 194157
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=203250, status=webp_bigger
etag: "6202912a-319f2"
expires: Thu, 16 Feb 2023 17:29:48 GMT
last-modified: Tue, 08 Feb 2022 15:50:02 GMT
cf-cache-status: HIT
age: 2609923
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfefdcbb4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg
104.18.21.91200 OK 279 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 279 kB (278858 bytes)
Hash e9e7535c065a438e4407b2d809511c54
c2c73ee585d77fa4e7e98072073c82e6a3a8199e
f5d32d6e179b67997a72382818a95893217a5d8414679cac7e57f5976c568691
GET /no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 278858
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=322951
content-disposition: inline; filename="Insider-and-Email-1080x450.webp"
etag: "59524281-4ed87"
expires: Mon, 30 Jan 2023 10:33:34 GMT
last-modified: Tue, 27 Jun 2017 11:33:21 GMT
vary: Accept
cf-cache-status: HIT
age: 4248485
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdffdefcb4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg
104.18.21.91200 OK 94 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b99510dc64dceb3317011b5a1dd14066
da97fa0b25758d0d5f35d762bb6e74665e4f4d50
0625ba3c4b37dbd008551eb7e6652a350735305fcf02f24ac2b57ec717f7a403
GET /no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 93626
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=122140
content-disposition: inline; filename="10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.webp"
etag: "5b962484-1dd1c"
expires: Mon, 13 Mar 2023 13:06:43 GMT
last-modified: Mon, 10 Sep 2018 08:00:04 GMT
vary: Accept
cf-cache-status: HIT
age: 1569420
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdffdefab4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
104.18.21.91200 OK 224 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 224 kB (223961 bytes)
Hash 06de96686a021bd5896038a67d8aa373
b6b2e5765cf5696bcd397e1b30fdc195011a40ba
684097549048af5e181aa8d430f60828a9dfb9067444dfa038a5555f1a1e991f
GET /no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 223961
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=233162, status=webp_bigger
etag: "5aeaee7e-38eca"
expires: Mon, 27 Feb 2023 05:37:28 GMT
last-modified: Thu, 03 May 2018 11:11:58 GMT
cf-cache-status: HIT
age: 1174761
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdffdef9b4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
104.18.21.91200 OK 99 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Hash fc9c3d854084e790e9ceba940b916906
bbe5ab038437a76672dc65c87fcfd4d4a8f1033d
fe129e245e6ef9f8258b84ce83141faa532e5a2e81ed96065aaf7dbdfeee2db9
GET /no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 99225
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=103824, status=webp_bigger
etag: "56795660-19590"
expires: Mon, 02 Jan 2023 08:52:09 GMT
last-modified: Tue, 22 Dec 2015 13:55:44 GMT
cf-cache-status: HIT
age: 5002553
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdffdef6b4f1-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg
104.18.21.91200 OK 236 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 236 kB (236534 bytes)
Hash fe1f908a1ea3ad74d7580a4bb10732cc
e563c2ad2593b1fd0ab914c6c06686efc9bd4a72
16e4a3f6178cbac41c7010999daf2c62184fa06a7c02605cdaa75ea6cbfd74f0
GET /no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/jpeg
content-length: 236534
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=247916, status=webp_bigger
etag: "59e9e8f9-3c86c"
expires: Mon, 27 Feb 2023 05:37:29 GMT
last-modified: Fri, 20 Oct 2017 12:15:53 GMT
cf-cache-status: HIT
age: 2609916
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdffdefbb4f1-OSL
X-Firefox-Spdy: h2
use.typekit.net/jdw0csx.js
23.36.76.186200 OK 7.2 kB URL HTTP/2 use.typekit.net/jdw0csx.js
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (6501)
Hash 28429e05f83935c1fb93424ad783e8bb
36b7dd84e6948af59b101520baf8bf2838f6eb3c
6751313549b4090109dfebcaaf8c6512e50fb67c49bafb7542e7e5ebd752e75b
GET /jdw0csx.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 7248
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json
104.16.148.64200 OK 3.2 kB URL HTTP/2 cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (11675), with no line terminators
Hash 3b79a686818167922dfc6b001661b55a
94ea66c1b67195bb514427755595d985ad7319e8
985adf2ba0d8757e25ee00eb414c5809e7a3b8e1a802524f0ec182f245712c8c
GET /consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/x-javascript
content-length: 3159
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: O3mmhoGBZ5It/GsAFmG1Wg==
last-modified: Thu, 11 Aug 2022 10:39:48 GMT
etag: 0x8DA7B85D034938C
x-ms-request-id: 0a85c945-401e-0138-387c-addfea000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 363
expires: Tue, 31 Jan 2023 22:46:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791dbe0069b9fab4-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 16 kB URL HTTP/2 use.typekit.net/af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16488, version 1.0\012- data
Hash 77ee853d54976f653eae7f9bf3756b81
14479919cb6c4795e9681b0116d9b45878e59a27
a3824d6f1e6f3aaa29342418aa60106500897804becaa0305d29e6328c4fe999
GET /af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16488
etag: "4d3b0c26b9e19a72e0c7ed499882c33f6eb1f980"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: sOQQtBZBGW4grpdJZkhuDA==, MvskAWoTx95/w9xlk4ja1w==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 28236, version 1.0\012- data
Hash 4b65d6cda48fa321ba802818f81ba7e5
fe1c677b815b4cb9eeb861916acc1c7155aa5760
5ba8e72d5af3c0cc39c4e804d2ed9478399ff2af3697707c30bd929613c2c2b5
GET /af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 28236
etag: "0e16f9f570445a3af398ac3254132299060fa940"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
rizk.com/assets/css/base.css?1675118770
104.18.21.91200 OK 95 kB URL HTTP/2 rizk.com/assets/css/base.css?1675118770
IP 104.18.21.91:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 315ceb14c1527210b793ec32a4a0bf58
3add66c7bc2c05aa610ba19d3de636430ef7ca4b
01b05641aba1ec0103e955300077d06b1b9023d1aaecd677a8d97798cbd3970e
GET /assets/css/base.css?1675118770 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: text/css
last-modified: Thu, 26 Jan 2023 12:38:44 GMT
etag: W/"63d27454-5026a"
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfead66b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 26936, version 1.0\012- data
Hash f12d00a94108d5711ea7d06f09e5c68d
ea0d3da174d13daa20a5a874dd9e2f505a407f9e
cc2543e733021a267b439eb74704905ef328ce55a7ca95aed93e7193b930fe01
GET /af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26936
etag: "fe7fdcb6d53c12b4d0552a6bc637b554f3517dd0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: 8gqwq4IzJl07NBWNV5EMWA==, dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23872, version 1.0\012- data
Hash a27b9659dc0abd423cf8ef68b3b5f090
c6e53b9fa38a64f79de589330ada752e508e1d79
8856e4523739253fa932474ea1297a4bde5154aba949eb0bf526e33a416f80ef
GET /af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23872
etag: "3e9f0bc1bba61dac43bde99f04314859477ffd8d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
rizk.com/assets/images/04532da6-menu-icons-s.png
104.18.21.91200 OK 6.1 kB URL HTTP/2 rizk.com/assets/images/04532da6-menu-icons-s.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 42207df0d63f162c0e4628718aa606e1
f692963891ed031073bdcb796b9a7d8e67e454ea
d3ecbd89b841f3c0873ea22ffb3fc87b270ac5176cb2abc734874cf6441adba4
GET /assets/images/04532da6-menu-icons-s.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675118770
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 6130
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=11277
content-disposition: inline; filename="04532da6-menu-icons-s.webp"
etag: "637614c1-2c0d"
expires: Sat, 21 Jan 2023 21:30:52 GMT
last-modified: Thu, 17 Nov 2022 11:02:25 GMT
vary: Accept
cf-cache-status: HIT
age: 4324088
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe013836b4f1-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-no-tm.svg
104.18.21.91200 OK 121 kB URL HTTP/2 rizk.com/assets/img/rizk-logo-no-tm.svg
IP 104.18.21.91:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1498)
Size 121 kB (120735 bytes)
Hash fb28328352481dbd958047a1eec4ae8b
6210f133470809e0d5f2e5e85312b2ed8c0f1f97
8e57a3a46151024344114e478b1a3c4d8af2a97e22696abfdbcfff2989ea1af7
GET /assets/img/rizk-logo-no-tm.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:10 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 10:59:52 GMT
etag: W/"63761428-5db"
expires: Tue, 17 Jan 2023 07:13:47 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 5012993
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfead72b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.typekit.net/af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 141 kB URL HTTP/2 use.typekit.net/af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 140860, version 1.0\012- data
Size 141 kB (140860 bytes)
Hash 6bfaf65a2c550ba5bfe4af17a108b036
f580547cca47791a9bc16d97d3b1a6d9ba7ff1ee
d872a3dcfd2d278eee0ed07ce8ceecff0c5ee30cef33aa92a1224bda28888dec
GET /af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 140860
etag: "bf19a0104a0de96dfd0edb2276eadec4d02bf248"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27036, version 1.0\012- data
Hash 4b420ce7adfa2d14176827c218589866
c1207ab86cedc1b975be5c32b9d4f795facf1c86
