urlquery - report: telefonica.site/ph/spin/globe/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
ocsp.pki.goog (5)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.3
fonts.gstatic.com (5)	0	2014-09-09 00:40:21 UTC	2022-11-26 10:10:14 UTC	216.58.207.195	Domain (gstatic.com) ranked at: 540
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	52.89.217.163
img-getpocket.cdn.mozilla.net (5)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
r3.o.lencr.org (6)	344	No data	No data	23.36.77.32
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-26 05:33:16 UTC	34.117.237.239
my.rtmark.net (1)	9054	2017-08-22 14:11:49 UTC	2022-11-26 05:56:01 UTC	139.45.195.8
voices-kerence.com (1)	0	2020-04-20 12:32:36 UTC	2022-11-26 10:05:20 UTC	18.193.209.105	Unknown ranking
rbn-bc-7s.lptrak.com (1)	0	No data	No data	23.36.79.43	Unknown ranking
rbnwc.lpmediastorage.com (15)	0	2022-11-18 12:30:24 UTC	2022-11-26 08:12:29 UTC	104.18.36.105	Domain (lpmediastorage.com) ranked at: 936145
whampamp.com (3)	30947	2022-03-12 13:52:24 UTC	2022-11-26 06:03:25 UTC	139.45.197.236
joxi.imgsrcdata.com (38)	0	2018-04-18 09:14:20 UTC	2022-11-26 08:33:17 UTC	104.16.151.45	Unknown ranking
telefonica.site (1)	0	2019-08-24 03:11:01 UTC	2022-11-26 06:01:04 UTC	79.98.24.35	Unknown ranking
ocsp.digicert.com (10)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-26 05:33:20 UTC	34.102.187.140
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
rabona.com (29)	470859	2016-07-06 07:41:41 UTC	2022-11-26 09:00:25 UTC	45.8.106.46
fonts.googleapis.com (2)	8877	2013-06-10 20:14:26 UTC	2022-11-26 07:22:52 UTC	142.250.74.10

Scan Date	Severity	Indicator	Comment
2022-11-26	2	whampamp.com	Sinkholed
2022-11-26	2	whampamp.com	Sinkholed
2022-11-26	2	whampamp.com	Sinkholed

Date	UQ / IDS / BL	URL	IP
2022-12-07 22:15:19 +0000	0 - 0 - 1	media5.site/	79.98.24.35
2022-12-07 07:15:25 +0000	0 - 0 - 1	media5.site/	79.98.24.35
2022-12-05 09:29:20 +0000	0 - 0 - 3	media5.site/bg/fortune/vivacom/	79.98.24.35
2022-12-05 05:45:30 +0000	0 - 0 - 2	media5.site/ph/env/globe/	79.98.24.35
2022-12-05 05:45:17 +0000	0 - 0 - 2	media5.site/ph/env/globe	79.98.24.35

Date	UQ / IDS / BL	URL	IP
2023-01-31 07:25:24 +0000	0 - 0 - 1	joingrupwa.com/	185.5.54.98
2023-01-31 05:01:54 +0000	0 - 0 - 4	tele10.site/m/th/ppt3/	79.98.29.29
2023-01-31 03:39:30 +0000	0 - 12 - 0	archsia.com.tr/	62.77.153.148
2023-01-31 02:57:19 +0000	0 - 6 - 3	tele-phones.site/th/bx/true/	79.98.29.30
2023-01-31 01:59:17 +0000	0 - 8 - 3	tele-phones.site/my/bx/maxis/	79.98.29.30

Date	UQ / IDS / BL	URL	IP
2022-12-04 12:58:57 +0000	0 - 0 - 3	telefonica.site/ph/bx/globe/	79.98.24.35
2022-12-04 12:58:56 +0000	0 - 0 - 4	telefonica.site/ph/bx/globe	79.98.24.35
2022-12-04 11:59:34 +0000	0 - 0 - 2	telefonica.site/dz/bx/nl/?key=eyJ0aW1lc3RhbXA (...)	79.98.24.35
2022-12-04 11:59:33 +0000	0 - 0 - 2	telefonica.site/dz/bx/nl?key=eyJ0aW1lc3RhbXAi (...)	79.98.24.35
2022-12-04 10:58:48 +0000	0 - 0 - 2	telefonica.site/bd/fortune/nl/?key=eyJ0aW1lc3 (...)	79.98.24.35

Date	UQ / IDS / BL	URL	IP
2022-12-10 10:21:57 +0000	0 - 0 - 1	rouonixon.com/4/3714661/	139.45.197.238
2022-12-05 07:44:15 +0000	0 - 0 - 2	ak.phumpauk.com/4/5108254	95.101.10.65
2022-12-02 04:32:04 +0000	0 - 0 - 2	nicevids.ru/?cnv_id=97f65oj374ka3dzd38	104.21.10.39
2022-11-26 12:27:21 +0000	0 - 0 - 2	inoradde.com/4326573/	139.45.197.238
2022-11-26 09:10:25 +0000	0 - 0 - 2	trk.ago-gave-collect-jet.run/gg/adr?to=becrus (...)	172.67.191.58