02e354581457b68fd0f38d82f91fc66da60f461348815a478ee777b8e59317f6
GET /af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27036
etag: "aeb323a44d7429e94b480beeda936a742b20393f"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/locale-flags-small.png
104.18.21.91200 OK 6.9 kB URL HTTP/2 rizk.com/assets/img/flags/locale-flags-small.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cbf69efd1161ae68af7c62a9ed5aedda
e52470c459f19223c367a6b8f0139b6869babb97
027c3e30e700f7cadb699b50f16e55638f0c5b8e80a6bcd47b4f44924d808868
GET /assets/img/flags/locale-flags-small.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675118770
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 6942
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=16785
content-disposition: inline; filename="locale-flags-small.webp"
etag: "6388832c-4191"
expires: Tue, 31 Jan 2023 05:59:27 GMT
last-modified: Thu, 01 Dec 2022 10:34:20 GMT
vary: Accept
cf-cache-status: HIT
age: 4687851
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe015866b4f1-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 121 kB URL HTTP/2 use.typekit.net/af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 121276, version 1.0\012- data
Size 121 kB (121276 bytes)
Hash 93a15a2450f801f4a3fe29b883366d36
3b1b4a1e3b64de56da974d3b2d40c1072d33d746
980203ee1e65591546aa6e163eea6f6e0bffdf15a4a8c442ac5ea6b4bbdd1be5
GET /af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 121276
etag: "db81c212189c4bd156df357725724066ea88d6f4"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/flag-is.png
104.18.21.91200 OK 142 B URL HTTP/2 rizk.com/assets/img/flags/flag-is.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6d73273e182c35e4f0afd10e5409b46e
0d5a7ec0c80536576e3cfb14092dc96804771aef
d972ebf138951eb06a75652b04a37d1e00e588a620b215af0073ee258b360f8b
GET /assets/img/flags/flag-is.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675118770
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 142
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=776
content-disposition: inline; filename="flag-is.webp"
etag: "63b6a805-308"
expires: Tue, 07 Mar 2023 21:06:33 GMT
last-modified: Thu, 05 Jan 2023 10:35:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1751786
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe015868b4f1-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 141 kB URL HTTP/2 use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 141220, version 1.0\012- data
Size 141 kB (141220 bytes)
Hash 9f122ab64b701b87597137ad1fa662b4
c4fee49ffd9edf8123742b60f0aa0a905f2e96b9
e1506e1413472be6886a35777303ede29d4a113f2dbc71af9806395e47de87e7
GET /af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 141220
etag: "9c467641a743d4e8fda4fd28f2eebdc227275260"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 25 kB URL HTTP/2 use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24944, version 1.0\012- data
Hash 4db1a622a8ec326f0b65e39dd2147c3c
6f554080b360e101d1c4c0872559a5770620eb99
125ac250cf3b6bf24697c353ee5db63ffd8eecef03ddf43ed1ade4450ae5d11e
GET /af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24944
etag: "b1fff3be18990092dac37cd165ff020dcdec4dcd"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/Hjelpelinjen.png
104.18.21.91200 OK 26 kB URL HTTP/2 rizk.com/assets/img/footer/Hjelpelinjen.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2600acad4fa18b407caa42d12eceef0f
809b9de6ef5c469787ca4a199f737ec0e8d73db5
b5e78ae78e39f47d3acae58ce941aa17ec4620957654948039793460256d03f2
GET /assets/img/footer/Hjelpelinjen.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675118770
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 25908
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=61976
content-disposition: inline; filename="Hjelpelinjen.webp"
etag: "63d27455-f218"
expires: Wed, 29 Mar 2023 07:10:58 GMT
last-modified: Thu, 26 Jan 2023 12:38:45 GMT
vary: Accept
cf-cache-status: HIT
age: 16116
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe016875b4f1-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24416, version 1.0\012- data
Hash 942518d5490873c5b04873d49668920d
567714dda462382b7f8744a2ef5fed11e095ff8d
1e7e73097a1cb1eb21133807422bbecd3f09a91d8f3fc4e6dbe9a654496b64ea
GET /af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24416
etag: "362038376e4edfd49eadab55e78eb8c8fad75576"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/ecogra.png
104.18.21.91200 OK 28 kB URL HTTP/2 rizk.com/assets/img/footer/ecogra.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 30ffda9881d8c1c2ccb46ff7b2ea50af
e19a29ba3abddb9beff5b09ef264ca81e9b41290
a972cf53714ef5e43e6bda7b67348f3680f9d3810841ac63a061a91ae2430b8d
GET /assets/img/footer/ecogra.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675118770
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 27890
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=80752
content-disposition: inline; filename="ecogra.webp"
etag: "63bfd1ff-13b70"
expires: Mon, 13 Mar 2023 17:26:51 GMT
last-modified: Thu, 12 Jan 2023 09:25:19 GMT
vary: Accept
cf-cache-status: HIT
age: 1573943
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe016876b4f1-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27328, version 1.0\012- data
Hash fe70ae94ddc6f65b13db6a45e89352ae
8d413902aaba44dd5ce275bd78ad959e8de5ece1
007a6041b879f4840186d37bf62cb24354dc0257b1ce663d315c8778e9746fc4
GET /af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27328
etag: "1f5ee00caffae153bc4e97ee7fc744982328dae1"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos3.png
104.18.21.91200 OK 30 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos3.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 91f88b0da0473fbd507dcd1a759533af
36133c385d1c171958c5a5fc60ef1f5d12237e30
b75061abacce30de1bddabb464f7ca044dba230382cd1323f59079c8d0cdc260
GET /assets/img/footer/footer-logos3.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675118770
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 30078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=63052
content-disposition: inline; filename="footer-logos3.webp"
etag: "639b02c9-f64c"
expires: Mon, 13 Feb 2023 19:41:30 GMT
last-modified: Thu, 15 Dec 2022 11:19:37 GMT
vary: Accept
cf-cache-status: HIT
age: 3734062
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe016878b4f1-OSL
X-Firefox-Spdy: h2
rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.18.21.91200 OK 27 kB URL HTTP/2 rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.18.21.91:0
Hash 92fb2e8bff617d0e74bd186b740d6939
65e915fce8e1a0341d1c72ae5c03bad052e29e29
72cdcb7e8a95ccb2f0d00da96b35187cef1fe42bc134cdb399aa0d3fe7ddcef8
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-4d7"
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfecd8eb4f1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 01 Feb 2023 22:46:11 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 16 kB URL HTTP/2 use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16028, version 1.0\012- data
Hash 0dd4d271ed7ee5c0273e79583ddf8d3e
796801d9390b8253bc98890f8ed5430f58967874
dda79dbffad3c2454d4b8f1560f357ecd9879ec9400a8d732cd6943b28572d66
GET /af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16028
etag: "09f0318a3a474a88e125155447b116ce923c5e58"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos-colors8.png
104.18.21.91200 OK 59 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos-colors8.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fe6a3d9473736b893ae03740c16c3028
a5e1f8814aa259b908c7fb8cb78b8fe95f5f5b87
053d5dc7fa0a82552a93b9a4de1be785a3a498efbb1064f0cf91522630870a5c
GET /assets/img/footer/footer-logos-colors8.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675118770
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 59014
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=92815
content-disposition: inline; filename="footer-logos-colors8.webp"
etag: "63d27455-16a8f"
expires: Mon, 27 Mar 2023 12:40:09 GMT
last-modified: Thu, 26 Jan 2023 12:38:45 GMT
vary: Accept
cf-cache-status: HIT
age: 381951
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe016874b4f1-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27684, version 1.0\012- data
Hash 962b0ccdf6555a8b81741bb83f696949
deed4a3bd9835c6fa5fdf47f511874a5f4116b9d
9cfaeffef650a761e27f14dec12810366a0bd679027c13015f95dccf9611e463
GET /af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27684
etag: "e2094b44e42b94d755331c3ee7b8c732b4c5882e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26668, version 1.0\012- data
Hash f3c582e5ca61298fe63dd09a8c9323f0
8561b44c4a4bc035cbf0c533d9bcfb83edc5a8b5
abb1e2fb045dd6b00673ffa1bc1a51b754e05691c69aa54d9b712b3ccbb7fc96
GET /af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26668
etag: "116e12f7283140ad38d72901d816fba7ce41690e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: PuT1oxgzAM/a8Zag57qtsg==, dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27716, version 1.0\012- data
Hash aae09c973c0e8c1a2ece8d4922e4c72b
d35720d96434aeb1ce0be89a1e817bdd94774a09
07919fde0a59ac04f7fafd0e4a2c510822688affe0e011c996aff25025c7bc7f
GET /af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27716
etag: "8c57889473eaf8566c3bde8fd1b284dadb35fe4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
rizk.com/assets/fonts/rizk-icons-font.ttf
104.18.21.91200 OK 7.3 kB URL HTTP/2 rizk.com/assets/fonts/rizk-icons-font.ttf
IP 104.18.21.91:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash e430bba6922f67c139ea3cc3da148146
1403eafe8c68c8822be1253dda00fe96c368d628
0b0beeeb28012258a5016cb95f982a34d443ecd1fae612d579ea5a37d2f085ad
GET /assets/fonts/rizk-icons-font.ttf HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675118770
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/octet-stream
content-length: 7264
last-modified: Thu, 20 Oct 2022 08:06:56 GMT
etag: "635101a0-1c60"
expires: Tue, 20 Dec 2022 05:33:18 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 5012613
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe01c8d2b4f1-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/favicon/android-icon-192x192.png
104.18.21.91200 OK 3.1 kB URL HTTP/2 rizk.com/assets/img/favicon/android-icon-192x192.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 314c2b722ec91013441562d73c4d8fb3
f7dbb17a8708cb7801ae1e4d449389ec10e7dc81
baced404c8a57e0d0d4f17d00a2850352b98e90a343681b1fea15f263385c82a
GET /assets/img/favicon/android-icon-192x192.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 3082
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=4135
content-disposition: inline; filename="android-icon-192x192.webp"
etag: "63c9889b-1027"
expires: Mon, 20 Mar 2023 22:54:10 GMT
last-modified: Thu, 19 Jan 2023 18:14:51 GMT
vary: Accept
cf-cache-status: HIT
age: 347591
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe020912b4f1-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/favicon/favicon-16x16.png
104.18.21.91200 OK 352 B URL HTTP/2 rizk.com/assets/img/favicon/favicon-16x16.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 25a53aaffe9a3246411deb3361d57d32
1d5249c888910c27a6125c0d92dd60d2377738c0
9ca4b1fb97777d6c5b3fbe165f2734e3b38525d586828c526ad7bfa91bab2238
GET /assets/img/favicon/favicon-16x16.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 352
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=571
content-disposition: inline; filename="favicon-16x16.webp"
etag: "63c9889b-23b"
expires: Mon, 27 Mar 2023 06:07:09 GMT
last-modified: Thu, 19 Jan 2023 18:14:51 GMT
vary: Accept
cf-cache-status: HIT
age: 346127
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe020917b4f1-OSL
X-Firefox-Spdy: h2
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js
54.230.245.117200 OK 27 kB URL HTTP/1.1 d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js
IP 54.230.245.117:0
File type ASCII text, with very long lines (32806)
Hash fa979f12aafaca9dfc3c01fdb35f2c8a
b2e14da49f38a08294f14376d61dc9b011727f6b
88f23962aff99d99d3d6603b7cc1e6bea1bc37b56c49f1db68f62b19a51f15f5
GET /integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js HTTP/1.1
Host: d2yyd1h5u9mauk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 30 Jan 2023 22:44:54 GMT
Status: 200 OK
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-UA-Compatible: IE=Edge,chrome=1
Cache-Control: max-age=120, public
Content-Security-Policy: default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://*.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://*.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://*.quora.com https://*.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
X-Request-Id: 8a3940fe95296a9bab70382cdf96d53e
X-Runtime: 0.057962
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Wd0e3QW6p0njYJtrit8PRpzIyu9djq2sFQ1EVeqStSe1MQ56Ilmr_g==
Age: 77
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ac76de4cf388d2354bafbf6742323867
addb6da20838ab09fff190b1141cb0704b851cc3
c091eff2434fab97a511e903b0909e1381426c59bf335dc316951ed4ffd39835
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4177
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:11 GMT
Last-Modified: Mon, 30 Jan 2023 21:36:34 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
p.typekit.net/p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1675118785642
95.101.11.112200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1675118785642
IP 95.101.11.112:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1675118785642 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
date: Mon, 30 Jan 2023 22:46:11 GMT
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.26.85200 OK 90 kB URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.26.85:0
File type JSON data\012- , ASCII text, with very long lines (65396)
Hash db41ab89c8db5c138b3a7a1bec24f5d1
a0f00c6922ff7117f2f5b22de75a621dbc934845
99edeea1a3c2558b6ac241cc9bae59c2c8c8d2f925fe1b3dfd872cfc31953db4
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791dbe037a30b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
rizk.com/serviceWorker.js
104.18.21.91200 OK 762 B URL HTTP/2 rizk.com/serviceWorker.js
IP 104.18.21.91:0
Hash 64302eb72bff091f5b852937cff0de65
ae1e14d47a4ddb268f52892f95ed62efc750775b
e4be63db2de762c75498881a0ec53ab4e80de2aa85d0ae3c6cdae99ac88c7d97
GET /serviceWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/OneSignalSDKWorker.js
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:30 GMT
etag: W/"63d27446-4e5"
cf-cache-status: HIT
age: 6696
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe041b16b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json
104.16.148.64200 OK 18 kB URL HTTP/2 cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json
IP 104.16.148.64:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65222), with no line terminators
Hash 52edc17dd959eec04919e5f8f7366ebd
b0afc9516325109205e3b7a7656c990ac3ce23f7
f101a7d16badd7407e56c6ecdb70a97147abd8e652d9ec80164cb449f225f8d8
GET /consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/x-javascript
content-length: 17666
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: Uu3BfdlZ7sBJGeX49zZuvQ==
last-modified: Thu, 11 Aug 2022 10:56:24 GMT
etag: 0x8DA7B8822255DC0
x-ms-request-id: a06e6807-601e-0142-288a-adb5a7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 72654
expires: Tue, 31 Jan 2023 22:46:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791dbe043ba7fab4-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
104.16.148.64200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (11118)
Hash 5f1f3dee54d56068cc422c2e182af30c
307e86761b9ecbc0262af0358acfc0e0b95e7ea5
482ea2a9ca60ee6292211fcbfb5ea4b28ef501cd7be34899a43384c8f9a113e8
GET /scripttemplates/6.39.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/json
content-length: 3007
content-encoding: gzip
content-md5: Xx897lTVYGjMQiwuGCrzDA==
last-modified: Fri, 26 Aug 2022 16:30:55 GMT
etag: 0x8DA87805972EF22
x-ms-request-id: 77d93883-701e-0112-6b8a-b9aaaf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 73518
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791dbe046bdbfab4-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b48e97dc2f5267cb927615ef17b44fa9
cd05f89ca8d8e0b0f328eca58230499e39160d11
23beba8486f22fc11331d5605c704a08a26b704db8041f6316c8ea5bdb99ce02
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4806
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:11 GMT
Last-Modified: Mon, 30 Jan 2023 21:26:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
104.16.148.64200 OK 14 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (51738)
Hash 3e961eb7fdc3f94310047addd52478f7
e653b0a0929096e9aaf34772f5839c6fc3f4da49
221064afa3bffb58aff4d7a036a9f5196c60ff0077e23453ca2aa7a1019be47a
GET /scripttemplates/6.39.0/assets/v2/otPcTab.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/json
content-length: 13981
content-encoding: gzip
content-md5: PpYet/3D+UMQBHrd1SR49w==
last-modified: Fri, 26 Aug 2022 16:30:58 GMT
etag: 0x8DA87805B3CBC97
x-ms-request-id: 8ef1e9a6-d01e-0150-2d8a-b981bb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 64242
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791dbe046be0fab4-OSL
X-Firefox-Spdy: h2
rizk.com/assets/js/mustache.b0b33cad.js
104.18.21.91200 OK 6.8 kB URL HTTP/2 rizk.com/assets/js/mustache.b0b33cad.js
IP 104.18.21.91:0
File type ASCII text, with very long lines (6027)
Hash 2bb3450008a0c3619ca86fae812c1416
4528de92ee2808744ea833aed4fc5fcc665e2c4a
ae9d7f1e53237a08d79827a507f4d70f1da933c21d434880d04d1c54ed3fe28d
GET /assets/js/mustache.b0b33cad.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Mon+Jan+30+2023+22%3A46%3A25+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-186c"
cf-cache-status: HIT
age: 3838
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe04ab93b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
104.16.148.64200 OK 4.9 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
IP 104.16.148.64:0
Hash 5bd3cc178598d983b3d362550be6ccc5
ad96cd3d1f848a8bbb2b630055762d36035622fa
1f89ef597253d424bc522fcb2b2c30fd74dd1d01fe273171eef91cfc511d61ff
GET /scripttemplates/6.39.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: text/css
content-md5: B55i3ZY9miZIaUrwjufy0w==
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
x-ms-request-id: b3ac1c65-001e-0030-378a-b982cc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 72304
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791dbe046be2fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDKWorker.js?v=151514
104.18.225.52200 OK 141 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDKWorker.js?v=151514
IP 104.18.225.52:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size 141 kB (140582 bytes)
Hash fda8d572460246ad464181086cf9b957
a639c047c761c1166286ce471451359b388fb258