Request	Response
GET /ph/spin/globe/ HTTP/1.1 Host: telefonica.site User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: telefonica.site/ph/spin/globe/ FQDN: telefonica.site IP: 79.98.24.35 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 79.98.24.35 HTTP/1.1 302 Found Content-Type: text/html Date: Sat, 26 Nov 2022 16:01:08 GMT Server: Apache Connection: Upgrade, Keep-Alive Location: //whampamp.com/4/5087048?var=ed2 Keep-Alive: timeout=2, max=100 Transfer-Encoding: chunked --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3969 Expires: Sat, 26 Nov 2022 17:07:18 GMT Date: Sat, 26 Nov 2022 16:01:09 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a9f1d4d98705c281fed3b60343463200 Sha1: db6f8aa98d2eda4e5473b116a222c3055568bb78 Sha256: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3654 Cache-Control: max-age=156653 Date: Sat, 26 Nov 2022 16:01:09 GMT Etag: "6381eaec-1d7" Expires: Mon, 28 Nov 2022 11:32:02 GMT Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15b59d5e62caedb4bec3ba6724906c1e Sha1: 960f801e608a56fdd11449f4face29f62cad2b21 Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13966 Expires: Sat, 26 Nov 2022 19:53:55 GMT Date: Sat, 26 Nov 2022 16:01:09 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 71f9c681a82440fd55e76c780a20e55d Sha1: 3147768cfbcdd06e0c6e69684292e68e99917a80 Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 26 Nov 2022 15:17:32 GMT cache-control: public,max-age=3600 age: 2617 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: d130218d0e2841f39c99610fe1a2ab90 Sha1: 29fbe1e177ee55c7a61ae0a206afff271cf5f945 Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: YCFzlBdPi2tzWkDcl/iDjiXxU+0KlNVShGa2L6/Mc7mYNhTjHb7SaLwRC7idHe82sIW7keLlb9w= x-amz-request-id: H2AD2N7Q4R1MSE4G content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 26 Nov 2022 15:44:17 GMT age: 1012 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /4/5087048?var=ed2 HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: whampamp.com/4/5087048?var=ed2 FQDN: whampamp.com IP: 139.45.197.236 HASH: 4677fe602c2c5e5e9082b82753f43d34c553b5edc083439f44e69e1521b04649 139.45.197.236 HTTP/1.1 200 OK Content-Type: text/html; charset=utf8 Server: nginx Date: Sat, 26 Nov 2022 16:01:09 GMT Transfer-Encoding: chunked Connection: keep-alive X-Trace-Id: f91a99e94bac4d519d31f285cf7c8331 Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Timing-Allow-Origin: * Set-Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ oaidts=1669478469; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT Pragma: no-cache, no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT Access-Control-Allow-Origin: , Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5406) Size: 2954 Md5: 21c43bc930326f775e89bdc25c2cbe7d Sha1: 6650d4627e69070b7b0fb37482465ac378628ca3 Sha256: 4677fe602c2c5e5e9082b82753f43d34c553b5edc083439f44e69e1521b04649 Alerts: Blocklists: - quad9: Sinkholed
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 16:01:09 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E" Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5914 Expires: Sat, 26 Nov 2022 17:39:43 GMT Date: Sat, 26 Nov 2022 16:01:09 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 94d86bd8aa3fb64d5ef4ba39b2093f46 Sha1: f6f8b969e6d14af88dcd584c72ad52d904d459e9 Sha256: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
GET /favicon.ico HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://whampamp.com/4/5087048?var=ed2 Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; oaidts=1669478469	URL: whampamp.com/favicon.ico FQDN: whampamp.com IP: 139.45.197.236 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.236 HTTP/1.1 204 No Content Server: nginx Date: Sat, 26 Nov 2022 16:01:09 GMT Connection: keep-alive Expires: Thu, 31 Dec 2037 23:55:55 GMT Pragma: public Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /img.gif?f=merge&userId=2be49b473d934e2ca2331e348e2f5bc3 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://whampamp.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/img.gif?f=merge&userId=2be49b473d934e2ca2 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Sat, 26 Nov 2022 16:01:09 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=2be49b473d934e2ca2331e348e2f5bc3; expires=Sun, 26 Nov 2023 16:01:09 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 462 Origin: http://whampamp.com Connection: keep-alive Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; oaidts=1669478469 Upgrade-Insecure-Requests: 1	URL: whampamp.com/?z=5087048&syncedCookie=true&rhd=false FQDN: whampamp.com IP: 139.45.197.236 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.236 HTTP/1.1 302 Found Server: nginx Date: Sat, 26 Nov 2022 16:01:09 GMT Content-Length: 0 Connection: keep-alive X-Trace-Id: f8c99511d87f8a97f84bb364f8282133 Link: <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch" Referrer-Policy: no-referrer Location: https://voices-kerence.com/26df10eb-34ec-4879-9dd6-7903ddd1b3d9?zoneid=5087048&bannerid=15819990&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6347981&useragent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0&language=en&connectiontype=broadband&cost=0.003150&visitor_id=620400269049737758&rdk=rk3 Access-Control-Allow-Origin: http://whampamp.com Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding Access-Control-Max-Age: 86400 Pragma: no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT Set-Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ oaidts=1669478469; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ syncedCookie=true; expires=Sat, 03 Dec 2022 16:01:09 GMT; path=/ Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff Timing-Allow-Origin: , --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /26df10eb-34ec-4879-9dd6-7903ddd1b3d9?zoneid=5087048&bannerid=15819990&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6347981&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003150&visitor_id=620400269049737758&rdk=rk3 HTTP/1.1 Host: voices-kerence.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: voices-kerence.com/26df10eb-34ec-4879-9dd6-7903ddd1b3d9 (...) FQDN: voices-kerence.com IP: 18.193.209.105 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 18.193.209.105 HTTP/2 302 Found server: nginx date: Sat, 26 Nov 2022 16:01:09 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://rbn-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16823&bid=9057&clickid=w4g2d23s5gc9egoki37sivek pragma: no-cache set-cookie: 26df10eb-34ec-4879-9dd6-7903ddd1b3d9-v4=Z0SIQTFWaBohKVuzUYwRdMylwkiUyYMBGkafDc739WM; Max-Age=86400; Expires=Sun, 27-Nov-2022 16:01:09 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=1SyTkkDVtvYWB0xa5fI%2FHjgByJVvfzYZtKifrV5Ffe0nF2SFM3G1TvUErv6%2FhAXTRDT8zU57vj9AecfMgT7hRAyTlqu6Ez8X54Tg1%2BQxXsZ3y2DLMe19%2FwUzqjcpFrhRsZVV71%2FM121f2KKdki8Kdg%3D%3D; Max-Age=31536000; Expires=Sun, 26-Nov-2023 16:01:09 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 26 Nov 2022 15:08:54 GMT cache-control: public,max-age=3600 age: 3135 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2779 Cache-Control: max-age=150721 Date: Sat, 26 Nov 2022 16:01:09 GMT Etag: "6381d72b-1d7" Expires: Mon, 28 Nov 2022 09:53:10 GMT Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d3df71aab146eefc49acb608796aab63 Sha1: 8401892995193919376dfcd798b09c8261579454 Sha256: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
GET /redirect.aspx?pid=1360468&lpid=16823&bid=9057&clickid=w4g2d23s5gc9egoki37sivek HTTP/1.1 Host: rbn-bc-7s.lptrak.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: rbn-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=168 (...) FQDN: rbn-bc-7s.lptrak.com IP: 23.36.79.43 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 23.36.79.43 HTTP/2 307 Temporary Redirect content-type: text/html content-length: 0 location: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies" x-aspnet-version: 4.0.30319 request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0 access-control-expose-headers: Request-Context expires: Sat, 26 Nov 2022 16:01:09 GMT cache-control: max-age=0, no-cache, no-store pragma: no-cache date: Sat, 26 Nov 2022 16:01:09 GMT set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a1360468%2c%22BID%22%3a9057%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669478469869)%5c%2f%22%2c%22CookieTag%22%3a%2290571360468451240919C20221126161%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22546355988%7c1%22%7d%5d; domain=.lptrak.com; expires=Mon, 26-Nov-3021 16:01:09 GMT; path=/; secure; SameSite=Strict server-timing: edge; dur=1, origin; dur=67, cdn-cache; desc=MISS X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: fd29e72dee9ebcacd25e134c4f1c2802ec7c947b827165fc29a6c0918e0ad3a6 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5872 Cache-Control: max-age=88669 Date: Sat, 26 Nov 2022 16:01:09 GMT Etag: "6380d8b2-116" Expires: Sun, 27 Nov 2022 16:38:58 GMT Last-Modified: Fri, 25 Nov 2022 15:01:06 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: b6814ea835552da5e0cbca50d3caadef Sha1: 0a489f669694c5e3912a244cf8d491cef7d4a997 Sha256: fd29e72dee9ebcacd25e134c4f1c2802ec7c947b827165fc29a6c0918e0ad3a6
GET /lang.1669191633059.js HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/lang.1669191633059.js FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: 4d904aa1225bc7f740fae13ef7b08d577a081eecf5b1619e96e91234bbfeea54 104.18.36.105 HTTP/2 200 OK content-type: application/javascript date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify etag: W/"637dd7ff-bb6" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 11 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7562d56b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2998), with no line terminators Size: 2035 Md5: a938bd4c1d665f7c53c4f92e6f5d6c36 Sha1: 53e5fb03642b6df7d16ddb3ab1cea67aa01ab3d1 Sha256: 4d904aa1225bc7f740fae13ef7b08d577a081eecf5b1619e96e91234bbfeea54
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: C6Lf1lHjjCLE6uqpryWlNQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.89.217.163 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.89.217.163 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: SwYPX8A1YKsvjcBTBQQuFj1l/+Q= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /942.1669191633059.js HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/942.1669191633059.js FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: bf83690f77e26ddbe0fac7bd4de5dee044f3df51067050ad0cea6fe6ca907cd6 104.18.36.105 HTTP/2 200 OK content-type: application/javascript date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify cf-polished: origSize=424564 etag: W/"637dd7ff-67a74" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 11 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7562d60b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size: 139162 Md5: 4ffc71a18fb31896e715b05afdb38363 Sha1: 51bc8a91972df725c94dcf4b3051c719a8714035 Sha256: bf83690f77e26ddbe0fac7bd4de5dee044f3df51067050ad0cea6fe6ca907cd6
GET /app.1669191633059.js HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/app.1669191633059.js FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: c0da670484295db10313ea5e202d867b8b540862e826fcc804441ab568807893 104.18.36.105 HTTP/2 200 OK content-type: application/javascript date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify etag: W/"637dd7ff-d07c" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 11 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7562d63b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (53372), with no line terminators Size: 12945 Md5: 941d8618300f1675eef76913e2239e83 Sha1: fceb07ed63651200a717b35f8bbd9d368a9f5f66 Sha256: c0da670484295db10313ea5e202d867b8b540862e826fcc804441ab568807893
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 0f0bbf4aa40b597c538daa3882b86a4608379e8f813f569accfda566ba956577 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6135 Cache-Control: max-age=171714 Date: Sat, 26 Nov 2022 16:01:10 GMT Etag: "63821c11-118" Expires: Mon, 28 Nov 2022 15:43:04 GMT Last-Modified: Sat, 26 Nov 2022 14:00:49 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 9a414ea815fd2afd8aec0b164f9bc4be Sha1: 47774ebd7acc4f2074560a12ea0b63a4e8a4a9e9 Sha256: 0f0bbf4aa40b597c538daa3882b86a4608379e8f813f569accfda566ba956577
GET /492.1669191633059.js HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/492.1669191633059.js FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: 5f6a2645e7d97efe35c92935c7c0a83be8c21a369dc53342ccce2a541fd313b7 104.18.36.105 HTTP/2 200 OK content-type: application/javascript date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify etag: W/"637dd7ff-37ac" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 11 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7562d4eb527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (14252), with no line terminators Size: 5249 Md5: 5c36e7e78a56d7908b8d5fbe696753e4 Sha1: 9b046db3f1adbd789c60886ab0c699b239821b8c Sha256: 5f6a2645e7d97efe35c92935c7c0a83be8c21a369dc53342ccce2a541fd313b7
GET /landings/rabona/web_components/images/world-cup-prizes/prize_champions-league_2x.png HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: ea2bde9f9a3768859d584c6b948ae9d1f4e492382e496c564abf95ba3018e6a7 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 31170 access-control-allow-origin: * cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=34923 content-disposition: inline; filename="prize_champions-league_2x.webp" etag: "6357d318-886b" last-modified: Tue, 25 Oct 2022 12:14:16 GMT vary: Accept cf-cache-status: HIT age: 703836 accept-ranges: bytes server: cloudflare cf-ray: 7703d7595bbdb4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 31170 Md5: 2b5870e66cb3abbeccbe7db8021297b1 Sha1: a0ff1ad6f14af2ea2fd45dfe221c366b0d8d7775 Sha256: ea2bde9f9a3768859d584c6b948ae9d1f4e492382e496c564abf95ba3018e6a7
GET /landings/rabona/web_components/images/world-cup-prizes/prize_holidays_2x.png HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: bdddc61dab64a211198a836fc2d6655321018f527e91055172b173fa2bee3e94 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 24224 access-control-allow-origin: * cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=26094 content-disposition: inline; filename="prize_holidays_2x.webp" etag: "6357d318-65ee" last-modified: Tue, 25 Oct 2022 12:14:16 GMT vary: Accept cf-cache-status: HIT age: 699084 accept-ranges: bytes server: cloudflare cf-ray: 7703d7595bbeb4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 24224 Md5: 208c02c90f77e71efcb51f01ded20311 Sha1: 93e27e93b19fc20415294b4e91c6a6969833a3f7 Sha256: bdddc61dab64a211198a836fc2d6655321018f527e91055172b173fa2bee3e94
GET /index.1669191633059.css HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/index.1669191633059.css FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: 45f262ab4c96ca29e5efd61af073853e4e2b58ef293050b6071f8029f7b66e15 104.18.36.105 HTTP/2 200 OK content-type: text/css date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify cf-polished: origSize=25491 etag: W/"637dd7ff-6393" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 49 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7563d64b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (25477), with no line terminators Size: 181740 Md5: 0b3ea2195ebe32709f5fbd5636e0167b Sha1: 898504d00f39d3449fe2a06f826d314eb47a8b77 Sha256: 45f262ab4c96ca29e5efd61af073853e4e2b58ef293050b6071f8029f7b66e15
GET /sprite.1669191633059.css HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/sprite.1669191633059.css FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: e8ac790ab987441d78fa8619c0a74d15876389a531cd49825f497ad2be2c527a 104.18.36.105 HTTP/2 200 OK content-type: text/css date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify cf-polished: origSize=5063 etag: W/"637dd7ff-13c7" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 49 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7563d67b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (5055), with no line terminators Size: 17797 Md5: c01f6cca26faabaee983e374feb11a60 Sha1: 658004d57306f2e77b37593dbcfcc081dd58cf1d Sha256: e8ac790ab987441d78fa8619c0a74d15876389a531cd49825f497ad2be2c527a
GET /landings/rabona/web_components/decor/world-cup-landing/decor_under-steps.png HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/deco (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 27ccfda9e1fc590b8630c0d3e1f432da93c82ede9378fe2530ba1cce84d1e63f 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 218568 access-control-allow-origin: * cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=246593 content-disposition: inline; filename="decor_under-steps.webp" etag: "6357d318-3c341" last-modified: Tue, 25 Oct 2022 12:14:16 GMT vary: Accept cf-cache-status: HIT age: 703836 accept-ranges: bytes server: cloudflare cf-ray: 7703d7595bc9b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 218568 Md5: 5a40cfa500a5735b69c40699ac055899 Sha1: 7a832ee76d32993579f067b12354f4913e4b2998 Sha256: 27ccfda9e1fc590b8630c0d3e1f432da93c82ede9378fe2530ba1cce84d1e63f
GET /landings/rabona/web_components/decor/world-cup-landing/decor_shape-under-prizes.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/deco (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 276e3ff63b068e4e0b32e068b7ddccfa0f2716878323508e1187671758c07209 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:10 GMT last-modified: Tue, 25 Oct 2022 12:14:16 GMT etag: W/"6357d318-412" access-control-allow-origin: * cf-cache-status: HIT age: 703836 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7594bb2b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 29464 Md5: 64bdb9cd99d14d35c3bee7672d4a1c78 Sha1: d0b9b1e43203a5f7ceabb2e37eaec5b92e6f7e29 Sha256: 276e3ff63b068e4e0b32e068b7ddccfa0f2716878323508e1187671758c07209
GET /landings/rabona/web_components/bg/world-cup-landing/offer_bg.png HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/bg/w (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 143a981873ee828840e10ed944af31149a0f72a76e7dbaceda6ab67dab5dbfa0 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 363844 access-control-allow-origin: * cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=387867 content-disposition: inline; filename="offer_bg.webp" etag: "6357d31d-5eb1b" last-modified: Tue, 25 Oct 2022 12:14:21 GMT vary: Accept cf-cache-status: HIT age: 703836 accept-ranges: bytes server: cloudflare cf-ray: 7703d7596bcbb4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 363844 Md5: 2f40d7ff017e57aebb72a41a54069669 Sha1: 85eb63ee1c8447059e68d32be2524a76bd7db83a Sha256: 143a981873ee828840e10ed944af31149a0f72a76e7dbaceda6ab67dab5dbfa0
GET /landings/rabona/web_components/images/world-cup-prizes/prize_holidays_2x.webp HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 653154cc70106fe67893c78971dd479512080eb38bdfa35e394c21f8ffb77b19 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 26798 last-modified: Tue, 25 Oct 2022 12:14:21 GMT etag: "6357d31d-68ae" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a1c98b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 26798 Md5: 4b715beb3b07e6ef7121e75e6eb17841 Sha1: 559f56493de681788e9177bcc93025b67d326cb5 Sha256: 653154cc70106fe67893c78971dd479512080eb38bdfa35e394c21f8ffb77b19
GET /landings/rabona/web_components/images/world-cup-prizes/prize_bitcoit_2x.webp HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 2fa83cad0ab5404b29c9736a1e19ce6c529dcd1f2884ed819c8ab73bfa3c97fb 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 188138 last-modified: Tue, 25 Oct 2022 12:14:21 GMT etag: "6357d31d-2deea" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a1c99b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 188138 Md5: fb32d198244f858d040d39097f390e83 Sha1: da9beb8b020f3c3ae8a6576d6b7e8f9b5c1751e1 Sha256: 2fa83cad0ab5404b29c9736a1e19ce6c529dcd1f2884ed819c8ab73bfa3c97fb
GET /landings/rabona/web_components/images/world-cup-prizes/prize_official-shirts_2x.webp HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: c343dab054ae1fdecddee80f147d2ef2663ea1166ae27dacdbd066b883aa83a7 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 29558 last-modified: Tue, 25 Oct 2022 12:14:21 GMT etag: "6357d31d-7376" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a1c9ab4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29558 Md5: b334a21c602eab15a2497f6ca0c5814e Sha1: 246f5bd92aac1f6fceaa936da05747348f99a946 Sha256: c343dab054ae1fdecddee80f147d2ef2663ea1166ae27dacdbd066b883aa83a7
GET /landings/rabona/web_components/images/world-cup-prizes/prize_iphone-rabona_2x.webp HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 3ed5e7c864dc2b08549fde9df2f526a3c00b223515083e97843a19c125d63770 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 16698 last-modified: Tue, 25 Oct 2022 12:14:21 GMT etag: "6357d31d-413a" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a2c9eb4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 16698 Md5: b78e3a413988d60fd6966556f291857a Sha1: 25bf1c21b48a26e0adc50b4f0c2792d99539e6df Sha256: 3ed5e7c864dc2b08549fde9df2f526a3c00b223515083e97843a19c125d63770
GET /landings/rabona/web_components/images/world-cup-prizes/prize_champions-league_2x.webp HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 32a336fb039d5e08ec954a9ba9e808e977a688fe283483745cec532ac50b49ce 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 44816 last-modified: Tue, 25 Oct 2022 12:14:16 GMT etag: "6357d318-af10" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a1c96b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 44816 Md5: 56b4cdef4512497f7e54c28ec6a648e6 Sha1: b9acaeb583debe36cd5f5555e4a2bf5bf452c36b Sha256: 32a336fb039d5e08ec954a9ba9e808e977a688fe283483745cec532ac50b49ce
GET /landings/rabona/web_components/bg/world-cup-landing/offer_bg.avif HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/bg/w (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 7bdcd9fc0b5fa6b2e935b64f753544187cf4f36337d2631e5dc28b929728f12a 104.16.151.45 HTTP/2 200 OK content-type: application/octet-stream date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 382139 last-modified: Tue, 25 Oct 2022 12:14:16 GMT etag: "6357d318-5d4bb" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a2ca0b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: ISO Media, AVIF Image\012- data Size: 382139 Md5: 2b3c4044f4585347634b3ae11e03e6d4 Sha1: 8fdb7ea564e06de5353352514d8d694f36d270d8 Sha256: 7bdcd9fc0b5fa6b2e935b64f753544187cf4f36337d2631e5dc28b929728f12a
GET /landings/rabona/web_components/decor/world-cup-landing/decor_under-main-banner.png HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/deco (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 9c7641676b6af62758d6932818c8e2a627b31b5b2f75d585735bccb8da86a947 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 323484 access-control-allow-origin: * cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=371796 content-disposition: inline; filename="decor_under-main-banner.webp" etag: "6357d318-5ac54" last-modified: Tue, 25 Oct 2022 12:14:16 GMT vary: Accept cf-cache-status: HIT age: 703837 accept-ranges: bytes server: cloudflare cf-ray: 7703d75d08a4b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 323484 Md5: bfebd07818ed68b63c66825c7467a5f5 Sha1: 6bba5424e27e69358f09b987f5b6852a293a9589 Sha256: 9c7641676b6af62758d6932818c8e2a627b31b5b2f75d585735bccb8da86a947
GET /no/api/v2/page/item/rbnwc-info-page-tournament HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/page/item/rbnwc-info (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: 0067ded95f40bd5f8fd7648395f1253eb064a7396d7c82ce9ea87780e89449df 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-981b622b-3185-41fb-80d1-2883b2df9df1 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 15:50:20 GMT cf-cache-status: HIT age: 49 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75b4c10b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , Unicode text, UTF-8 text, with very long lines (10867), with no line terminators Size: 152993 Md5: c53f51b0ee2b9749f3368fbb171e232f Sha1: 89675c9f22b392ee096edfe8389e05a9b23b0a4b Sha256: 0067ded95f40bd5f8fd7648395f1253eb064a7396d7c82ce9ea87780e89449df
GET /landings/rabona/video/world-cup/wc-animation_breakpoint-768.mp4?v=3 HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/video/world-cup/wc- (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 158da18f61b743741968888656b5f22aae265f3063232316b278eda63903294f 104.16.151.45 HTTP/2 206 Partial Content content-type: video/mp4 date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 864243 last-modified: Wed, 09 Nov 2022 13:43:14 GMT etag: "636bae72-d2ff3" access-control-allow-origin: * cf-cache-status: HIT age: 703837 content-range: bytes 0-864242/864243 server: cloudflare cf-ray: 7703d75dc9bdb4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size: 864243 Md5: b39ebad3480f40d75720ddca7251fe89 Sha1: eae540c150999d46470d61f1c5927387b640383e Sha256: 158da18f61b743741968888656b5f22aae265f3063232316b278eda63903294f
GET /landings/rabona/video/world-cup/wc-animation_breakpoint-414-360.mp4?v=3 HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/video/world-cup/wc- (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: e5aaa106fc828edbc01a521863194522d43ef744a8769827b005df4904bd3d0c 104.16.151.45 HTTP/2 206 Partial Content content-type: video/mp4 date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 608540 last-modified: Wed, 09 Nov 2022 13:43:14 GMT etag: "636bae72-9491c" access-control-allow-origin: * cf-cache-status: HIT age: 703837 content-range: bytes 0-608539/608540 server: cloudflare cf-ray: 7703d75dc9c9b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size: 608540 Md5: f246b917c1518b3675002ef5517f7e46 Sha1: 32998b34ba8333305713fe3a2cd4dd585b63b6d0 Sha256: e5aaa106fc828edbc01a521863194522d43ef744a8769827b005df4904bd3d0c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 16:01:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
GET /landings/rabona/web_components/steps/world-cup/wcstep_underline_default.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 2a71b57e97580303aa95b64ee167d4667b67dd2435183baf16f92912e4dd9fc2 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 14:45:10 GMT etag: W/"636bbcf6-a5" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d18c1b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1551253 Md5: 3c60ee68be172ed9dbeb309325c017db Sha1: 9b99256ea1cba30ea57312e69ce343fea2e37bb9 Sha256: 2a71b57e97580303aa95b64ee167d4667b67dd2435183baf16f92912e4dd9fc2
GET /no/api/v2/game-events-feed/feed?category=worldcup&count=100 HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/game-events-feed/fee (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: 5f5d4c13f72bb6e275b4530936b9a12b0eae3b614c2c3b9a88dda4a735d84049 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-9ba55ae3-c7f4-4e6b-992f-ab1943dc0460 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 15:50:32 GMT cf-cache-status: HIT age: 36 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75a2ab5b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (16980), with no line terminators Size: 2463 Md5: 07db1d5e1a37c7315acd1dc2c2d2dbf3 Sha1: 8001af2e1b482cbd1c01186ffe412235ffa775ec Sha256: 5f5d4c13f72bb6e275b4530936b9a12b0eae3b614c2c3b9a88dda4a735d84049
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rbnwc.lpmediastorage.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 18:53:49 GMT expires: Thu, 23 Nov 2023 18:53:49 GMT cache-control: public, max-age=31536000 age: 248842 last-modified: Wed, 11 May 2022 19:24:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size: 15860 Md5: e9f5aaf547f165386cd313b995dddd8e Sha1: acdef5603c2387b0e5bffd744b679a24a8bc1968 Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 16:01:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 16:01:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rbnwc.lpmediastorage.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15920 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 14:07:32 GMT expires: Thu, 23 Nov 2023 14:07:32 GMT cache-control: public, max-age=31536000 age: 266019 last-modified: Wed, 11 May 2022 19:24:45 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data Size: 15920 Md5: 3a44e06eb954b96aa043227f3534189d Sha1: 23cef6993ddb2b2979e8e7647fc3763694e2ba7d Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rbnwc.lpmediastorage.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5j (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15700 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 18:51:51 GMT expires: Thu, 23 Nov 2023 18:51:51 GMT cache-control: public, max-age=31536000 age: 248960 last-modified: Tue, 19 Apr 2022 18:51:55 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data Size: 15700 Md5: 3d7f7413fca69bff4d231ebdc50aaab0 Sha1: cb18e7943b6a8a0e3672d7242197c19a226b92e8 Sha256: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 16:01:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rbnwc.lpmediastorage.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 19:34:08 GMT expires: Thu, 23 Nov 2023 19:34:08 GMT cache-control: public, max-age=31536000 age: 246423 last-modified: Wed, 11 May 2022 19:24:48 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /no/api/v2/page/item/rbnwc-info-page-prizes HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/page/item/rbnwc-info (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: c2750bcce3e0a87e91fd1b4f66000bd9c843fde06b3bdc1cfee3b1f7567c0bf8 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-81849977-f553-4a0d-9d29-478effe68c94 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 15:40:54 GMT cf-cache-status: HIT age: 593 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75b5c18b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (5179), with no line terminators Size: 16550 Md5: 22dfe7d55f1caf69f2d48bb5f7031cae Sha1: df7b3daf19aeb57a1b695c7b93ae4a72847808b8 Sha256: c2750bcce3e0a87e91fd1b4f66000bd9c843fde06b3bdc1cfee3b1f7567c0bf8