5fd93319267d360a30cdd9713722288b70c810b099e8c0bf4a443baa4fa58e80
GET /sdks/OneSignalSDKWorker.js?v=151514 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript
etag: W/"2c6db169c2c60079c09fc4c994322b13"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3169
expires: Thu, 02 Feb 2023 22:46:11 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 791dbe04881bb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b4e773a5c215a1e17ea4d46650de48e6
3f0a7c4fda40d210b4be2faf12ba15049593f452
af6bd8ef4fca1b739b705980ada4045ef39eede15f0d84c13e7f9db7ac38ea23
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "AF6BD8EF4FCA1B739B705980ADA4045EF39EEDE15F0D84C13E7F9DB7AC38EA23"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1514
Expires: Mon, 30 Jan 2023 23:11:26 GMT
Date: Mon, 30 Jan 2023 22:46:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d980cf907bc8e57e309b1c59786f9318
b654c87c814a1162ef739e272c77f80fa856fee2
7d674f206f3d6657c0398201499e2be1db5a3696124f49471a34072dd781f402
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3192
Cache-Control: max-age=141953
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:12 GMT
Etag: "63d7c3bd-117"
Expires: Wed, 01 Feb 2023 14:12:05 GMT
Last-Modified: Mon, 30 Jan 2023 13:18:53 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb5602fc6e47675f4981dccd26dda23f
d1184793bb8a7b987f22652ba69b5f4da70d60f8
8bd15ca82475d97a03cfe641a7ba01a751897ecf3ef7653acabb2d91d015edf5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4833
Cache-Control: max-age=166973
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:12 GMT
Etag: "63d81f10-1d7"
Expires: Wed, 01 Feb 2023 21:09:05 GMT
Last-Modified: Mon, 30 Jan 2023 19:48:32 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b4e773a5c215a1e17ea4d46650de48e6
3f0a7c4fda40d210b4be2faf12ba15049593f452
af6bd8ef4fca1b739b705980ada4045ef39eede15f0d84c13e7f9db7ac38ea23
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "AF6BD8EF4FCA1B739B705980ADA4045EF39EEDE15F0D84C13E7F9DB7AC38EA23"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18962
Expires: Tue, 31 Jan 2023 04:02:14 GMT
Date: Mon, 30 Jan 2023 22:46:12 GMT
Connection: keep-alive
cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
104.16.148.64200 OK 15 kB URL HTTP/2 cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
IP 104.16.148.64:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (33921), with no line terminators
Hash 3581a7922a9a028d129c0e6e95c1ea56
d0d8524388b763c0621743c612cf0a4111aa95a4
826c808034f990cfa22da776102d019f50babdd0721ece533abb44c1841ee4bb
GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/svg+xml
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Fri, 27 Jan 2023 07:38:17 GMT
x-ms-request-id: b23dbcb2-c01e-0166-0fa4-322ce9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2253
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791dbe04cc82b518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
37.157.5.142302 Found 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
IP 37.157.5.142:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving/cookie/match?party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 22:46:12 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Tue, 28 Feb 2023 22:46:12 GMT; domain=adform.net; path=/
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 50a816a51926b12abc7d4af90f28be23
0f114068ff58dccef302e2cbb6737de5a59b6c69
73f9988310705d435ff334e8e39ae56462958185c3a1e56d9c7a51d44e460d41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5305
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:12 GMT
Last-Modified: Mon, 30 Jan 2023 21:17:47 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 9fac0f48aede4059968802dc1a770c5d
6e4e1597f350da2ad29e936626272b213231a132
c000366db3e6010d1c82c2e16ea4f830242c8ef6a361003d7a9953867f8d8242
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144174
Date: Mon, 30 Jan 2023 22:46:12 GMT
Etag: "63d7cad3-1d7"
Expires: Wed, 01 Feb 2023 14:49:06 GMT
Last-Modified: Mon, 30 Jan 2023 13:49:07 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y-hMYA8hBpFLFQISASdCZJqSQyN83C1decixB38vDfXxXjqSixxifw==
Age: 3599
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ff12cf926ef93df2f290efcca22f98
f8afd7282f24c87833557e05e6d2c5b6615662ba
16bef0ec785147ebaf7614145187179dbb441ae00b6c701e427635cfb6f2893b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6537
Cache-Control: max-age=121909
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:12 GMT
Etag: "63d76860-1d7"
Expires: Wed, 01 Feb 2023 08:38:01 GMT
Last-Modified: Mon, 30 Jan 2023 06:49:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ff12cf926ef93df2f290efcca22f98
f8afd7282f24c87833557e05e6d2c5b6615662ba
16bef0ec785147ebaf7614145187179dbb441ae00b6c701e427635cfb6f2893b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6311
Cache-Control: max-age=121683
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:12 GMT
Etag: "63d76860-1d7"
Expires: Wed, 01 Feb 2023 08:34:15 GMT
Last-Modified: Mon, 30 Jan 2023 06:49:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ff12cf926ef93df2f290efcca22f98
f8afd7282f24c87833557e05e6d2c5b6615662ba
16bef0ec785147ebaf7614145187179dbb441ae00b6c701e427635cfb6f2893b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6537
Cache-Control: max-age=121909
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:12 GMT
Etag: "63d76860-1d7"
Expires: Wed, 01 Feb 2023 08:38:01 GMT
Last-Modified: Mon, 30 Jan 2023 06:49:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
95.101.10.113200 OK 37 kB URL HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (62459)
Hash d2e8fadea66d50de6764cc8815911655
5219f9385a355cddd3cf5893794e2e3c554ead1c
621097f07e85bf9c2eb4b75eea6664762dfc8e3bc3a7f464aa5055295b7cb80d
GET /dist/tag-manager.js?id=STM-AAAAKR HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: fk5Jnj3hjoEEJbw=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37261
date: Mon, 30 Jan 2023 22:46:12 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=649f5353-9a00-41f2-9130-56d866e64d62&u_sclid=932b676d-cc18-4a2f-ad34-9e350cae42e1
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=649f5353-9a00-41f2-9130-56d866e64d62&u_sclid=932b676d-cc18-4a2f-ad34-9e350cae42e1
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=649f5353-9a00-41f2-9130-56d866e64d62&u_sclid=932b676d-cc18-4a2f-ad34-9e350cae42e1 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:12 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
carma-scripts-cf.s3.amazonaws.com/roi.js
52.219.72.169200 OK 3.7 kB URL HTTP/1.1 carma-scripts-cf.s3.amazonaws.com/roi.js
IP 52.219.72.169:0
File type ASCII text, with CRLF line terminators
Hash 04cb6a245b3c82cab89108b117a879e4
7470d1ea561f19a331558ebc901eb3d214dfbea4
061840fb42ac4bf71ce18b139324b7d4a89ce7bc08cee4696649ea4b892fa8b7
GET /roi.js HTTP/1.1
Host: carma-scripts-cf.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 3nlECoMZRPdAyKiKyPO1CMbjp8Mr5W3isr9ivvHS9+G9nhu8i2Rt27Z5ygXqkVMjHdt5/GhSW3A=
x-amz-request-id: W66BWGES647RDSRR
Date: Mon, 30 Jan 2023 22:46:13 GMT
Last-Modified: Mon, 15 Feb 2021 12:30:52 GMT
ETag: "04cb6a245b3c82cab89108b117a879e4"
x-amz-meta-sha256: 061840fb42ac4bf71ce18b139324b7d4a89ce7bc08cee4696649ea4b892fa8b7
x-amz-meta-s3b-last-modified: 20210215T122739Z
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 3737
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 552
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:12 GMT
access-control-allow-origin: https://rizk.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIRI9vHCQ4BcPbotulkPQQRpADipIkR15XzaPxZlhNmN1sz/puoZUMMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 6
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ff12cf926ef93df2f290efcca22f98
f8afd7282f24c87833557e05e6d2c5b6615662ba
16bef0ec785147ebaf7614145187179dbb441ae00b6c701e427635cfb6f2893b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6311
Cache-Control: max-age=121683
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:12 GMT
Etag: "63d76860-1d7"
Expires: Wed, 01 Feb 2023 08:34:15 GMT
Last-Modified: Mon, 30 Jan 2023 06:49:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
matomo.rizk-dev.com/matomo.php?action_name=rizk.com%2FVelkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&idsite=1&rec=1&r=641165&h=22&m=46&s=26&url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&urlref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&_id=544b8d784e0b5c74&_idn=1&_refts=1675118786&_ref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&send_image=0&cookie=1&res=1280x1024&pv_id=nvzQHn&pf_net=0&pf_srv=102&pf_tfr=2&pf_dm1=573&pf_dm2=282&pf_onl=3
104.18.14.144204 No Content 0 B URL HTTP/2 matomo.rizk-dev.com/matomo.php?action_name=rizk.com%2FVelkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&idsite=1&rec=1&r=641165&h=22&m=46&s=26&url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&urlref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&_id=544b8d784e0b5c74&_idn=1&_refts=1675118786&_ref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&send_image=0&cookie=1&res=1280x1024&pv_id=nvzQHn&pf_net=0&pf_srv=102&pf_tfr=2&pf_dm1=573&pf_dm2=282&pf_onl=3
IP 104.18.14.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=rizk.com%2FVelkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&idsite=1&rec=1&r=641165&h=22&m=46&s=26&url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&urlref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&_id=544b8d784e0b5c74&_idn=1&_refts=1675118786&_ref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&send_image=0&cookie=1&res=1280x1024&pv_id=nvzQHn&pf_net=0&pf_srv=102&pf_tfr=2&pf_dm1=573&pf_dm2=282&pf_onl=3 HTTP/1.1
Host: matomo.rizk-dev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 22:46:12 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.19
access-control-allow-origin: https://rizk.com
access-control-allow-credentials: true
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
x-robots-tag: noindex
server: cloudflare
cf-ray: 791dbe072a320b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist/tracker.js
95.101.10.113200 OK 12 kB URL HTTP/2 tracker.ads.sportradar.com/dist/tracker.js
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (34755)
Hash b34b13d85152f71b7fd15289c78c0583
0bb20191b022bbd0e75f2bbce7f6332886079c2c
7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: XBhX6G_vFHJZXjFrYMKZqrKd15oO9jVyX56t1oi9HjCrK24o-5Hpdg==
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 30 Jan 2023 22:46:12 GMT
content-length: 11553
cache-control: max-age=900, public
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist//sp-2.14.0.js
95.101.10.113200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: XjvIAoKf7ObXYbk36HT8kMqZZVOL1XPW3FwOsaGjXOEKu9QsuI2EEw==
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 30 Jan 2023 22:46:12 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: max-age=117965
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:13 GMT
Etag: "63d75ff3-1d7"
Expires: Wed, 01 Feb 2023 07:32:18 GMT
Last-Modified: Mon, 30 Jan 2023 06:13:07 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 21:46:59 GMT
expires: Mon, 30 Jan 2023 23:46:59 GMT
cache-control: public, max-age=7200
age: 3554
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d4cd884ec88e9f5b1e5bde3675db4193
cb35f237e5f57654a1a506365c0553dcfa5b0fd1
86ab3974dc5ecbfbdab7d65a1ffd0a2b9aa7e8d177a39a048b1b0ddc0ca9ec53
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "86AB3974DC5ECBFBDAB7D65A1FFD0A2B9AA7E8D177A39A048B1B0DDC0CA9EC53"
Last-Modified: Mon, 30 Jan 2023 18:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2122
Expires: Mon, 30 Jan 2023 23:21:35 GMT
Date: Mon, 30 Jan 2023 22:46:13 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d4cd884ec88e9f5b1e5bde3675db4193
cb35f237e5f57654a1a506365c0553dcfa5b0fd1
86ab3974dc5ecbfbdab7d65a1ffd0a2b9aa7e8d177a39a048b1b0ddc0ca9ec53
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "86AB3974DC5ECBFBDAB7D65A1FFD0A2B9AA7E8D177A39A048B1B0DDC0CA9EC53"
Last-Modified: Mon, 30 Jan 2023 18:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2122
Expires: Mon, 30 Jan 2023 23:21:35 GMT
Date: Mon, 30 Jan 2023 22:46:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
acdn.adnxs.com/dmp/up/pixie.js
151.101.1.108200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 151.101.1.108:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3340
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: W/"60b79de0-23b3"
Expires: Mon, 31 Oct 2022 05:58:51 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 30 Jan 2023 22:46:13 GMT
Age: 74105
X-Served-By: cache-lga21930-LGA, cache-bma1667-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 13, 17170
X-Timer: S1675118773.103508,VS0,VE0
Vary: Accept-Encoding
static.hotjar.com/c/hotjar-661774.js?sv=7
54.230.111.113200 OK 5.3 kB URL HTTP/2 static.hotjar.com/c/hotjar-661774.js?sv=7
IP 54.230.111.113:0
File type Unicode text, UTF-8 text, with very long lines (7534)
Hash 513d6aef74c5a458f1904f4314b22f9a
46e92412c3d6aa1d1c8724ec8d9915025a93fd8e
e8545b782593b1a39b5c640e7681e96f80b61d6747308a9be5409462610a5ad0
GET /c/hotjar-661774.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 30 Jan 2023 22:45:52 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/370b69c28ebf9971423634c54abb7e57
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G-laxKTBG-umEXc9BuRpZLWbAz_74Nug1iEXQ180estTMu-nRbCnOQ==
age: 21
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 13ca8cf34579e9ddd8df7c66ab0acc85
baad9dc334cffb5812807e98e60ef2cccd8f73a3
a69d6592687b2d0c373e1022b3ead3341e8c05b65d344dad5b2bded790bd0b22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6182
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:13 GMT
Last-Modified: Mon, 30 Jan 2023 21:03:11 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Q9fL5scNJNRtUbMIsYe/na7efVsLqzxoTqUyNq8dQefDFfuSCFVGHkU7ujJ+59DqfzFlAUZpxXcbDO221LvG6w==
content-length: 27815
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 22:46:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1813820768.1675118786>m=2oe1p0&aip=1&z=2073153760
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1813820768.1675118786>m=2oe1p0&aip=1&z=2073153760
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1813820768.1675118786>m=2oe1p0&aip=1&z=2073153760 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 22:46:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rizk.com/no/user/setOBtag
104.18.21.91200 OK 30 B URL HTTP/2 rizk.com/no/user/setOBtag
IP 104.18.21.91:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 610b7aa8be6ec2bc7548379d64500a86
4d47f0a2fabda6dfe10a10a079b7beccda4fb433
d081d11e6e9f4b0cd7c5acf277ed45779160b4678f7614ecaabc2697d9e0f97d
POST /no/user/setOBtag HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Mon+Jan+30+2023+22%3A46%3A25+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; _gcl_au=1.1.1651559443.1675118786; _pk_ref.1.dd63=%5B%22%22%2C%22%22%2C1675118786%2C%22http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F%22%5D; _pk_id.1.dd63=544b8d784e0b5c74.1675118786.; _pk_ses.1.dd63=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:12 GMT
content-type: application/json
x-powered-by: PHP/7.1.33
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe076e59b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1p0&_p=939468669&_gaz=1&cid=1813820768.1675118786&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675118786&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dr=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_currency=&up.rizk_language=NO&up.rizk_user_id=logged-out
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1p0&_p=939468669&_gaz=1&cid=1813820768.1675118786&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675118786&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dr=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_currency=&up.rizk_language=NO&up.rizk_user_id=logged-out
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1p0&_p=939468669&_gaz=1&cid=1813820768.1675118786&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675118786&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dr=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_currency=&up.rizk_language=NO&up.rizk_user_id=logged-out HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rizk.com
date: Mon, 30 Jan 2023 22:46:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
18.198.46.54302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 18.198.46.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 30 Jan 2023 22:46:13 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=4b4eab09-a8d6-45b2-9e87-be9dd44e83f4; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
c=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/pixel?type=js&aid=1263&id=3422
18.198.46.54302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1263&id=3422
IP 18.198.46.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1263&id=3422 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 30 Jan 2023 22:46:13 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
Set-Cookie: zuuid=85e8ec3e-cbc7-4247-bad5-7c0d533503a9; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
c=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: max-age=117965
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:13 GMT
Etag: "63d75ff3-1d7"
Expires: Wed, 01 Feb 2023 07:32:18 GMT
Last-Modified: Mon, 30 Jan 2023 06:13:07 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
18.198.46.54302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 18.198.46.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Cookie: zuuid=85e8ec3e-cbc7-4247-bad5-7c0d533503a9; c=1675118773; zuuid_lu=1675118773
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 30 Jan 2023 22:46:13 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D85e8ec3e-cbc7-4247-bad5-7c0d533503a9
Set-Cookie: zuuid=85e8ec3e-cbc7-4247-bad5-7c0d533503a9; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
18.198.46.54200 OK 1.5 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
IP 18.198.46.54:0
File type ASCII text, with very long lines (1527), with no line terminators
Hash 498063de89954fc615b057515dd18167
bcd7005016fb7a07b7c3fe5c4d8463d6c58dadfc
cc10d7df701a7b15c14670a0f83806cecf98781e4ef26e3025f55acc79295245
GET /ul_cb/pixel?type=js&aid=1263&id=3422 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Cookie: zuuid=85e8ec3e-cbc7-4247-bad5-7c0d533503a9; c=1675118773; zuuid_lu=1675118773
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Mon, 30 Jan 2023 22:46:13 GMT
Set-Cookie: zuuid=85e8ec3e-cbc7-4247-bad5-7c0d533503a9; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,444447973; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,444375973; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1527
Connection: keep-alive
vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