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rbnwc.lpmediastorage.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5j (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15660 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 22 Nov 2022 22:17:43 GMT expires: Wed, 22 Nov 2023 22:17:43 GMT cache-control: public, max-age=31536000 age: 323008 last-modified: Tue, 19 Apr 2022 18:42:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data Size: 15660 Md5: d7b0b953a50fddaa88089b5b787cf719 Sha1: 2f85bc568b27659a3d6452f58f9fd7678450326d Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 16:01:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-1_active.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 3aba8fdddfdd114048b94630241de62d73dbdda138f6cecccf08f638d8ba8349 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 13:43:19 GMT etag: W/"636bae77-451" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d18c5b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1005 Md5: b18c8e0c42776725502d54b1df4a7ec6 Sha1: f89e89840ca20ea083c3f2846809afbb7ddab9ea Sha256: 3aba8fdddfdd114048b94630241de62d73dbdda138f6cecccf08f638d8ba8349
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6783 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 16:01:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6783 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 16:01:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6783 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 16:01:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfe2d23-9843-4fb7-b46a-fd8ffd7bce9a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3110f22342b17a7b1d30bd53350e6a11fd6032d97bccf4206e4a27d6e332c79b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9011 x-amzn-requestid: f0e83373-0f65-4358-a902-45f2e9c24c24 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLUfPHzAoAMF4ow= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63813461-19e037da49c44e4363bbe8f0;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:17 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: BhDa2CHAFtN7I8edeVOkRMzIRzmRPgHHnk1W_W5oZnRjaFN2vqze2g== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:48:49 GMT age: 65542 etag: "bed54bd4f659fbf29834b262e9179df7e7bc56a6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9011 Md5: d30923b7d20eeb37527255c3ee1da34f Sha1: bed54bd4f659fbf29834b262e9179df7e7bc56a6 Sha256: 3110f22342b17a7b1d30bd53350e6a11fd6032d97bccf4206e4a27d6e332c79b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9049 x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVVGHzKoAMFSuA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:43:36 GMT age: 65855 etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9049 Md5: c8dc4b8a7e9f7f4f84f0da568b43392b Sha1: 3d32bff85cb7ec118c4496d0c3802829fdc9af3b Sha256: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 15818 x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLXrUF3bIAMF8CA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 22:33:09 GMT etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8" age: 62882 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15818 Md5: 17ebe470d040a6ea8c57e9b9d4f4e828 Sha1: 1ac7a410cd4f3709f476c776dd5646dd982dcfa8 Sha256: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /landings/rabona/preloader.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: joxi.imgsrcdata.com/landings/rabona/preloader.svg FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 0a7e66228a8ba6b90bbffcca4bc15c545f2426cd64742adf8d02ae406ef8c662 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:10 GMT last-modified: Fri, 11 Mar 2022 15:53:11 GMT etag: W/"622b7067-1013" access-control-allow-origin: * cf-cache-status: HIT age: 957077 vary: Accept-Encoding server: cloudflare cf-ray: 7703d758caffb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 10881 Md5: 2753376a8ae9eec160e6279dd45b6275 Sha1: 5f7c2ac117c5ab0295c6d95f2a3f05f09b00751a Sha256: 0a7e66228a8ba6b90bbffcca4bc15c545f2426cd64742adf8d02ae406ef8c662
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3502 x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCvYUHO5IAMFqDA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 07:13:26 GMT age: 31665 etag: "61f9bed607e81606be78285596acdc5e0e4f4994" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3502 Md5: a783df85f30f9c555f9df6b99f61744d Sha1: 61f9bed607e81606be78285596acdc5e0e4f4994 Sha256: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4309 x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b1U8xGxgIAMF-qQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 05:04:28 GMT age: 39403 etag: "126771b86638108050cf57c0d12faa27f80f0edb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4309 Md5: 841a4b110022a99ddea6f7bf66df0fa1 Sha1: 126771b86638108050cf57c0d12faa27f80f0edb Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /landings/rabona/video/world-cup/wc-animation_breakpoint-414-360.webm?v=3 HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/video/world-cup/wc- (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 46b3bb54d40a80df33a8e98a7f3308619d8ef4753a56ce1bace9a2ca115921f4 104.16.151.45 HTTP/2 206 Partial Content content-type: video/webm date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 755529 last-modified: Wed, 09 Nov 2022 13:43:19 GMT etag: "636bae77-b8749" access-control-allow-origin: * cf-cache-status: HIT age: 593129 content-range: bytes 0-755528/755529 server: cloudflare cf-ray: 7703d760ad12b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: WebM\012- EBML file, creator webmB\20\012- data Size: 755529 Md5: 1128fbc6daaae24fe30316a6ca11bf77 Sha1: 99cc50e9b5dbee694b8f5eb172824300221fa221 Sha256: 46b3bb54d40a80df33a8e98a7f3308619d8ef4753a56ce1bace9a2ca115921f4
GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-2_default.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: a3c1481669e0bac714cc93a9d5c700f9b5307e2f7a401d0f36df21c1795294f3 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 13:43:19 GMT etag: W/"636bae77-a5f" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d694ab4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 2911420 Md5: 7ef379a79affdbc5fbc3e7c0063b25ee Sha1: 9d21af4712fc475d38c0df4a5a80e045af574efd Sha256: a3c1481669e0bac714cc93a9d5c700f9b5307e2f7a401d0f36df21c1795294f3
GET /landings/rabona/video/world-cup/wc-animation_breakpoint-1280.webm?v=3 HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/video/world-cup/wc- (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 262619667c85f999279f6c5ed815fbae640f70ee9092b89360f1e0cf8e22aa01 104.16.151.45 HTTP/2 206 Partial Content content-type: video/webm date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 1651357 last-modified: Wed, 09 Nov 2022 13:43:14 GMT etag: "636bae72-19329d" access-control-allow-origin: * cf-cache-status: HIT age: 703837 content-range: bytes 0-1651356/1651357 server: cloudflare cf-ray: 7703d7609cf0b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: WebM\012- EBML file, creator webmB\20\012- data Size: 1651357 Md5: 5460627cbccc6ed993a0de5ef799d4b9 Sha1: 385e50136075f6bede3b784d4c6afce95fabf1d6 Sha256: 262619667c85f999279f6c5ed815fbae640f70ee9092b89360f1e0cf8e22aa01
GET /landings/rabona/video/world-cup/wc-animation_breakpoint-2560-1920.webm?v=3 HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/video/world-cup/wc- (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 9186562b446a8dbb4282ba112d6689e01a4a27d214fcc15c507956e909b84e89 104.16.151.45 HTTP/2 206 Partial Content content-type: video/webm date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 2235588 last-modified: Wed, 09 Nov 2022 13:43:14 GMT etag: "636bae72-221cc4" access-control-allow-origin: * cf-cache-status: HIT age: 593129 content-range: bytes 0-2235587/2235588 server: cloudflare cf-ray: 7703d7609ce7b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: WebM\012- EBML file, creator webmB\20\012- data Size: 2235588 Md5: c66dc4b10e91273f6ed1eab4a4c4f8ed Sha1: e95de947d878f94fc6e822e12fb2de60cf4109aa Sha256: 9186562b446a8dbb4282ba112d6689e01a4a27d214fcc15c507956e909b84e89
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5051 Cache-Control: max-age=111971 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 23:07:23 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
GET /dimg/team/1643980747480_senegal.png HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1643980747480_senegal.png FQDN: rabona.com IP: 45.8.106.46 HASH: ee1fb94a325d477b4fc58c93578acee4e496db605677dd4dc43ce18ac81e3acb 45.8.106.46 HTTP/2 200 OK content-type: image/png date: Sat, 26 Nov 2022 16:01:12 GMT content-length: 3432 cf-bgj: imgq:85,h2pri cf-polished: status=not_needed content-security-policy: block-all-mixed-content etag: "9ba943420d8e4526171502f6a18fdf33" last-modified: Fri, 04 Feb 2022 13:19:07 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1701B83DF1D361AA x-conv-cache-status: HIT x-front-cache-status: HIT x-xss-protection: 1; mode=block cf-cache-status: HIT age: 1387627 accept-ranges: bytes server: cloudflare cf-ray: 7703d762ec8cb527-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 800 x 533, 8-bit colormap, non-interlaced\012- data Size: 3432 Md5: 9ba943420d8e4526171502f6a18fdf33 Sha1: 22b45e3a20c8fd228d38ccd92d7cb1075f34e559 Sha256: ee1fb94a325d477b4fc58c93578acee4e496db605677dd4dc43ce18ac81e3acb
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5051 Cache-Control: max-age=111971 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 23:07:23 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4048 Cache-Control: max-age=110969 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 22:50:41 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F6FD) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1950 Cache-Control: max-age=108870 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 22:15:42 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
GET /dimg/team/1667224821895_1280pxflagofghana.svg.png HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1667224821895_1280pxflagofghana.svg.png FQDN: rabona.com IP: 45.8.106.46 HASH: cbc4b69f95132368976d8ba974136db920c78b7835ad649f88e40d0fd8fc7953 45.8.106.46 HTTP/2 200 OK content-type: image/png date: Sat, 26 Nov 2022 16:01:12 GMT content-length: 5700 cf-bgj: imgq:85,h2pri cf-polished: origSize=5830, status=vary_header_present content-security-policy: block-all-mixed-content etag: "01eef8c9bf62a95eead0b44f96c9eb04" last-modified: Mon, 31 Oct 2022 14:00:21 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17259EEFDB5DE05D x-conv-cache-status: HIT x-front-cache-status: MISS x-xss-protection: 1; mode=block cf-cache-status: HIT age: 1063281 accept-ranges: bytes server: cloudflare cf-ray: 7703d762ec83b527-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1280 x 853, 8-bit colormap, non-interlaced\012- data Size: 5700 Md5: b90ee45164d3c59611c10b99fedfa049 Sha1: d9c7f2841aa2b12b2bc8056d7c0a2a0ad475953c Sha256: cbc4b69f95132368976d8ba974136db920c78b7835ad649f88e40d0fd8fc7953
GET /dimg/team/1669401279135_flagoftunisia.svg.png HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1669401279135_flagoftunisia.svg.png FQDN: rabona.com IP: 45.8.106.46 HASH: cf5dbfc0fee120aeca579e1c52158d980899aacb3016d5d8aa892cd6cabad2e8 45.8.106.46 HTTP/2 200 OK content-type: image/png date: Sat, 26 Nov 2022 16:01:12 GMT content-length: 61818 cf-bgj: imgq:85,h2pri cf-polished: origSize=62053, status=vary_header_present content-security-policy: block-all-mixed-content etag: "fff80b663b71b53a88f114d1ea46807b" last-modified: Fri, 25 Nov 2022 18:34:39 GMT vary: Origin, Accept-Encoding x-amz-request-id: 172AEFFC8709A317 x-conv-cache-status: HIT x-front-cache-status: HIT x-xss-protection: 1; mode=block cf-cache-status: HIT age: 67790 accept-ranges: bytes server: cloudflare cf-ray: 7703d762fc9bb527-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 2560 x 1707, 8-bit/color RGB, non-interlaced\012- data Size: 61818 Md5: daf66d5070c570b200260ff1db911b26 Sha1: a8a8eb9e0d6287216290d2c1b2f14abb9a394694 Sha256: cf5dbfc0fee120aeca579e1c52158d980899aacb3016d5d8aa892cd6cabad2e8
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3364 Cache-Control: max-age=110285 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 22:39:17 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F713) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5051 Cache-Control: max-age=111971 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 23:07:23 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
GET /no/api/v2/lang/translation HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/lang/translation FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-0914c785-8d4b-440a-bab3-15fbf61c1b44 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 16:00:21 GMT cf-cache-status: HIT age: 49 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75a2aadb527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/netherlands.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/netherlands.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"e53fc83f569b904b5b883c87a37b5607" last-modified: Mon, 23 Aug 2021 17:59:40 GMT vary: Origin, Accept-Encoding x-amz-request-id: 170135A072BE1B5F x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 1387627 server: cloudflare cf-ray: 7703d762fc8db527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_visa.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:11 GMT etag: W/"60102d13-e95" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d762f884b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_postepay.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-26b7" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d763f9b8b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611070661_por.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611070661_por.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"3e907ae18a94e609e4b57f70ece34f35" last-modified: Wed, 16 Nov 2022 15:04:30 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D3010817B x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec80b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611167363_cmrn.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611167363_cmrn.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"b7131391313c2a47343e321a396366b6" last-modified: Wed, 16 Nov 2022 15:06:07 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30E4A5FB x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: MISS cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec7cb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611699912_mo.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rabona.com/dimg/team/1668611699912_mo.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"41cae12f02c3c035a6e40bdd2bfbb5bf" last-modified: Wed, 16 Nov 2022 15:14:59 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D2F79346E x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7630cb2b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_banktransfer.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:11 GMT etag: W/"60102d13-2efc" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7643a14b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_litecoin.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-c3c" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7644a20b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /no/api/v2/page/item/rbnwc-info-page-promo HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/page/item/rbnwc-info (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-c566f214-6208-444a-8174-85e418fcfe2b x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 16:01:01 GMT cf-cache-status: HIT age: 9 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75b5c16b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-3_default.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 13:43:14 GMT etag: W/"636bae72-f1a" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d896ab4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_cartasi.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-2466" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d763089bb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_ecopayz.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-1771" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d76419ddb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611337887_bel.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rabona.com/dimg/team/1668611337887_bel.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"a8e60e6d6ba2b86740fd5e9a8d5b2bd9" last-modified: Wed, 16 Nov 2022 15:08:57 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D3008C185 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7643e1bb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_interac.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Wed, 06 Jul 2022 14:21:26 GMT etag: W/"62c59a66-32bc" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d763f9bbb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611759307_mx.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rabona.com/dimg/team/1668611759307_mx.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"78a506ed9f0592c91389bc71e183eb81" last-modified: Wed, 16 Nov 2022 15:15:59 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C496AE07C1C x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7643e19b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47 (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: text/html date: Sat, 26 Nov 2022 16:01:10 GMT last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: MISS expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7552c24b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611673222_cr.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611673222_cr.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"d70b83d15bec9f4ee6e32f5a16c23320" last-modified: Wed, 16 Nov 2022 15:14:33 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30A0BE75 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec7ab527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /no/api/v2/icon/list?category=landing-licenses&count=100 HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/icon/list?category=l (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-1d5b1a56-da1f-41cf-93f3-eaadaf755d72 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 15:43:25 GMT cf-cache-status: HIT age: 461 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75b7c33b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611119507_uy.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611119507_uy.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"8009c4f010b949c65e70b06b2989c09e" last-modified: Wed, 16 Nov 2022 15:05:19 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D3377B439 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec81b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611711325_au.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611711325_au.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"1a50ab86dddf696e092e652181571d7e" last-modified: Wed, 16 Nov 2022 15:15:11 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30EE96FA x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7630ca6b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611815388_dk.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611815388_dk.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"2c078b26e453e344b02d028fcbd4a629" last-modified: Wed, 16 Nov 2022 15:16:55 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D3071F2F5 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7630ca8b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611653436_de.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rabona.com/dimg/team/1668611653436_de.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"b5aa958e4ae9e8029a1e03c19514f5bf" last-modified: Wed, 16 Nov 2022 15:14:13 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D32F8C98D x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7643e1cb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_ethereum.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:11 GMT etag: W/"60102d13-14ee" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7643a17b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668601370505_arg.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rabona.com/dimg/team/1668601370505_arg.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"65b662ea0607d3781ba130ca56463d51" last-modified: Wed, 16 Nov 2022 12:22:50 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1728169B1F6F2740 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 867380 server: cloudflare cf-ray: 7703d762ec77b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-3_active.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 13:43:19 GMT etag: W/"636bae77-f1c" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d8971b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668613878666_cr.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668613878666_cr.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"3eea5c265f7628a6b13c509adf4a1fa1" last-modified: Wed, 16 Nov 2022 15:51:18 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D331F67DD x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec8ab527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_mastercard.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:11 GMT etag: W/"60102d13-1b34" access-control-allow-origin: * cf-cache-status: HIT age: 847995 vary: Accept-Encoding server: cloudflare cf-ray: 7703d762f88ab4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668610639901_us.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668610639901_us.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"f9dcba64e77b89ca58c716938ffc16a1" last-modified: Wed, 16 Nov 2022 14:57:19 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30EA38F7 x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762fc9ab527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_jeton.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Thu, 02 Dec 2021 12:30:12 GMT etag: W/"61a8bc54-154d" access-control-allow-origin: * cf-cache-status: HIT age: 847995 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7646a5cb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611012743_rs.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611012743_rs.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"b0d2957d29d1bd475b5c28aa5680d14b" last-modified: Wed, 16 Nov 2022 15:03:32 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D3023C03B x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec7db527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-2_active.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 13:43:19 GMT etag: W/"636bae77-a61" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d694bb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611881437_jp.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611881437_jp.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"07f5419b045afa9c776cf8431469c972" last-modified: Wed, 16 Nov 2022 15:18:01 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30F42CCD x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec89b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/wales.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/wales.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"d2c365be887ee592c10229e3cef43eff" last-modified: Mon, 23 Aug 2021 17:59:40 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1701232DEA64AFEF x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 1063281 server: cloudflare cf-ray: 7703d762fc92b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_mifinity.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:11 GMT etag: W/"60102d13-2163" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7644a26b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611744819_pl.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611744819_pl.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"4beb1bf287261c3d403f083895eb2436" last-modified: Wed, 16 Nov 2022 15:15:44 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C496E147CAF x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7630cafb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611031408_br.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611031408_br.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"cec2e1e57c4c996b857c65bef3df0b6a" last-modified: Wed, 16 Nov 2022 15:03:51 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30208D22 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec7eb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Roboto+Condensed:400,400i,700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Roboto+Condensed:400,40 (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 26 Nov 2022 16:01:10 GMT date: Sat, 26 Nov 2022 16:01:10 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /no/api/v2/icon/list?category=footer-payments&count=100 HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/icon/list?category=f (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-d9f87325-cde0-4732-ab2d-b02eb5a6e266 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 15:40:55 GMT cf-cache-status: HIT age: 593 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75b6c2fb527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611102820_kr.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611102820_kr.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"151ff3dff78959bdf5d319d1ccce20f5" last-modified: Wed, 16 Nov 2022 15:05:02 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30F6F337 x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec82b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /favicon.ico HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/favicon.ico FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: image/x-icon date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Thu, 10 Nov 2022 10:46:09 GMT etag: W/"636cd671-3a6" cf-cache-status: HIT age: 512 expires: Sat, 26 Nov 2022 20:01:11 GMT cache-control: public, max-age=14400 vary: Accept-Encoding server: cloudflare cf-ray: 7703d76059adb527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/france.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/france.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"2f9befe94ef9076d58b0a2ae38e1a025" last-modified: Mon, 23 Aug 2021 17:59:39 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17011B8BDC34D822 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 933280 server: cloudflare cf-ray: 7703d762fc9eb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611849022_sa.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611849022_sa.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"edd99f9074e52aaa9e704672d6a38a54" last-modified: Wed, 16 Nov 2022 15:17:29 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C496A7F063B x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7630cb0b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_neosurf.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-db1" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d76429f9b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css2?family=Roboto:wght@400;500;70 (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 26 Nov 2022 16:01:10 GMT date: Sat, 26 Nov 2022 16:01:10 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1653981614751_flagofqatar-1.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1653981614751_flagofqatar-1.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"5bb5a068449de059e23908479a70ef42" last-modified: Tue, 31 May 2022 07:20:14 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1701B83DF15CB85F x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 938485 server: cloudflare cf-ray: 7703d762fc8eb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1653981171283_1280pxflagofiran-1.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1653981171283_1280pxflagofiran-1.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"4d4609d3ab43f2c54c689a5937df05e2" last-modified: Tue, 31 May 2022 07:12:51 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1701B83DF17555A5 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 1063281 server: cloudflare cf-ray: 7703d762fc97b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1633594561146_ecuador2.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1633594561146_ecuador2.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"94317befb597bfc7cbe5a664dbe34afd" last-modified: Thu, 07 Oct 2021 08:16:01 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1700F12C6910986D x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: MISS cf-cache-status: HIT age: 1387627 server: cloudflare cf-ray: 7703d762ec8bb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668613854808_eng.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668613854808_eng.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"88faab9969508f016f86cbbc328dbce7" last-modified: Wed, 16 Nov 2022 15:50:54 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D303758E3 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: MISS cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762fc96b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_neteller.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-af8" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7643a10b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_bitcoin.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Wed, 16 Jun 2021 09:33:13 GMT etag: W/"60c9c559-2085" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7643a15b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            GET /ph/spin/globe/ HTTP/1.1 