54.230.111.75200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
IP 54.230.111.75:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 8665e233ef6caaf010ca89793f27b6f8
5c593fa5f33e55b3081308b43e6e801b56c047f7
435a3ca7c1c49cbfac193647d056e46217e5c3f9c65c354974ad7acdfb8925ac
GET /box-2722367854ce9702c28ea74c51e2a23f.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "8665e233ef6caaf010ca89793f27b6f8"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FDE1G6YdgFyA7nNDBa6KdKTc4qhwmJigEBW90UXKZgPrRSntmMCP2w==
age: 24007
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.4b160a4831adaf5337e6.js
54.230.111.73200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.4b160a4831adaf5337e6.js
IP 54.230.111.73:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 3315b6999637291711ab85ba678211fa
d1bba723aa49e6276dfdb0f1313a9bf0b64be153
b3bd4f702044ae91c9227ce2d5c8411d3fec3abb82c9c1b7a9b69d2011c520e5
GET /modules.4b160a4831adaf5337e6.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68316
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3315b6999637291711ab85ba678211fa"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2zWahvNo7_ujmk8wdD64aiksmptchL0Y8i0WtOFbGg1vjxbWvhenLw==
age: 24007
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
54.230.111.4200 OK 222 B URL HTTP/2 rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
IP 54.230.111.4:0
Hash 40537b1abe9505bb799edac2255a8470
3b26d888b1d5f92da2d20c58863690c5587fa9c7
7f99464c6925fc098677d29ef278b73b2c0160dea8cce855eac94ab703477e78
GET /rules-p-qX80KJDWUUAcD.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 222
last-modified: Thu, 13 Oct 2022 22:18:39 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Mon, 30 Jan 2023 21:50:35 GMT
cache-control: max-age=3600
etag: "40537b1abe9505bb799edac2255a8470"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rfX4gCLTCHuVGMuC-YEbDFZibh5z8-uFzdxKQDT7KPo3sae-6dN-gQ==
age: 3339
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=188497772483&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.6.241200 OK 567 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=188497772483&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.6.241:0
File type ASCII text, with very long lines (424), with CRLF line terminators
Hash a39217c922fe46593cef33291d7c9edb
efc9b75ee3eddcef1784b51d86f570f2bfcdfb91
88b994c879d19a65e0bf74db995921902f8a2f42deb02d629b552732719ea638
GET /Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=188497772483&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 22:46:13 GMT
content-type: text/javascript; charset=utf-8
content-length: 567
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 28-Feb-2023 22:46:13 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1675118787137&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&st=1675118787137&et=1675118787137&if=0
185.89.211.132200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1675118787137&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&st=1675118787137&et=1675118787137&if=0
IP 185.89.211.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1675118787137&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&st=1675118787137&et=1675118787137&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 22:46:13 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:46:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=356434,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791dbe0d6e750b06-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:46:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=356434,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791dbe0d6c0fb4f1-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:46:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=356434,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791dbe0d6cdf0b69-OSL
cdn.bannerflow.com/resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.171.188200 OK 32 kB URL HTTP/2 cdn.bannerflow.com/resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.171.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Hash e007d8f06b723f559d58114aeaf44470
db22fa937dc4b9af562b0b1f1789c799a854d903
f5a625458f28624ef76b63eada8b82e8a5747f6e0a224228f148d2ce3f9bb02d
GET /resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:12 GMT
content-type: text/html
content-md5: qRcQewUQpBCpHWX0csvwPQ==
last-modified: Thu, 10 Sep 2020 09:09:07 GMT
x-ms-request-id: ff32aea2-d01e-005f-750f-2aa63e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 388
vary: Accept-Encoding
server: cloudflare
cf-ray: 791dbe074d7d1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=53c7ea7a-9071-45fd-8d46-fa36039dc680
3.120.119.58302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=53c7ea7a-9071-45fd-8d46-fa36039dc680
IP 3.120.119.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=53c7ea7a-9071-45fd-8d46-fa36039dc680 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 22:46:13 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=53c7ea7a-9071-45fd-8d46-fa36039dc680
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=2ad12ba9-2a5f-40da-90cb-c1086c13a0af; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D85e8ec3e-cbc7-4247-bad5-7c0d533503a9
3.120.119.58302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D85e8ec3e-cbc7-4247-bad5-7c0d533503a9
IP 3.120.119.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_group=1&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D85e8ec3e-cbc7-4247-bad5-7c0d533503a9 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 22:46:13 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D85e8ec3e-cbc7-4247-bad5-7c0d533503a9
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=f07d02d7-8216-4ee2-bc53-21438529cceb; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=188497772483&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2323842725590611659
37.157.6.241200 OK 201 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=188497772483&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2323842725590611659
IP 37.157.6.241:0
File type ASCII text, with CRLF line terminators
Hash 58843f6e7478fcbc58ce3f06ebc8a766
38be284fc6f347414e9c4e62966c738f1303a06a
00d40fbf21940008fde10ef8f27648b7a840b379ea469d72008afa81501c74da
GET /Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=188497772483&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2323842725590611659 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 22:46:13 GMT
content-type: text/javascript; charset=utf-8
content-length: 201
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
3.120.119.58200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 3.120.119.58:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:13 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=53c7ea7a-9071-45fd-8d46-fa36039dc680
3.120.119.58302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=53c7ea7a-9071-45fd-8d46-fa36039dc680
IP 3.120.119.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=53c7ea7a-9071-45fd-8d46-fa36039dc680 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 30 Jan 2023 22:46:13 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D85e8ec3e-cbc7-4247-bad5-7c0d533503a9
3.120.119.58200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D85e8ec3e-cbc7-4247-bad5-7c0d533503a9
IP 3.120.119.58:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_group=1&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D85e8ec3e-cbc7-4247-bad5-7c0d533503a9 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:13 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash b94af900c6c15c251e926a2caa157e7e
097b39f420672fef541d9108f28fefa8344c1f94
4613440622029d926058597f19d95380a01b107fb731da2ecb9082f1de9348d9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 22:46:13 GMT
Last-Modified: Mon, 30 Jan 2023 22:20:17 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aQtzkKS3QmnwZJiiAnBZkzi9fbDTr9Nx6VKYO-Yw9E8yjHGfcCJKFA==
Age: 1556
www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&if=false&ts=1675118787488&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675118787487.980937202&it=1675118787196&coo=false&tm=1&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&if=false&ts=1675118787488&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675118787487.980937202&it=1675118787196&coo=false&tm=1&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F&if=false&ts=1675118787488&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675118787487.980937202&it=1675118787196&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 22:46:13 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:46:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=356434,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791dbe0d6f700b31-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:46:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=356434,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791dbe0d6c8ab523-OSL
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=b1d223e0-09d2-46a4-98f0-7375c0c04b47
3.120.119.58302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=b1d223e0-09d2-46a4-98f0-7375c0c04b47
IP 3.120.119.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=b1d223e0-09d2-46a4-98f0-7375c0c04b47 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 22:46:13 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=b1d223e0-09d2-46a4-98f0-7375c0c04b47
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=1c2f9ec8-9a05-4bf3-b307-38f1993edffc; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675118773; path=/; expires=Tue, 30-Jan-2024 22:46:13 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=396ea085-1d41-455b-b358-76bf5de54418
3.120.119.58302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=396ea085-1d41-455b-b358-76bf5de54418
IP 3.120.119.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=396ea085-1d41-455b-b358-76bf5de54418 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 22:46:13 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=b1d223e0-09d2-46a4-98f0-7375c0c04b47
3.120.119.58302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=b1d223e0-09d2-46a4-98f0-7375c0c04b47
IP 3.120.119.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&cb=b1d223e0-09d2-46a4-98f0-7375c0c04b47 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 30 Jan 2023 22:46:13 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash f90d6763b441d6c21e0390f9702b2604
f35fb1ab8ef86ee332c662940f47d2aa89e809bf
8cd8dc48a477354413f1e9bfbac802f9ef7b12dd07cc8a1efcb431643cf2f114
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112101
Date: Mon, 30 Jan 2023 22:46:13 GMT
Etag: "63d74ef8-1d7"
Expires: Wed, 01 Feb 2023 05:54:34 GMT
Last-Modified: Mon, 30 Jan 2023 05:00:40 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: droWUSv4adtC0ns90TPs9NvH7vCYZ_P3iWJ13aF5MfbLZQDX-lAKKg==
Age: 3234
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 0ce64bca477131b5aac4e3b7a26b51b3
e7e7b5118a90b086f78f90dbbad902abd7e7b7e6
d96c139ed644300929adf8a3f0dfda9ef2716515d8d9bb950619c10022a8239b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 22:46:13 GMT
Last-Modified: Mon, 30 Jan 2023 21:53:25 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tdBNnms8ex_kgpksA81xGMSFuwdL1JwipjqIPESrNGm9lWKhG4ONtQ==
Age: 3169
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash f90d6763b441d6c21e0390f9702b2604
f35fb1ab8ef86ee332c662940f47d2aa89e809bf
8cd8dc48a477354413f1e9bfbac802f9ef7b12dd07cc8a1efcb431643cf2f114
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112068
Date: Mon, 30 Jan 2023 22:46:13 GMT
Etag: "63d74ef8-1d7"
Expires: Wed, 01 Feb 2023 05:54:01 GMT
Last-Modified: Mon, 30 Jan 2023 05:00:40 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YWj3ABAyoa5a9JqYVWlA7If1H24B8qppKCjQlXW9J4qu2Q8pv5skPA==
Age: 3201
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash f90d6763b441d6c21e0390f9702b2604
f35fb1ab8ef86ee332c662940f47d2aa89e809bf
8cd8dc48a477354413f1e9bfbac802f9ef7b12dd07cc8a1efcb431643cf2f114
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112107
Date: Mon, 30 Jan 2023 22:46:13 GMT
Etag: "63d74ef8-1d7"
Expires: Wed, 01 Feb 2023 05:54:40 GMT
Last-Modified: Mon, 30 Jan 2023 05:00:40 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G6KEitQss_kDes7XNDqlZj-s-wQCsDuAKcnCH6XCzakkSBY0UwNGCw==
Age: 3240
pixel.quantserve.com/pixel;r=340642375;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-369678448-1675118787230;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;d=rizk.com;dst=0;et=1675118787471;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=c785f62d-0a00-4320-a828-50585b525a8c
91.228.74.206200 OK 0 B URL HTTP/2 pixel.quantserve.com/pixel;r=340642375;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-369678448-1675118787230;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;d=rizk.com;dst=0;et=1675118787471;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=c785f62d-0a00-4320-a828-50585b525a8c
IP 91.228.74.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel;r=340642375;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ref=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-369678448-1675118787230;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;d=rizk.com;dst=0;et=1675118787471;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=c785f62d-0a00-4320-a828-50585b525a8c HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:13 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EIUBBgGWKAISAbaCqA2e6bRu; expires=Sun, 30-Apr-2023 22:46:13 GMT; path=/; domain=.quantserve.com
mc=63d848b5-81793-e1aa2-82ea2; expires=Fri, 01-Mar-2024 22:46:13 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.195.181.132204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.195.181.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 22:46:13 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.195.181.132204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.195.181.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=85e8ec3e-cbc7-4247-bad5-7c0d533503a9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 22:46:13 GMT
X-Firefox-Spdy: h2
ws44.hotjar.com/api/v2/client/ws
52.18.144.66101 Switching Protocols 0 B URL HTTP/1.1 ws44.hotjar.com/api/v2/client/ws
IP 52.18.144.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws44.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://rizk.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OJIcM7IgFuF2bDb+Vmfu1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 30 Jan 2023 22:46:13 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aSbr5ntYeL6vy2lPBbK/OHVHpXE=
Sec-WebSocket-Extensions: permessage-deflate
content.hotjar.io/
99.81.230.163200 OK 56 B IP 99.81.230.163:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d4eedf1907b758b6588a515c07f219c
ddb52e78e8c65d23a5bddda7cf05e920686986b1
8f941552a228283e784d1603002d9941ba95723110769c10798eec0fa5174956
POST / HTTP/1.1
Host: content.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 248488
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:13 GMT
content-type: application/json
content-length: 56
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
rizk.com/OneSignalSDKWorker.js
104.18.21.91304 Not Modified 0 B URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.21.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Mon+Jan+30+2023+22%3A46%3A25+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; _gcl_au=1.1.1651559443.1675118786; _pk_ref.1.dd63=%5B%22%22%2C%22%22%2C1675118786%2C%22http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F%22%5D; _pk_id.1.dd63=544b8d784e0b5c74.1675118786.; _pk_ses.1.dd63=1; _scid=92640f7e-ab59-4aaf-a070-29efd0d50b0d; _ga_0WVZ21C8XH=GS1.1.1675118786.1.0.1675118786.60.0.0; _ga=GA1.1.1813820768.1675118786; _sp_srt_ses.1633=*; _sp_srt_id.1633=5897b7d2-825e-44ce-918a-bd91be71304b.1675118787.1.1675118787.1675118787.3eb04c20-e452-4ef1-9c57-38b87f6c35c6; _gid=GA1.2.350807936.1675118787; _hjSessionUser_661774=eyJpZCI6IjI0ZGI5OGVmLTkxZjMtNTk0Ny04Zjg3LWQ3NGRiZDAxMWE5YiIsImNyZWF0ZWQiOjE2NzUxMTg3ODczMzksImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=1; _hjSession_661774=eyJpZCI6ImQ2NGZjMWZhLWEyM2QtNDU2My1iNjcyLWJkNDBhNGIxN2NhNCIsImNyZWF0ZWQiOjE2NzUxMTg3ODczNTMsImluU2FtcGxlIjp0cnVlfQ==; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; adformfrpid=2323842725590611659; _fbp=fb.1.1675118787487.980937202; __qca=P0-369678448-1675118787230
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Thu, 26 Jan 2023 12:38:29 GMT
If-None-Match: W/"63d27445-56"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 30 Jan 2023 22:46:14 GMT
last-modified: Thu, 26 Jan 2023 12:38:29 GMT
etag: "63d27445-56"
cf-cache-status: HIT
age: 3887
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe130a0fb4f1-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b48e97dc2f5267cb927615ef17b44fa9
cd05f89ca8d8e0b0f328eca58230499e39160d11
23beba8486f22fc11331d5605c704a08a26b704db8041f6316c8ea5bdb99ce02
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6511
Cache-Control: max-age=125854
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:14 GMT
Etag: "63d777e5-117"
Expires: Wed, 01 Feb 2023 09:43:48 GMT
Last-Modified: Mon, 30 Jan 2023 07:55:17 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b48e97dc2f5267cb927615ef17b44fa9
cd05f89ca8d8e0b0f328eca58230499e39160d11
23beba8486f22fc11331d5605c704a08a26b704db8041f6316c8ea5bdb99ce02
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4809
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:46:14 GMT
Last-Modified: Mon, 30 Jan 2023 21:26:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b8edbb541668f634636dc44f1559b50
0a2322b18a1cc6ca4710fce7b6d8f28263ca6064
2765a746ef8f589399e2588727364fbea9c9710327f61c979371765def1e9694
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6893
x-amzn-requestid: 02212aa9-354a-4bad-9527-137b8d87115a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3jkHL9oAMFZAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c7d-27bd90b622159be117d43a21;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _ANr_OX05FwLjw68wKrj7y34-R-daqoh7b1SO4AGqe-fzSrVaDpEiA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:11:08 GMT
age: 2109
etag: "0a2322b18a1cc6ca4710fce7b6d8f28263ca6064"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rizk.com/assets/img/jewel_reward.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/jewel_reward.svg
IP 104.18.21.91:0
GET /assets/img/jewel_reward.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 10:59:52 GMT
etag: W/"63761428-cdb"
expires: Tue, 17 Jan 2023 07:13:49 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 5010715
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfead75b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-footer.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/rizk-logo-footer.svg