                                        
                                            
Host: telefonica.site

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         79.98.24.35

                                        
                                            HTTP/1.1 302 Found 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:08 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Connection: Upgrade, Keep-Alive 

                                        
                                            
Location: //whampamp.com/4/5087048?var=ed2 

                                        
                                            
Keep-Alive: timeout=2, max=100 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3654 

                                        
                                            
Cache-Control: max-age=156653 

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:09 GMT 

                                        
                                            
Etag: "6381eaec-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 11:32:02 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT 

                                        
                                            
Server: ECS (ska/F70F) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    15b59d5e62caedb4bec3ba6724906c1e

                                                Sha1:   960f801e608a56fdd11449f4face29f62cad2b21

                                                Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 15:17:32 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 2617 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    d130218d0e2841f39c99610fe1a2ab90

                                                Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945

                                                Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5914 

                                        
                                            
Expires: Sat, 26 Nov 2022 17:39:43 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:09 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    94d86bd8aa3fb64d5ef4ba39b2093f46

                                                Sha1:   f6f8b969e6d14af88dcd584c72ad52d904d459e9

                                                Sha256: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e

                                        
                                            GET /img.gif?f=merge&userId=2be49b473d934e2ca2331e348e2f5bc3 HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://whampamp.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         139.45.195.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 26 Nov 2022 16:01:09 GMT 

                                        
                                            
content-length: 43 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                        
                                            
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                        
                                            
access-control-expose-headers: Authorization 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
set-cookie: ID=2be49b473d934e2ca2331e348e2f5bc3; expires=Sun, 26 Nov 2023 16:01:09 GMT; secure; SameSite=None 

                                        
                                            
strict-transport-security: max-age=1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: *, * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    b4491705564909da7f9eaf749dbbfbb1

                                                Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8

                                                Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

                                        
                                            GET /26df10eb-34ec-4879-9dd6-7903ddd1b3d9?zoneid=5087048&bannerid=15819990&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6347981&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003150&visitor_id=620400269049737758&rdk=rk3 HTTP/1.1 

                                        
                                            
Host: voices-kerence.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         18.193.209.105

                                        
                                            HTTP/2 302 Found

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 26 Nov 2022 16:01:09 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
cache-control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
expires: Thu, 01 Jan 1970 00:00:00 GMT 

                                        
                                            
location: https://rbn-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16823&bid=9057&clickid=w4g2d23s5gc9egoki37sivek 

                                        
                                            
pragma: no-cache 

                                        
                                            
set-cookie: 26df10eb-34ec-4879-9dd6-7903ddd1b3d9-v4=Z0SIQTFWaBohKVuzUYwRdMylwkiUyYMBGkafDc739WM; Max-Age=86400; Expires=Sun, 27-Nov-2022 16:01:09 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=1SyTkkDVtvYWB0xa5fI%2FHjgByJVvfzYZtKifrV5Ffe0nF2SFM3G1TvUErv6%2FhAXTRDT8zU57vj9AecfMgT7hRAyTlqu6Ez8X54Tg1%2BQxXsZ3y2DLMe19%2FwUzqjcpFrhRsZVV71%2FM121f2KKdki8Kdg%3D%3D; Max-Age=31536000; Expires=Sun, 26-Nov-2023 16:01:09 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 2779 

                                        
                                            
Cache-Control: max-age=150721 

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:09 GMT 

                                        
                                            
Etag: "6381d72b-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 09:53:10 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT 

                                        
                                            
Server: ECS (ska/F70F) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    d3df71aab146eefc49acb608796aab63

                                                Sha1:   8401892995193919376dfcd798b09c8261579454

                                                Sha256: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5872 

                                        
                                            
Cache-Control: max-age=88669 

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:09 GMT 

                                        
                                            
Etag: "6380d8b2-116" 

                                        
                                            
Expires: Sun, 27 Nov 2022 16:38:58 GMT 

                                        
                                            
Last-Modified: Fri, 25 Nov 2022 15:01:06 GMT 

                                        
                                            
Server: ECS (ska/F70F) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 278 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   278

                                                Md5:    b6814ea835552da5e0cbca50d3caadef

                                                Sha1:   0a489f669694c5e3912a244cf8d491cef7d4a997

                                                Sha256: fd29e72dee9ebcacd25e134c4f1c2802ec7c947b827165fc29a6c0918e0ad3a6

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: C6Lf1lHjjCLE6uqpryWlNQ== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         52.89.217.163

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: SwYPX8A1YKsvjcBTBQQuFj1l/+Q= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /app.1669191633059.js HTTP/1.1 

                                        
                                            
Host: rbnwc.lpmediastorage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.36.105

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
cf-bgj: minify 

                                        
                                            
etag: W/"637dd7ff-d07c" 

                                        
                                            
last-modified: Wed, 23 Nov 2022 08:21:19 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 11 

                                        
                                            
expires: Sat, 26 Nov 2022 20:01:10 GMT 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7562d63b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (53372), with no line terminators

                                                Size:   12945

                                                Md5:    941d8618300f1675eef76913e2239e83

                                                Sha1:   fceb07ed63651200a717b35f8bbd9d368a9f5f66

                                                Sha256: c0da670484295db10313ea5e202d867b8b540862e826fcc804441ab568807893

                                        
                                            GET /492.1669191633059.js HTTP/1.1 

                                        
                                            
Host: rbnwc.lpmediastorage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.36.105

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
cf-bgj: minify 

                                        
                                            
etag: W/"637dd7ff-37ac" 

                                        
                                            
last-modified: Wed, 23 Nov 2022 08:21:19 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 11 

                                        
                                            
expires: Sat, 26 Nov 2022 20:01:10 GMT 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7562d4eb527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (14252), with no line terminators

                                                Size:   5249

                                                Md5:    5c36e7e78a56d7908b8d5fbe696753e4

                                                Sha1:   9b046db3f1adbd789c60886ab0c699b239821b8c

                                                Sha256: 5f6a2645e7d97efe35c92935c7c0a83be8c21a369dc53342ccce2a541fd313b7

                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_holidays_2x.png HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
content-length: 24224 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: origFmt=png, origSize=26094 

                                        
                                            
content-disposition: inline; filename="prize_holidays_2x.webp" 

                                        
                                            
etag: "6357d318-65ee" 

                                        
                                            
last-modified: Tue, 25 Oct 2022 12:14:16 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 699084 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7595bbeb4f3-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image\012- data