IP 104.18.21.91:0
GET /assets/img/rizk-logo-footer.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Oct 2022 08:50:04 GMT
etag: W/"633e96bc-789"
expires: Tue, 06 Dec 2022 01:38:03 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 5007585
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfecd8ab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
c.bannerflow.net/scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.12.64200 OK 0 B URL HTTP/2 c.bannerflow.net/scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.12.64:0
GET /scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: c.bannerflow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:12 GMT
content-type: text/html
cache-control: public,max-age=3600
content-md5: ECKsFMGYt00AJi96pRIpJw==
last-modified: Mon, 28 Mar 2022 11:38:52 GMT
x-ms-request-id: 892675fa-901e-0070-5c0b-e554d1000000
x-ms-version: 2011-08-18
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1938
vary: Accept-Encoding
server: cloudflare
cf-ray: 791dbe078ae9b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:14 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3191
expires: Thu, 02 Feb 2023 22:46:14 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 791dbe133ba7b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logo-odr.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/footer/footer-logo-odr.svg
IP 104.18.21.91:0
GET /assets/img/footer/footer-logo-odr.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675118770
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/svg+xml
last-modified: Thu, 15 Dec 2022 11:19:37 GMT
etag: W/"639b02c9-1c73"
expires: Sat, 18 Feb 2023 04:38:06 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 1022170
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe01687ab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/js/scripts.a59bec0c.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/scripts.a59bec0c.js
IP 104.18.21.91:0
GET /assets/js/scripts.a59bec0c.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-654b4"
cf-cache-status: HIT
age: 5921
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfedd9cb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3188
expires: Thu, 02 Feb 2023 22:46:11 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 791dbe044fd8b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
tr.snapchat.com/config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js
IP 35.190.43.134:0
GET /config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:12 GMT
access-control-allow-origin: https://rizk.com
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDKWorker.js?v=151514
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDKWorker.js?v=151514
IP 104.18.225.52:0
GET /sdks/OneSignalSDKWorker.js?v=151514 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:14 GMT
content-type: application/javascript
etag: W/"2c6db169c2c60079c09fc4c994322b13"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3172
expires: Thu, 02 Feb 2023 22:46:14 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 791dbe133b9fb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
37.157.5.142200 OK 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
IP 37.157.5.142:0
GET /serving/cookie/match?CC=1&party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 22:46:13 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
rizk.com/assets/js/base.66506201.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/base.66506201.js
IP 104.18.21.91:0
GET /assets/js/base.66506201.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-7ba24"
cf-cache-status: HIT
age: 6130
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfedd9ab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg
104.18.21.91200 OK 0 B URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg
IP 104.18.21.91:0
GET /no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: image/webp
content-length: 76412
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=164109
content-disposition: inline; filename="rizk-casino-mobile.webp"
etag: "568c79fd-2810d"
expires: Sat, 14 Jan 2023 20:04:05 GMT
last-modified: Wed, 06 Jan 2016 02:20:45 GMT
vary: Accept
cf-cache-status: HIT
age: 3733771
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfeedb4b4f1-OSL
X-Firefox-Spdy: h2
unpkg.com/yett/dist/yett.min.modern.js
104.16.125.175302 Found 0 B URL HTTP/2 unpkg.com/yett/dist/yett.min.modern.js
IP 104.16.125.175:0
GET /yett/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /yett@0.2.3/dist/yett.min.modern.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GR2DN37AQWVT7EWWPDFD90JV-ams
cf-cache-status: HIT
age: 94
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791dbdffeec9b50b-OSL
X-Firefox-Spdy: h2
www.clickcease.com/monitor/stat.js
54.230.111.16200 OK 0 B URL HTTP/2 www.clickcease.com/monitor/stat.js
IP 54.230.111.16:0
GET /monitor/stat.js HTTP/1.1
Host: www.clickcease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
server: AmazonS3
content-encoding: gzip
date: Mon, 30 Jan 2023 22:46:11 GMT
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ekFZjFayZ1oQ0cwpXOJZxlwJ7vmlp7PmH-oyvNo7nt44EpY5nGI0-g==
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: microphone 'none'; camera 'none';
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.206200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.206:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:13 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "j4o3/UzQJzEULY/aoGayAw=="
expires: Mon, 06 Feb 2023 22:46:13 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/661774/visit-data?sv=7
34.242.42.170200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/661774/visit-data?sv=7
IP 34.242.42.170:0
POST /api/v2/client/sites/661774/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 129
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:13 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
104.18.21.91301 Moved Permanently 0 B URL HTTP/2 rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
IP 104.18.21.91:0
GET /no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://iuyuyt.3bb94.ij.wy5532.com/
Connection: keep-alive
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 30 Jan 2023 22:46:10 GMT
content-type: text/html; charset=UTF-8
location: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
x-powered-by: PHP/7.1.33
set-cookie: PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; path=/; secure; HttpOnly
btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; expires=Mon, 13-Feb-2023 22:46:10 GMT; Max-Age=1209600; path=/; secure
Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; expires=Wed, 01-Mar-2023 22:46:10 GMT; Max-Age=2592000; path=/; secure; httponly
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfd2bbeb4f1-OSL
X-Firefox-Spdy: h2
rizk.com/OneSignalSDKWorker.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.21.91:0
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:29 GMT
etag: W/"63d27445-56"
cf-cache-status: HIT
age: 3884
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbe03aa8cb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
matomo.rizk-dev.com/matomo.js
104.18.14.144200 OK 0 B URL HTTP/2 matomo.rizk-dev.com/matomo.js
IP 104.18.14.144:0
GET /matomo.js HTTP/1.1
Host: matomo.rizk-dev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:12 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 08:56:29 GMT
etag: W/"6286063d-faed"
expires: Tue, 31 Jan 2023 02:46:12 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 941
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-robots-tag: noindex
server: cloudflare
cf-ray: 791dbe06e9f70b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rizk.com/assets/js/runtime.ab229b8c.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/runtime.ab229b8c.js
IP 104.18.21.91:0
GET /assets/js/runtime.ab229b8c.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=_mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=eq4sd84kpb13m8krhkpp9o95b9; btag=a_10689784b_c__mmJ5G44B7edOauPNimNT2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2Fiuyuyt.3bb94.ij.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-8fc"
cf-cache-status: HIT
age: 1412
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 791dbdfecd97b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/yett@0.2.3/dist/yett.min.modern.js
104.16.125.175200 OK 0 B URL HTTP/2 unpkg.com/yett@0.2.3/dist/yett.min.modern.js
IP 104.16.125.175:0
GET /yett@0.2.3/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:11 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"106a-F1kN/vqWtSduU82KJoxqMaLlX70"
via: 1.1 fly.io
fly-request-id: 01G53T04M04VGHTCMPW9JKYWMZ-fra
cf-cache-status: HIT
age: 20354686
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791dbe000efdb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.171.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.171.188:0
GET /resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:46:12 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=3650
content-md5: 9U0JZZEfvIjj+rfzna0fNA==
etag: W/"0x8D7A4C7B64A6317"
last-modified: Wed, 29 Jan 2020 14:29:55 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 1b1234c4-701e-0091-595e-a55502000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 172
vary: Accept-Encoding
server: cloudflare
cf-ray: 791dbe072d681c16-OSL
content-encoding: br
X-Firefox-Spdy: h2