                                                Size:   24224

                                                Md5:    208c02c90f77e71efcb51f01ded20311

                                                Sha1:   93e27e93b19fc20415294b4e91c6a6969833a3f7

                                                Sha256: bdddc61dab64a211198a836fc2d6655321018f527e91055172b173fa2bee3e94

                                        
                                            GET /sprite.1669191633059.css HTTP/1.1 

                                        
                                            
Host: rbnwc.lpmediastorage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.36.105

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
cf-bgj: minify 

                                        
                                            
cf-polished: origSize=5063 

                                        
                                            
etag: W/"637dd7ff-13c7" 

                                        
                                            
last-modified: Wed, 23 Nov 2022 08:21:19 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 49 

                                        
                                            
expires: Sat, 26 Nov 2022 20:01:10 GMT 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7563d67b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (5055), with no line terminators

                                                Size:   17797

                                                Md5:    c01f6cca26faabaee983e374feb11a60

                                                Sha1:   658004d57306f2e77b37593dbcfcc081dd58cf1d

                                                Sha256: e8ac790ab987441d78fa8619c0a74d15876389a531cd49825f497ad2be2c527a

                                        
                                            GET /landings/rabona/web_components/decor/world-cup-landing/decor_shape-under-prizes.svg HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
last-modified: Tue, 25 Oct 2022 12:14:16 GMT 

                                        
                                            
etag: W/"6357d318-412" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 703836 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7594bb2b4f3-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   29464

                                                Md5:    64bdb9cd99d14d35c3bee7672d4a1c78

                                                Sha1:   d0b9b1e43203a5f7ceabb2e37eaec5b92e6f7e29

                                                Sha256: 276e3ff63b068e4e0b32e068b7ddccfa0f2716878323508e1187671758c07209

                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_holidays_2x.webp HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
content-length: 26798 

                                        
                                            
last-modified: Tue, 25 Oct 2022 12:14:21 GMT 

                                        
                                            
etag: "6357d31d-68ae" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 703836 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75a1c98b4f3-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image\012- data

                                                Size:   26798

                                                Md5:    4b715beb3b07e6ef7121e75e6eb17841

                                                Sha1:   559f56493de681788e9177bcc93025b67d326cb5

                                                Sha256: 653154cc70106fe67893c78971dd479512080eb38bdfa35e394c21f8ffb77b19

                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_official-shirts_2x.webp HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
content-length: 29558 

                                        
                                            
last-modified: Tue, 25 Oct 2022 12:14:21 GMT 

                                        
                                            
etag: "6357d31d-7376" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 703836 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75a1c9ab4f3-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image\012- data

                                                Size:   29558

                                                Md5:    b334a21c602eab15a2497f6ca0c5814e

                                                Sha1:   246f5bd92aac1f6fceaa936da05747348f99a946

                                                Sha256: c343dab054ae1fdecddee80f147d2ef2663ea1166ae27dacdbd066b883aa83a7

                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_champions-league_2x.webp HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
content-length: 44816 

                                        
                                            
last-modified: Tue, 25 Oct 2022 12:14:16 GMT 

                                        
                                            
etag: "6357d318-af10" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 703836 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75a1c96b4f3-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image\012- data

                                                Size:   44816

                                                Md5:    56b4cdef4512497f7e54c28ec6a648e6

                                                Sha1:   b9acaeb583debe36cd5f5555e4a2bf5bf452c36b

                                                Sha256: 32a336fb039d5e08ec954a9ba9e808e977a688fe283483745cec532ac50b49ce

                                        
                                            GET /landings/rabona/web_components/decor/world-cup-landing/decor_under-main-banner.png HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
content-length: 323484 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: origFmt=png, origSize=371796 

                                        
                                            
content-disposition: inline; filename="decor_under-main-banner.webp" 

                                        
                                            
etag: "6357d318-5ac54" 

                                        
                                            
last-modified: Tue, 25 Oct 2022 12:14:16 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 703837 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75d08a4b4f3-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image\012- data

                                                Size:   323484

                                                Md5:    bfebd07818ed68b63c66825c7467a5f5

                                                Sha1:   6bba5424e27e69358f09b987f5b6852a293a9589

                                                Sha256: 9c7641676b6af62758d6932818c8e2a627b31b5b2f75d585735bccb8da86a947

                                        
                                            GET /landings/rabona/video/world-cup/wc-animation_breakpoint-768.mp4?v=3 HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Range: bytes=0- 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: video 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 206 Partial Content 

                                        
                                            
content-type: video/mp4

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
content-length: 864243 

                                        
                                            
last-modified: Wed, 09 Nov 2022 13:43:14 GMT 

                                        
                                            
etag: "636bae72-d2ff3" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 703837 

                                        
                                            
content-range: bytes 0-864242/864243 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75dc9bdb4f3-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data

                                                Size:   864243

                                                Md5:    b39ebad3480f40d75720ddca7251fe89

                                                Sha1:   eae540c150999d46470d61f1c5927387b640383e

                                                Sha256: 158da18f61b743741968888656b5f22aae265f3063232316b278eda63903294f

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    b05606331c6f88a724d9e404e62974e4

                                                Sha1:   72176bc6b618fbbe567b5746ed54e14d381a9815

                                                Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

                                        
                                            GET /no/api/v2/game-events-feed/feed?category=worldcup&count=100 HTTP/1.1 

                                        
                                            
Host: rbnwc.lpmediastorage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json, text/plain, */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.36.105

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
access-control-expose-headers: X-Device-Type,X-Device-Name 

                                        
                                            
request-id: feapi-9ba55ae3-c7f4-4e6b-992f-ab1943dc0460 

                                        
                                            
x-device-name: Other 

                                        
                                            
x-device-type: desktop 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
last-modified: Sat, 26 Nov 2022 15:50:32 GMT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 36 

                                        
                                            
expires: Sat, 26 Nov 2022 20:01:10 GMT 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75a2ab5b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (16980), with no line terminators

                                                Size:   2463

                                                Md5:    07db1d5e1a37c7315acd1dc2c2d2dbf3

                                                Sha1:   8001af2e1b482cbd1c01186ffe412235ffa775ec

                                                Sha256: 5f5d4c13f72bb6e275b4530936b9a12b0eae3b614c2c3b9a88dda4a735d84049

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    b05606331c6f88a724d9e404e62974e4

                                                Sha1:   72176bc6b618fbbe567b5746ed54e14d381a9815

                                                Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://rbnwc.lpmediastorage.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.195

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15920 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 23 Nov 2022 14:07:32 GMT 

                                        
                                            
expires: Thu, 23 Nov 2023 14:07:32 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 266019 

                                        
                                            
last-modified: Wed, 11 May 2022 19:24:45 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data

                                                Size:   15920

                                                Md5:    3a44e06eb954b96aa043227f3534189d

                                                Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d

                                                Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    b05606331c6f88a724d9e404e62974e4

                                                Sha1:   72176bc6b618fbbe567b5746ed54e14d381a9815

                                                Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

                                        
                                            GET /no/api/v2/page/item/rbnwc-info-page-prizes HTTP/1.1 

                                        
                                            
Host: rbnwc.lpmediastorage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json, text/plain, */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.36.105

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
access-control-expose-headers: X-Device-Type,X-Device-Name 

                                        
                                            
request-id: feapi-81849977-f553-4a0d-9d29-478effe68c94 

                                        
                                            
x-device-name: Other 

                                        
                                            
x-device-type: desktop 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
last-modified: Sat, 26 Nov 2022 15:40:54 GMT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 593 

                                        
                                            
expires: Sat, 26 Nov 2022 20:01:10 GMT 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75b5c18b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (5179), with no line terminators

                                                Size:   16550

                                                Md5:    22dfe7d55f1caf69f2d48bb5f7031cae

                                                Sha1:   df7b3daf19aeb57a1b695c7b93ae4a72847808b8

                                                Sha256: c2750bcce3e0a87e91fd1b4f66000bd9c843fde06b3bdc1cfee3b1f7567c0bf8

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    b05606331c6f88a724d9e404e62974e4

                                                Sha1:   72176bc6b618fbbe567b5746ed54e14d381a9815

                                                Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6783 

                                        
                                            
Expires: Sat, 26 Nov 2022 17:54:14 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8bb181e3f5ca898c6e31a8efc2e28291

                                                Sha1:   eda3a91f8e2cbc5467da08ad85e6f6a30702b66c

                                                Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6783 

                                        
                                            
Expires: Sat, 26 Nov 2022 17:54:14 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8bb181e3f5ca898c6e31a8efc2e28291

                                                Sha1:   eda3a91f8e2cbc5467da08ad85e6f6a30702b66c

                                                Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9049 

                                        
                                            
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cLVVGHzKoAMFSuA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg== 

                                        
                                            
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 21:43:36 GMT 

                                        
                                            
age: 65855 

                                        
                                            
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9049

                                                Md5:    c8dc4b8a7e9f7f4f84f0da568b43392b

                                                Sha1:   3d32bff85cb7ec118c4496d0c3802829fdc9af3b

                                                Sha256: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9

                                        
                                            GET /landings/rabona/preloader.svg HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
last-modified: Fri, 11 Mar 2022 15:53:11 GMT 

                                        
                                            
etag: W/"622b7067-1013" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 957077 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d758caffb4f3-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   10881

                                                Md5:    2753376a8ae9eec160e6279dd45b6275

                                                Sha1:   5f7c2ac117c5ab0295c6d95f2a3f05f09b00751a

                                                Sha256: 0a7e66228a8ba6b90bbffcca4bc15c545f2426cd64742adf8d02ae406ef8c662

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4309 

                                        
                                            
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: b1U8xGxgIAMF-qQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A== 

                                        
                                            
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 05:04:28 GMT 

                                        
                                            
age: 39403 

                                        
                                            
etag: "126771b86638108050cf57c0d12faa27f80f0edb" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4309

                                                Md5:    841a4b110022a99ddea6f7bf66df0fa1

                                                Sha1:   126771b86638108050cf57c0d12faa27f80f0edb

                                                Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

                                        
                                            GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-2_default.svg HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
last-modified: Wed, 09 Nov 2022 13:43:19 GMT 

                                        
                                            
etag: W/"636bae77-a5f" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 703837 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75d694ab4f3-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   2911420

                                                Md5:    7ef379a79affdbc5fbc3e7c0063b25ee

                                                Sha1:   9d21af4712fc475d38c0df4a5a80e045af574efd

                                                Sha256: a3c1481669e0bac714cc93a9d5c700f9b5307e2f7a401d0f36df21c1795294f3

                                        
                                            GET /landings/rabona/video/world-cup/wc-animation_breakpoint-2560-1920.webm?v=3 HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Range: bytes=0- 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: video 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 206 Partial Content 

                                        
                                            
content-type: video/webm

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
content-length: 2235588 

                                        
                                            
last-modified: Wed, 09 Nov 2022 13:43:14 GMT 

                                        
                                            
etag: "636bae72-221cc4" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 593129 

                                        
                                            
content-range: bytes 0-2235587/2235588 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7609ce7b4f3-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  WebM\012- EBML file, creator webmB\20\012- data

                                                Size:   2235588

                                                Md5:    c66dc4b10e91273f6ed1eab4a4c4f8ed

                                                Sha1:   e95de947d878f94fc6e822e12fb2de60cf4109aa

                                                Sha256: 9186562b446a8dbb4282ba112d6689e01a4a27d214fcc15c507956e909b84e89

                                        
                                            GET /dimg/team/1643980747480_senegal.png HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-length: 3432 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: status=not_needed 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: "9ba943420d8e4526171502f6a18fdf33" 

                                        
                                            
last-modified: Fri, 04 Feb 2022 13:19:07 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 1701B83DF1D361AA 

                                        
                                            
x-conv-cache-status: HIT 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 1387627 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762ec8cb527-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 800 x 533, 8-bit colormap, non-interlaced\012- data

                                                Size:   3432

                                                Md5:    9ba943420d8e4526171502f6a18fdf33

                                                Sha1:   22b45e3a20c8fd228d38ccd92d7cb1075f34e559

                                                Sha256: ee1fb94a325d477b4fc58c93578acee4e496db605677dd4dc43ce18ac81e3acb

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4048 

                                        
                                            
Cache-Control: max-age=110969 

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
Etag: "638136f1-118" 

                                        
                                            
Expires: Sun, 27 Nov 2022 22:50:41 GMT 

                                        
                                            
Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT 

                                        
                                            
Server: ECS (ska/F6FD) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    45d3829581c890b944f2c7e10e56d881

                                                Sha1:   c330786685c2871172d201b734b6684becc19906

                                                Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a

                                        
                                            GET /dimg/team/1667224821895_1280pxflagofghana.svg.png HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-length: 5700 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: origSize=5830, status=vary_header_present 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: "01eef8c9bf62a95eead0b44f96c9eb04" 

                                        
                                            
last-modified: Mon, 31 Oct 2022 14:00:21 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17259EEFDB5DE05D 

                                        
                                            
x-conv-cache-status: HIT 

                                        
                                            
x-front-cache-status: MISS 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 1063281 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762ec83b527-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 1280 x 853, 8-bit colormap, non-interlaced\012- data

                                                Size:   5700

                                                Md5:    b90ee45164d3c59611c10b99fedfa049

                                                Sha1:   d9c7f2841aa2b12b2bc8056d7c0a2a0ad475953c

                                                Sha256: cbc4b69f95132368976d8ba974136db920c78b7835ad649f88e40d0fd8fc7953

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3364 

                                        
                                            
Cache-Control: max-age=110285 

                                        
                                            
Date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
Etag: "638136f1-118" 

                                        
                                            
Expires: Sun, 27 Nov 2022 22:39:17 GMT 

                                        
                                            
Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT 

                                        
                                            
Server: ECS (ska/F713) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    45d3829581c890b944f2c7e10e56d881

                                                Sha1:   c330786685c2871172d201b734b6684becc19906

                                                Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a

                                        
                                            GET /no/api/v2/lang/translation HTTP/1.1 

                                        
                                            
Host: rbnwc.lpmediastorage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json, text/plain, */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.36.105

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
access-control-expose-headers: X-Device-Type,X-Device-Name 

                                        
                                            
request-id: feapi-0914c785-8d4b-440a-bab3-15fbf61c1b44 

                                        
                                            
x-device-name: Other 

                                        
                                            
x-device-type: desktop 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
last-modified: Sat, 26 Nov 2022 16:00:21 GMT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 49 

                                        
                                            
expires: Sat, 26 Nov 2022 20:01:10 GMT 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75a2aadb527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_visa.svg HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
last-modified: Tue, 26 Jan 2021 14:54:11 GMT 

                                        
                                            
etag: W/"60102d13-e95" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 957079 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762f884b4f3-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668611070661_por.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"3e907ae18a94e609e4b57f70ece34f35" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 15:04:30 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C4D3010817B 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: MISS 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762ec80b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668611699912_mo.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"41cae12f02c3c035a6e40bdd2bfbb5bf" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 15:14:59 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C4D2F79346E 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: HIT 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7630cb2b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_litecoin.svg HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
last-modified: Tue, 26 Jan 2021 14:54:16 GMT 

                                        
                                            
etag: W/"60102d18-c3c" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 957079 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7644a20b4f3-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-3_default.svg HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
last-modified: Wed, 09 Nov 2022 13:43:14 GMT 

                                        
                                            
etag: W/"636bae72-f1a" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 703837 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75d896ab4f3-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_ecopayz.svg HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
last-modified: Tue, 26 Jan 2021 14:54:16 GMT 

                                        
                                            
etag: W/"60102d18-1771" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 957079 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d76419ddb4f3-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_interac.svg HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
last-modified: Wed, 06 Jul 2022 14:21:26 GMT 

                                        
                                            
etag: W/"62c59a66-32bc" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 957079 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d763f9bbb4f3-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 HTTP/1.1 

                                        
                                            
Host: rbnwc.lpmediastorage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.18.36.105

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
last-modified: Wed, 23 Nov 2022 08:21:19 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: MISS 

                                        
                                            
expires: Sat, 26 Nov 2022 20:01:10 GMT 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7552c24b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /no/api/v2/icon/list?category=landing-licenses&count=100 HTTP/1.1 

                                        
                                            
Host: rbnwc.lpmediastorage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json, text/plain, */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.36.105

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
access-control-expose-headers: X-Device-Type,X-Device-Name 

                                        
                                            
request-id: feapi-1d5b1a56-da1f-41cf-93f3-eaadaf755d72 

                                        
                                            
x-device-name: Other 

                                        
                                            
x-device-type: desktop 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
last-modified: Sat, 26 Nov 2022 15:43:25 GMT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 461 

                                        
                                            
expires: Sat, 26 Nov 2022 20:01:10 GMT 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75b7c33b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668611711325_au.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"1a50ab86dddf696e092e652181571d7e" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 15:15:11 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C4D30EE96FA 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: HIT 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7630ca6b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668611653436_de.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"b5aa958e4ae9e8029a1e03c19514f5bf" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 15:14:13 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C4D32F8C98D 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: MISS 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7643e1cb527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668601370505_arg.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"65b662ea0607d3781ba130ca56463d51" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 12:22:50 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 1728169B1F6F2740 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: HIT 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 867380 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762ec77b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668613878666_cr.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"3eea5c265f7628a6b13c509adf4a1fa1" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 15:51:18 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C4D331F67DD 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: MISS 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762ec8ab527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668610639901_us.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"f9dcba64e77b89ca58c716938ffc16a1" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 14:57:19 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C4D30EA38F7 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: MISS 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762fc9ab527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668611012743_rs.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"b0d2957d29d1bd475b5c28aa5680d14b" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 15:03:32 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C4D3023C03B 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: MISS 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762ec7db527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668611881437_jp.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"07f5419b045afa9c776cf8431469c972" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 15:18:01 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C4D30F42CCD 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: HIT 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762ec89b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_mifinity.svg HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
last-modified: Tue, 26 Jan 2021 14:54:11 GMT 

                                        
                                            
etag: W/"60102d13-2163" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 957079 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7644a26b4f3-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668611031408_br.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"cec2e1e57c4c996b857c65bef3df0b6a" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 15:03:51 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C4D30208D22 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: HIT 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762ec7eb527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /no/api/v2/icon/list?category=footer-payments&count=100 HTTP/1.1 

                                        
                                            
Host: rbnwc.lpmediastorage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json, text/plain, */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.36.105

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
access-control-expose-headers: X-Device-Type,X-Device-Name 

                                        
                                            
request-id: feapi-d9f87325-cde0-4732-ab2d-b02eb5a6e266 

                                        
                                            
x-device-name: Other 

                                        
                                            
x-device-type: desktop 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
last-modified: Sat, 26 Nov 2022 15:40:55 GMT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 593 

                                        
                                            
expires: Sat, 26 Nov 2022 20:01:10 GMT 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d75b6c2fb527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: rbnwc.lpmediastorage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.36.105

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/x-icon

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:11 GMT 

                                        
                                            
last-modified: Thu, 10 Nov 2022 10:46:09 GMT 

                                        
                                            
etag: W/"636cd671-3a6" 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 512 

                                        
                                            
expires: Sat, 26 Nov 2022 20:01:11 GMT 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d76059adb527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668611849022_sa.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"edd99f9074e52aaa9e704672d6a38a54" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 15:17:29 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C496A7F063B 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: HIT 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7630cb0b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
date: Sat, 26 Nov 2022 16:01:10 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1653981171283_1280pxflagofiran-1.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"4d4609d3ab43f2c54c689a5937df05e2" 

                                        
                                            
last-modified: Tue, 31 May 2022 07:12:51 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 1701B83DF17555A5 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: HIT 

                                        
                                            
x-front-cache-status: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 1063281 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762fc97b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /dimg/team/1668613854808_eng.svg HTTP/1.1 

                                        
                                            
Host: rabona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         45.8.106.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"88faab9969508f016f86cbbc328dbce7" 

                                        
                                            
last-modified: Wed, 16 Nov 2022 15:50:54 GMT 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 17281C4D303758E3 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-conv-cache-status: HIT 

                                        
                                            
x-front-cache-status: MISS 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 862791 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d762fc96b527-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_bitcoin.svg HTTP/1.1 

                                        
                                            
Host: joxi.imgsrcdata.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rbnwc.lpmediastorage.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.16.151.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Sat, 26 Nov 2022 16:01:12 GMT 

                                        
                                            
last-modified: Wed, 16 Jun 2021 09:33:13 GMT 

                                        
                                            
etag: W/"60c9c559-2085" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 957079 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703d7643a15b4f3-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	telefonica.site/ph/spin/globe/
IP	79.98.24.35 (Lithuania)
ASN	#212531 UAB Interneto vizija
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-26 16:01:22 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	3
urlquery alerts	No alerts detected
Tags	None

Request	Response
GET /ph/spin/globe/ HTTP/1.1 Host: telefonica.site User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: telefonica.site/ph/spin/globe/ FQDN: telefonica.site IP: 79.98.24.35 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 79.98.24.35 HTTP/1.1 302 Found Content-Type: text/html Date: Sat, 26 Nov 2022 16:01:08 GMT Server: Apache Connection: Upgrade, Keep-Alive Location: //whampamp.com/4/5087048?var=ed2 Keep-Alive: timeout=2, max=100 Transfer-Encoding: chunked --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3969 Expires: Sat, 26 Nov 2022 17:07:18 GMT Date: Sat, 26 Nov 2022 16:01:09 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a9f1d4d98705c281fed3b60343463200 Sha1: db6f8aa98d2eda4e5473b116a222c3055568bb78 Sha256: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3654 Cache-Control: max-age=156653 Date: Sat, 26 Nov 2022 16:01:09 GMT Etag: "6381eaec-1d7" Expires: Mon, 28 Nov 2022 11:32:02 GMT Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15b59d5e62caedb4bec3ba6724906c1e Sha1: 960f801e608a56fdd11449f4face29f62cad2b21 Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13966 Expires: Sat, 26 Nov 2022 19:53:55 GMT Date: Sat, 26 Nov 2022 16:01:09 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 71f9c681a82440fd55e76c780a20e55d Sha1: 3147768cfbcdd06e0c6e69684292e68e99917a80 Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 26 Nov 2022 15:17:32 GMT cache-control: public,max-age=3600 age: 2617 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: d130218d0e2841f39c99610fe1a2ab90 Sha1: 29fbe1e177ee55c7a61ae0a206afff271cf5f945 Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: YCFzlBdPi2tzWkDcl/iDjiXxU+0KlNVShGa2L6/Mc7mYNhTjHb7SaLwRC7idHe82sIW7keLlb9w= x-amz-request-id: H2AD2N7Q4R1MSE4G content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 26 Nov 2022 15:44:17 GMT age: 1012 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /4/5087048?var=ed2 HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: whampamp.com/4/5087048?var=ed2 FQDN: whampamp.com IP: 139.45.197.236 HASH: 4677fe602c2c5e5e9082b82753f43d34c553b5edc083439f44e69e1521b04649 139.45.197.236 HTTP/1.1 200 OK Content-Type: text/html; charset=utf8 Server: nginx Date: Sat, 26 Nov 2022 16:01:09 GMT Transfer-Encoding: chunked Connection: keep-alive X-Trace-Id: f91a99e94bac4d519d31f285cf7c8331 Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Timing-Allow-Origin: * Set-Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ oaidts=1669478469; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT Pragma: no-cache, no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT Access-Control-Allow-Origin: , Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5406) Size: 2954 Md5: 21c43bc930326f775e89bdc25c2cbe7d Sha1: 6650d4627e69070b7b0fb37482465ac378628ca3 Sha256: 4677fe602c2c5e5e9082b82753f43d34c553b5edc083439f44e69e1521b04649 Alerts: Blocklists: - quad9: Sinkholed
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 16:01:09 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E" Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5914 Expires: Sat, 26 Nov 2022 17:39:43 GMT Date: Sat, 26 Nov 2022 16:01:09 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 94d86bd8aa3fb64d5ef4ba39b2093f46 Sha1: f6f8b969e6d14af88dcd584c72ad52d904d459e9 Sha256: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
GET /favicon.ico HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://whampamp.com/4/5087048?var=ed2 Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; oaidts=1669478469	URL: whampamp.com/favicon.ico FQDN: whampamp.com IP: 139.45.197.236 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.236 HTTP/1.1 204 No Content Server: nginx Date: Sat, 26 Nov 2022 16:01:09 GMT Connection: keep-alive Expires: Thu, 31 Dec 2037 23:55:55 GMT Pragma: public Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /img.gif?f=merge&userId=2be49b473d934e2ca2331e348e2f5bc3 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://whampamp.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/img.gif?f=merge&userId=2be49b473d934e2ca2 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Sat, 26 Nov 2022 16:01:09 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=2be49b473d934e2ca2331e348e2f5bc3; expires=Sun, 26 Nov 2023 16:01:09 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 462 Origin: http://whampamp.com Connection: keep-alive Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; oaidts=1669478469 Upgrade-Insecure-Requests: 1	URL: whampamp.com/?z=5087048&syncedCookie=true&rhd=false FQDN: whampamp.com IP: 139.45.197.236 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.236 HTTP/1.1 302 Found Server: nginx Date: Sat, 26 Nov 2022 16:01:09 GMT Content-Length: 0 Connection: keep-alive X-Trace-Id: f8c99511d87f8a97f84bb364f8282133 Link: <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch" Referrer-Policy: no-referrer Location: https://voices-kerence.com/26df10eb-34ec-4879-9dd6-7903ddd1b3d9?zoneid=5087048&bannerid=15819990&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6347981&useragent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0&language=en&connectiontype=broadband&cost=0.003150&visitor_id=620400269049737758&rdk=rk3 Access-Control-Allow-Origin: http://whampamp.com Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding Access-Control-Max-Age: 86400 Pragma: no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT Set-Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ oaidts=1669478469; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ syncedCookie=true; expires=Sat, 03 Dec 2022 16:01:09 GMT; path=/ Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff Timing-Allow-Origin: , --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /26df10eb-34ec-4879-9dd6-7903ddd1b3d9?zoneid=5087048&bannerid=15819990&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6347981&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003150&visitor_id=620400269049737758&rdk=rk3 HTTP/1.1 Host: voices-kerence.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: voices-kerence.com/26df10eb-34ec-4879-9dd6-7903ddd1b3d9 (...) FQDN: voices-kerence.com IP: 18.193.209.105 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 18.193.209.105 HTTP/2 302 Found server: nginx date: Sat, 26 Nov 2022 16:01:09 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://rbn-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16823&bid=9057&clickid=w4g2d23s5gc9egoki37sivek pragma: no-cache set-cookie: 26df10eb-34ec-4879-9dd6-7903ddd1b3d9-v4=Z0SIQTFWaBohKVuzUYwRdMylwkiUyYMBGkafDc739WM; Max-Age=86400; Expires=Sun, 27-Nov-2022 16:01:09 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=1SyTkkDVtvYWB0xa5fI%2FHjgByJVvfzYZtKifrV5Ffe0nF2SFM3G1TvUErv6%2FhAXTRDT8zU57vj9AecfMgT7hRAyTlqu6Ez8X54Tg1%2BQxXsZ3y2DLMe19%2FwUzqjcpFrhRsZVV71%2FM121f2KKdki8Kdg%3D%3D; Max-Age=31536000; Expires=Sun, 26-Nov-2023 16:01:09 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 26 Nov 2022 15:08:54 GMT cache-control: public,max-age=3600 age: 3135 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2779 Cache-Control: max-age=150721 Date: Sat, 26 Nov 2022 16:01:09 GMT Etag: "6381d72b-1d7" Expires: Mon, 28 Nov 2022 09:53:10 GMT Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d3df71aab146eefc49acb608796aab63 Sha1: 8401892995193919376dfcd798b09c8261579454 Sha256: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
GET /redirect.aspx?pid=1360468&lpid=16823&bid=9057&clickid=w4g2d23s5gc9egoki37sivek HTTP/1.1 Host: rbn-bc-7s.lptrak.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: rbn-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=168 (...) FQDN: rbn-bc-7s.lptrak.com IP: 23.36.79.43 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 23.36.79.43 HTTP/2 307 Temporary Redirect content-type: text/html content-length: 0 location: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies" x-aspnet-version: 4.0.30319 request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0 access-control-expose-headers: Request-Context expires: Sat, 26 Nov 2022 16:01:09 GMT cache-control: max-age=0, no-cache, no-store pragma: no-cache date: Sat, 26 Nov 2022 16:01:09 GMT set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a1360468%2c%22BID%22%3a9057%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669478469869)%5c%2f%22%2c%22CookieTag%22%3a%2290571360468451240919C20221126161%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22546355988%7c1%22%7d%5d; domain=.lptrak.com; expires=Mon, 26-Nov-3021 16:01:09 GMT; path=/; secure; SameSite=Strict server-timing: edge; dur=1, origin; dur=67, cdn-cache; desc=MISS X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: fd29e72dee9ebcacd25e134c4f1c2802ec7c947b827165fc29a6c0918e0ad3a6 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5872 Cache-Control: max-age=88669 Date: Sat, 26 Nov 2022 16:01:09 GMT Etag: "6380d8b2-116" Expires: Sun, 27 Nov 2022 16:38:58 GMT Last-Modified: Fri, 25 Nov 2022 15:01:06 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: b6814ea835552da5e0cbca50d3caadef Sha1: 0a489f669694c5e3912a244cf8d491cef7d4a997 Sha256: fd29e72dee9ebcacd25e134c4f1c2802ec7c947b827165fc29a6c0918e0ad3a6
GET /lang.1669191633059.js HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/lang.1669191633059.js FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: 4d904aa1225bc7f740fae13ef7b08d577a081eecf5b1619e96e91234bbfeea54 104.18.36.105 HTTP/2 200 OK content-type: application/javascript date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify etag: W/"637dd7ff-bb6" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 11 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7562d56b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2998), with no line terminators Size: 2035 Md5: a938bd4c1d665f7c53c4f92e6f5d6c36 Sha1: 53e5fb03642b6df7d16ddb3ab1cea67aa01ab3d1 Sha256: 4d904aa1225bc7f740fae13ef7b08d577a081eecf5b1619e96e91234bbfeea54
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: C6Lf1lHjjCLE6uqpryWlNQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.89.217.163 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.89.217.163 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: SwYPX8A1YKsvjcBTBQQuFj1l/+Q= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /942.1669191633059.js HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/942.1669191633059.js FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: bf83690f77e26ddbe0fac7bd4de5dee044f3df51067050ad0cea6fe6ca907cd6 104.18.36.105 HTTP/2 200 OK content-type: application/javascript date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify cf-polished: origSize=424564 etag: W/"637dd7ff-67a74" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 11 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7562d60b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size: 139162 Md5: 4ffc71a18fb31896e715b05afdb38363 Sha1: 51bc8a91972df725c94dcf4b3051c719a8714035 Sha256: bf83690f77e26ddbe0fac7bd4de5dee044f3df51067050ad0cea6fe6ca907cd6
GET /app.1669191633059.js HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/app.1669191633059.js FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: c0da670484295db10313ea5e202d867b8b540862e826fcc804441ab568807893 104.18.36.105 HTTP/2 200 OK content-type: application/javascript date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify etag: W/"637dd7ff-d07c" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 11 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7562d63b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (53372), with no line terminators Size: 12945 Md5: 941d8618300f1675eef76913e2239e83 Sha1: fceb07ed63651200a717b35f8bbd9d368a9f5f66 Sha256: c0da670484295db10313ea5e202d867b8b540862e826fcc804441ab568807893
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 0f0bbf4aa40b597c538daa3882b86a4608379e8f813f569accfda566ba956577 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6135 Cache-Control: max-age=171714 Date: Sat, 26 Nov 2022 16:01:10 GMT Etag: "63821c11-118" Expires: Mon, 28 Nov 2022 15:43:04 GMT Last-Modified: Sat, 26 Nov 2022 14:00:49 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 9a414ea815fd2afd8aec0b164f9bc4be Sha1: 47774ebd7acc4f2074560a12ea0b63a4e8a4a9e9 Sha256: 0f0bbf4aa40b597c538daa3882b86a4608379e8f813f569accfda566ba956577
GET /492.1669191633059.js HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/492.1669191633059.js FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: 5f6a2645e7d97efe35c92935c7c0a83be8c21a369dc53342ccce2a541fd313b7 104.18.36.105 HTTP/2 200 OK content-type: application/javascript date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify etag: W/"637dd7ff-37ac" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 11 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7562d4eb527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (14252), with no line terminators Size: 5249 Md5: 5c36e7e78a56d7908b8d5fbe696753e4 Sha1: 9b046db3f1adbd789c60886ab0c699b239821b8c Sha256: 5f6a2645e7d97efe35c92935c7c0a83be8c21a369dc53342ccce2a541fd313b7
GET /landings/rabona/web_components/images/world-cup-prizes/prize_champions-league_2x.png HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: ea2bde9f9a3768859d584c6b948ae9d1f4e492382e496c564abf95ba3018e6a7 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 31170 access-control-allow-origin: * cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=34923 content-disposition: inline; filename="prize_champions-league_2x.webp" etag: "6357d318-886b" last-modified: Tue, 25 Oct 2022 12:14:16 GMT vary: Accept cf-cache-status: HIT age: 703836 accept-ranges: bytes server: cloudflare cf-ray: 7703d7595bbdb4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 31170 Md5: 2b5870e66cb3abbeccbe7db8021297b1 Sha1: a0ff1ad6f14af2ea2fd45dfe221c366b0d8d7775 Sha256: ea2bde9f9a3768859d584c6b948ae9d1f4e492382e496c564abf95ba3018e6a7
GET /landings/rabona/web_components/images/world-cup-prizes/prize_holidays_2x.png HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: bdddc61dab64a211198a836fc2d6655321018f527e91055172b173fa2bee3e94 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 24224 access-control-allow-origin: * cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=26094 content-disposition: inline; filename="prize_holidays_2x.webp" etag: "6357d318-65ee" last-modified: Tue, 25 Oct 2022 12:14:16 GMT vary: Accept cf-cache-status: HIT age: 699084 accept-ranges: bytes server: cloudflare cf-ray: 7703d7595bbeb4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 24224 Md5: 208c02c90f77e71efcb51f01ded20311 Sha1: 93e27e93b19fc20415294b4e91c6a6969833a3f7 Sha256: bdddc61dab64a211198a836fc2d6655321018f527e91055172b173fa2bee3e94
GET /index.1669191633059.css HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/index.1669191633059.css FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: 45f262ab4c96ca29e5efd61af073853e4e2b58ef293050b6071f8029f7b66e15 104.18.36.105 HTTP/2 200 OK content-type: text/css date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify cf-polished: origSize=25491 etag: W/"637dd7ff-6393" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 49 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7563d64b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (25477), with no line terminators Size: 181740 Md5: 0b3ea2195ebe32709f5fbd5636e0167b Sha1: 898504d00f39d3449fe2a06f826d314eb47a8b77 Sha256: 45f262ab4c96ca29e5efd61af073853e4e2b58ef293050b6071f8029f7b66e15
GET /sprite.1669191633059.css HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/sprite.1669191633059.css FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: e8ac790ab987441d78fa8619c0a74d15876389a531cd49825f497ad2be2c527a 104.18.36.105 HTTP/2 200 OK content-type: text/css date: Sat, 26 Nov 2022 16:01:10 GMT cf-bgj: minify cf-polished: origSize=5063 etag: W/"637dd7ff-13c7" last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: HIT age: 49 expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7563d67b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (5055), with no line terminators Size: 17797 Md5: c01f6cca26faabaee983e374feb11a60 Sha1: 658004d57306f2e77b37593dbcfcc081dd58cf1d Sha256: e8ac790ab987441d78fa8619c0a74d15876389a531cd49825f497ad2be2c527a
GET /landings/rabona/web_components/decor/world-cup-landing/decor_under-steps.png HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/deco (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 27ccfda9e1fc590b8630c0d3e1f432da93c82ede9378fe2530ba1cce84d1e63f 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 218568 access-control-allow-origin: * cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=246593 content-disposition: inline; filename="decor_under-steps.webp" etag: "6357d318-3c341" last-modified: Tue, 25 Oct 2022 12:14:16 GMT vary: Accept cf-cache-status: HIT age: 703836 accept-ranges: bytes server: cloudflare cf-ray: 7703d7595bc9b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 218568 Md5: 5a40cfa500a5735b69c40699ac055899 Sha1: 7a832ee76d32993579f067b12354f4913e4b2998 Sha256: 27ccfda9e1fc590b8630c0d3e1f432da93c82ede9378fe2530ba1cce84d1e63f
GET /landings/rabona/web_components/decor/world-cup-landing/decor_shape-under-prizes.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/deco (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 276e3ff63b068e4e0b32e068b7ddccfa0f2716878323508e1187671758c07209 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:10 GMT last-modified: Tue, 25 Oct 2022 12:14:16 GMT etag: W/"6357d318-412" access-control-allow-origin: * cf-cache-status: HIT age: 703836 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7594bb2b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 29464 Md5: 64bdb9cd99d14d35c3bee7672d4a1c78 Sha1: d0b9b1e43203a5f7ceabb2e37eaec5b92e6f7e29 Sha256: 276e3ff63b068e4e0b32e068b7ddccfa0f2716878323508e1187671758c07209
GET /landings/rabona/web_components/bg/world-cup-landing/offer_bg.png HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/bg/w (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 143a981873ee828840e10ed944af31149a0f72a76e7dbaceda6ab67dab5dbfa0 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 363844 access-control-allow-origin: * cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=387867 content-disposition: inline; filename="offer_bg.webp" etag: "6357d31d-5eb1b" last-modified: Tue, 25 Oct 2022 12:14:21 GMT vary: Accept cf-cache-status: HIT age: 703836 accept-ranges: bytes server: cloudflare cf-ray: 7703d7596bcbb4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 363844 Md5: 2f40d7ff017e57aebb72a41a54069669 Sha1: 85eb63ee1c8447059e68d32be2524a76bd7db83a Sha256: 143a981873ee828840e10ed944af31149a0f72a76e7dbaceda6ab67dab5dbfa0
GET /landings/rabona/web_components/images/world-cup-prizes/prize_holidays_2x.webp HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 653154cc70106fe67893c78971dd479512080eb38bdfa35e394c21f8ffb77b19 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 26798 last-modified: Tue, 25 Oct 2022 12:14:21 GMT etag: "6357d31d-68ae" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a1c98b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 26798 Md5: 4b715beb3b07e6ef7121e75e6eb17841 Sha1: 559f56493de681788e9177bcc93025b67d326cb5 Sha256: 653154cc70106fe67893c78971dd479512080eb38bdfa35e394c21f8ffb77b19
GET /landings/rabona/web_components/images/world-cup-prizes/prize_bitcoit_2x.webp HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 2fa83cad0ab5404b29c9736a1e19ce6c529dcd1f2884ed819c8ab73bfa3c97fb 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 188138 last-modified: Tue, 25 Oct 2022 12:14:21 GMT etag: "6357d31d-2deea" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a1c99b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 188138 Md5: fb32d198244f858d040d39097f390e83 Sha1: da9beb8b020f3c3ae8a6576d6b7e8f9b5c1751e1 Sha256: 2fa83cad0ab5404b29c9736a1e19ce6c529dcd1f2884ed819c8ab73bfa3c97fb
GET /landings/rabona/web_components/images/world-cup-prizes/prize_official-shirts_2x.webp HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: c343dab054ae1fdecddee80f147d2ef2663ea1166ae27dacdbd066b883aa83a7 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 29558 last-modified: Tue, 25 Oct 2022 12:14:21 GMT etag: "6357d31d-7376" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a1c9ab4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29558 Md5: b334a21c602eab15a2497f6ca0c5814e Sha1: 246f5bd92aac1f6fceaa936da05747348f99a946 Sha256: c343dab054ae1fdecddee80f147d2ef2663ea1166ae27dacdbd066b883aa83a7
GET /landings/rabona/web_components/images/world-cup-prizes/prize_iphone-rabona_2x.webp HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 3ed5e7c864dc2b08549fde9df2f526a3c00b223515083e97843a19c125d63770 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 16698 last-modified: Tue, 25 Oct 2022 12:14:21 GMT etag: "6357d31d-413a" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a2c9eb4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 16698 Md5: b78e3a413988d60fd6966556f291857a Sha1: 25bf1c21b48a26e0adc50b4f0c2792d99539e6df Sha256: 3ed5e7c864dc2b08549fde9df2f526a3c00b223515083e97843a19c125d63770
GET /landings/rabona/web_components/images/world-cup-prizes/prize_champions-league_2x.webp HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/imag (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 32a336fb039d5e08ec954a9ba9e808e977a688fe283483745cec532ac50b49ce 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 44816 last-modified: Tue, 25 Oct 2022 12:14:16 GMT etag: "6357d318-af10" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a1c96b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 44816 Md5: 56b4cdef4512497f7e54c28ec6a648e6 Sha1: b9acaeb583debe36cd5f5555e4a2bf5bf452c36b Sha256: 32a336fb039d5e08ec954a9ba9e808e977a688fe283483745cec532ac50b49ce
GET /landings/rabona/web_components/bg/world-cup-landing/offer_bg.avif HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/bg/w (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 7bdcd9fc0b5fa6b2e935b64f753544187cf4f36337d2631e5dc28b929728f12a 104.16.151.45 HTTP/2 200 OK content-type: application/octet-stream date: Sat, 26 Nov 2022 16:01:10 GMT content-length: 382139 last-modified: Tue, 25 Oct 2022 12:14:16 GMT etag: "6357d318-5d4bb" access-control-allow-origin: * cf-cache-status: HIT age: 703836 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7703d75a2ca0b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: ISO Media, AVIF Image\012- data Size: 382139 Md5: 2b3c4044f4585347634b3ae11e03e6d4 Sha1: 8fdb7ea564e06de5353352514d8d694f36d270d8 Sha256: 7bdcd9fc0b5fa6b2e935b64f753544187cf4f36337d2631e5dc28b929728f12a
GET /landings/rabona/web_components/decor/world-cup-landing/decor_under-main-banner.png HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/deco (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 9c7641676b6af62758d6932818c8e2a627b31b5b2f75d585735bccb8da86a947 104.16.151.45 HTTP/2 200 OK content-type: image/webp date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 323484 access-control-allow-origin: * cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=371796 content-disposition: inline; filename="decor_under-main-banner.webp" etag: "6357d318-5ac54" last-modified: Tue, 25 Oct 2022 12:14:16 GMT vary: Accept cf-cache-status: HIT age: 703837 accept-ranges: bytes server: cloudflare cf-ray: 7703d75d08a4b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 323484 Md5: bfebd07818ed68b63c66825c7467a5f5 Sha1: 6bba5424e27e69358f09b987f5b6852a293a9589 Sha256: 9c7641676b6af62758d6932818c8e2a627b31b5b2f75d585735bccb8da86a947
GET /no/api/v2/page/item/rbnwc-info-page-tournament HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/page/item/rbnwc-info (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: 0067ded95f40bd5f8fd7648395f1253eb064a7396d7c82ce9ea87780e89449df 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-981b622b-3185-41fb-80d1-2883b2df9df1 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 15:50:20 GMT cf-cache-status: HIT age: 49 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75b4c10b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , Unicode text, UTF-8 text, with very long lines (10867), with no line terminators Size: 152993 Md5: c53f51b0ee2b9749f3368fbb171e232f Sha1: 89675c9f22b392ee096edfe8389e05a9b23b0a4b Sha256: 0067ded95f40bd5f8fd7648395f1253eb064a7396d7c82ce9ea87780e89449df
GET /landings/rabona/video/world-cup/wc-animation_breakpoint-768.mp4?v=3 HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/video/world-cup/wc- (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 158da18f61b743741968888656b5f22aae265f3063232316b278eda63903294f 104.16.151.45 HTTP/2 206 Partial Content content-type: video/mp4 date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 864243 last-modified: Wed, 09 Nov 2022 13:43:14 GMT etag: "636bae72-d2ff3" access-control-allow-origin: * cf-cache-status: HIT age: 703837 content-range: bytes 0-864242/864243 server: cloudflare cf-ray: 7703d75dc9bdb4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size: 864243 Md5: b39ebad3480f40d75720ddca7251fe89 Sha1: eae540c150999d46470d61f1c5927387b640383e Sha256: 158da18f61b743741968888656b5f22aae265f3063232316b278eda63903294f
GET /landings/rabona/video/world-cup/wc-animation_breakpoint-414-360.mp4?v=3 HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/video/world-cup/wc- (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: e5aaa106fc828edbc01a521863194522d43ef744a8769827b005df4904bd3d0c 104.16.151.45 HTTP/2 206 Partial Content content-type: video/mp4 date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 608540 last-modified: Wed, 09 Nov 2022 13:43:14 GMT etag: "636bae72-9491c" access-control-allow-origin: * cf-cache-status: HIT age: 703837 content-range: bytes 0-608539/608540 server: cloudflare cf-ray: 7703d75dc9c9b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size: 608540 Md5: f246b917c1518b3675002ef5517f7e46 Sha1: 32998b34ba8333305713fe3a2cd4dd585b63b6d0 Sha256: e5aaa106fc828edbc01a521863194522d43ef744a8769827b005df4904bd3d0c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 16:01:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
GET /landings/rabona/web_components/steps/world-cup/wcstep_underline_default.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 2a71b57e97580303aa95b64ee167d4667b67dd2435183baf16f92912e4dd9fc2 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 14:45:10 GMT etag: W/"636bbcf6-a5" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d18c1b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1551253 Md5: 3c60ee68be172ed9dbeb309325c017db Sha1: 9b99256ea1cba30ea57312e69ce343fea2e37bb9 Sha256: 2a71b57e97580303aa95b64ee167d4667b67dd2435183baf16f92912e4dd9fc2
GET /no/api/v2/game-events-feed/feed?category=worldcup&count=100 HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/game-events-feed/fee (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: 5f5d4c13f72bb6e275b4530936b9a12b0eae3b614c2c3b9a88dda4a735d84049 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-9ba55ae3-c7f4-4e6b-992f-ab1943dc0460 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 15:50:32 GMT cf-cache-status: HIT age: 36 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75a2ab5b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (16980), with no line terminators Size: 2463 Md5: 07db1d5e1a37c7315acd1dc2c2d2dbf3 Sha1: 8001af2e1b482cbd1c01186ffe412235ffa775ec Sha256: 5f5d4c13f72bb6e275b4530936b9a12b0eae3b614c2c3b9a88dda4a735d84049
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rbnwc.lpmediastorage.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 18:53:49 GMT expires: Thu, 23 Nov 2023 18:53:49 GMT cache-control: public, max-age=31536000 age: 248842 last-modified: Wed, 11 May 2022 19:24:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size: 15860 Md5: e9f5aaf547f165386cd313b995dddd8e Sha1: acdef5603c2387b0e5bffd744b679a24a8bc1968 Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 16:01:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 16:01:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rbnwc.lpmediastorage.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15920 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 14:07:32 GMT expires: Thu, 23 Nov 2023 14:07:32 GMT cache-control: public, max-age=31536000 age: 266019 last-modified: Wed, 11 May 2022 19:24:45 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data Size: 15920 Md5: 3a44e06eb954b96aa043227f3534189d Sha1: 23cef6993ddb2b2979e8e7647fc3763694e2ba7d Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rbnwc.lpmediastorage.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5j (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15700 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 18:51:51 GMT expires: Thu, 23 Nov 2023 18:51:51 GMT cache-control: public, max-age=31536000 age: 248960 last-modified: Tue, 19 Apr 2022 18:51:55 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data Size: 15700 Md5: 3d7f7413fca69bff4d231ebdc50aaab0 Sha1: cb18e7943b6a8a0e3672d7242197c19a226b92e8 Sha256: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 16:01:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rbnwc.lpmediastorage.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 19:34:08 GMT expires: Thu, 23 Nov 2023 19:34:08 GMT cache-control: public, max-age=31536000 age: 246423 last-modified: Wed, 11 May 2022 19:24:48 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /no/api/v2/page/item/rbnwc-info-page-prizes HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/page/item/rbnwc-info (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 HASH: c2750bcce3e0a87e91fd1b4f66000bd9c843fde06b3bdc1cfee3b1f7567c0bf8 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-81849977-f553-4a0d-9d29-478effe68c94 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 15:40:54 GMT cf-cache-status: HIT age: 593 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75b5c18b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (5179), with no line terminators Size: 16550 Md5: 22dfe7d55f1caf69f2d48bb5f7031cae Sha1: df7b3daf19aeb57a1b695c7b93ae4a72847808b8 Sha256: c2750bcce3e0a87e91fd1b4f66000bd9c843fde06b3bdc1cfee3b1f7567c0bf8
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rbnwc.lpmediastorage.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5j (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15660 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 22 Nov 2022 22:17:43 GMT expires: Wed, 22 Nov 2023 22:17:43 GMT cache-control: public, max-age=31536000 age: 323008 last-modified: Tue, 19 Apr 2022 18:42:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data Size: 15660 Md5: d7b0b953a50fddaa88089b5b787cf719 Sha1: 2f85bc568b27659a3d6452f58f9fd7678450326d Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 16:01:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-1_active.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 3aba8fdddfdd114048b94630241de62d73dbdda138f6cecccf08f638d8ba8349 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 13:43:19 GMT etag: W/"636bae77-451" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d18c5b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1005 Md5: b18c8e0c42776725502d54b1df4a7ec6 Sha1: f89e89840ca20ea083c3f2846809afbb7ddab9ea Sha256: 3aba8fdddfdd114048b94630241de62d73dbdda138f6cecccf08f638d8ba8349
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6783 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 16:01:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6783 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 16:01:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6783 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 16:01:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfe2d23-9843-4fb7-b46a-fd8ffd7bce9a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3110f22342b17a7b1d30bd53350e6a11fd6032d97bccf4206e4a27d6e332c79b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9011 x-amzn-requestid: f0e83373-0f65-4358-a902-45f2e9c24c24 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLUfPHzAoAMF4ow= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63813461-19e037da49c44e4363bbe8f0;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:17 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: BhDa2CHAFtN7I8edeVOkRMzIRzmRPgHHnk1W_W5oZnRjaFN2vqze2g== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:48:49 GMT age: 65542 etag: "bed54bd4f659fbf29834b262e9179df7e7bc56a6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9011 Md5: d30923b7d20eeb37527255c3ee1da34f Sha1: bed54bd4f659fbf29834b262e9179df7e7bc56a6 Sha256: 3110f22342b17a7b1d30bd53350e6a11fd6032d97bccf4206e4a27d6e332c79b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9049 x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVVGHzKoAMFSuA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:43:36 GMT age: 65855 etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9049 Md5: c8dc4b8a7e9f7f4f84f0da568b43392b Sha1: 3d32bff85cb7ec118c4496d0c3802829fdc9af3b Sha256: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 15818 x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLXrUF3bIAMF8CA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 22:33:09 GMT etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8" age: 62882 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15818 Md5: 17ebe470d040a6ea8c57e9b9d4f4e828 Sha1: 1ac7a410cd4f3709f476c776dd5646dd982dcfa8 Sha256: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /landings/rabona/preloader.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: joxi.imgsrcdata.com/landings/rabona/preloader.svg FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 0a7e66228a8ba6b90bbffcca4bc15c545f2426cd64742adf8d02ae406ef8c662 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:10 GMT last-modified: Fri, 11 Mar 2022 15:53:11 GMT etag: W/"622b7067-1013" access-control-allow-origin: * cf-cache-status: HIT age: 957077 vary: Accept-Encoding server: cloudflare cf-ray: 7703d758caffb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 10881 Md5: 2753376a8ae9eec160e6279dd45b6275 Sha1: 5f7c2ac117c5ab0295c6d95f2a3f05f09b00751a Sha256: 0a7e66228a8ba6b90bbffcca4bc15c545f2426cd64742adf8d02ae406ef8c662
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3502 x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCvYUHO5IAMFqDA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 07:13:26 GMT age: 31665 etag: "61f9bed607e81606be78285596acdc5e0e4f4994" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3502 Md5: a783df85f30f9c555f9df6b99f61744d Sha1: 61f9bed607e81606be78285596acdc5e0e4f4994 Sha256: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4309 x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b1U8xGxgIAMF-qQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 05:04:28 GMT age: 39403 etag: "126771b86638108050cf57c0d12faa27f80f0edb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4309 Md5: 841a4b110022a99ddea6f7bf66df0fa1 Sha1: 126771b86638108050cf57c0d12faa27f80f0edb Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /landings/rabona/video/world-cup/wc-animation_breakpoint-414-360.webm?v=3 HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/video/world-cup/wc- (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 46b3bb54d40a80df33a8e98a7f3308619d8ef4753a56ce1bace9a2ca115921f4 104.16.151.45 HTTP/2 206 Partial Content content-type: video/webm date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 755529 last-modified: Wed, 09 Nov 2022 13:43:19 GMT etag: "636bae77-b8749" access-control-allow-origin: * cf-cache-status: HIT age: 593129 content-range: bytes 0-755528/755529 server: cloudflare cf-ray: 7703d760ad12b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: WebM\012- EBML file, creator webmB\20\012- data Size: 755529 Md5: 1128fbc6daaae24fe30316a6ca11bf77 Sha1: 99cc50e9b5dbee694b8f5eb172824300221fa221 Sha256: 46b3bb54d40a80df33a8e98a7f3308619d8ef4753a56ce1bace9a2ca115921f4
GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-2_default.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: a3c1481669e0bac714cc93a9d5c700f9b5307e2f7a401d0f36df21c1795294f3 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 13:43:19 GMT etag: W/"636bae77-a5f" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d694ab4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 2911420 Md5: 7ef379a79affdbc5fbc3e7c0063b25ee Sha1: 9d21af4712fc475d38c0df4a5a80e045af574efd Sha256: a3c1481669e0bac714cc93a9d5c700f9b5307e2f7a401d0f36df21c1795294f3
GET /landings/rabona/video/world-cup/wc-animation_breakpoint-1280.webm?v=3 HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/video/world-cup/wc- (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 262619667c85f999279f6c5ed815fbae640f70ee9092b89360f1e0cf8e22aa01 104.16.151.45 HTTP/2 206 Partial Content content-type: video/webm date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 1651357 last-modified: Wed, 09 Nov 2022 13:43:14 GMT etag: "636bae72-19329d" access-control-allow-origin: * cf-cache-status: HIT age: 703837 content-range: bytes 0-1651356/1651357 server: cloudflare cf-ray: 7703d7609cf0b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: WebM\012- EBML file, creator webmB\20\012- data Size: 1651357 Md5: 5460627cbccc6ed993a0de5ef799d4b9 Sha1: 385e50136075f6bede3b784d4c6afce95fabf1d6 Sha256: 262619667c85f999279f6c5ed815fbae640f70ee9092b89360f1e0cf8e22aa01
GET /landings/rabona/video/world-cup/wc-animation_breakpoint-2560-1920.webm?v=3 HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/video/world-cup/wc- (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 HASH: 9186562b446a8dbb4282ba112d6689e01a4a27d214fcc15c507956e909b84e89 104.16.151.45 HTTP/2 206 Partial Content content-type: video/webm date: Sat, 26 Nov 2022 16:01:11 GMT content-length: 2235588 last-modified: Wed, 09 Nov 2022 13:43:14 GMT etag: "636bae72-221cc4" access-control-allow-origin: * cf-cache-status: HIT age: 593129 content-range: bytes 0-2235587/2235588 server: cloudflare cf-ray: 7703d7609ce7b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: WebM\012- EBML file, creator webmB\20\012- data Size: 2235588 Md5: c66dc4b10e91273f6ed1eab4a4c4f8ed Sha1: e95de947d878f94fc6e822e12fb2de60cf4109aa Sha256: 9186562b446a8dbb4282ba112d6689e01a4a27d214fcc15c507956e909b84e89
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5051 Cache-Control: max-age=111971 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 23:07:23 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
GET /dimg/team/1643980747480_senegal.png HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1643980747480_senegal.png FQDN: rabona.com IP: 45.8.106.46 HASH: ee1fb94a325d477b4fc58c93578acee4e496db605677dd4dc43ce18ac81e3acb 45.8.106.46 HTTP/2 200 OK content-type: image/png date: Sat, 26 Nov 2022 16:01:12 GMT content-length: 3432 cf-bgj: imgq:85,h2pri cf-polished: status=not_needed content-security-policy: block-all-mixed-content etag: "9ba943420d8e4526171502f6a18fdf33" last-modified: Fri, 04 Feb 2022 13:19:07 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1701B83DF1D361AA x-conv-cache-status: HIT x-front-cache-status: HIT x-xss-protection: 1; mode=block cf-cache-status: HIT age: 1387627 accept-ranges: bytes server: cloudflare cf-ray: 7703d762ec8cb527-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 800 x 533, 8-bit colormap, non-interlaced\012- data Size: 3432 Md5: 9ba943420d8e4526171502f6a18fdf33 Sha1: 22b45e3a20c8fd228d38ccd92d7cb1075f34e559 Sha256: ee1fb94a325d477b4fc58c93578acee4e496db605677dd4dc43ce18ac81e3acb
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5051 Cache-Control: max-age=111971 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 23:07:23 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4048 Cache-Control: max-age=110969 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 22:50:41 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F6FD) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1950 Cache-Control: max-age=108870 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 22:15:42 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
GET /dimg/team/1667224821895_1280pxflagofghana.svg.png HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1667224821895_1280pxflagofghana.svg.png FQDN: rabona.com IP: 45.8.106.46 HASH: cbc4b69f95132368976d8ba974136db920c78b7835ad649f88e40d0fd8fc7953 45.8.106.46 HTTP/2 200 OK content-type: image/png date: Sat, 26 Nov 2022 16:01:12 GMT content-length: 5700 cf-bgj: imgq:85,h2pri cf-polished: origSize=5830, status=vary_header_present content-security-policy: block-all-mixed-content etag: "01eef8c9bf62a95eead0b44f96c9eb04" last-modified: Mon, 31 Oct 2022 14:00:21 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17259EEFDB5DE05D x-conv-cache-status: HIT x-front-cache-status: MISS x-xss-protection: 1; mode=block cf-cache-status: HIT age: 1063281 accept-ranges: bytes server: cloudflare cf-ray: 7703d762ec83b527-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1280 x 853, 8-bit colormap, non-interlaced\012- data Size: 5700 Md5: b90ee45164d3c59611c10b99fedfa049 Sha1: d9c7f2841aa2b12b2bc8056d7c0a2a0ad475953c Sha256: cbc4b69f95132368976d8ba974136db920c78b7835ad649f88e40d0fd8fc7953
GET /dimg/team/1669401279135_flagoftunisia.svg.png HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1669401279135_flagoftunisia.svg.png FQDN: rabona.com IP: 45.8.106.46 HASH: cf5dbfc0fee120aeca579e1c52158d980899aacb3016d5d8aa892cd6cabad2e8 45.8.106.46 HTTP/2 200 OK content-type: image/png date: Sat, 26 Nov 2022 16:01:12 GMT content-length: 61818 cf-bgj: imgq:85,h2pri cf-polished: origSize=62053, status=vary_header_present content-security-policy: block-all-mixed-content etag: "fff80b663b71b53a88f114d1ea46807b" last-modified: Fri, 25 Nov 2022 18:34:39 GMT vary: Origin, Accept-Encoding x-amz-request-id: 172AEFFC8709A317 x-conv-cache-status: HIT x-front-cache-status: HIT x-xss-protection: 1; mode=block cf-cache-status: HIT age: 67790 accept-ranges: bytes server: cloudflare cf-ray: 7703d762fc9bb527-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 2560 x 1707, 8-bit/color RGB, non-interlaced\012- data Size: 61818 Md5: daf66d5070c570b200260ff1db911b26 Sha1: a8a8eb9e0d6287216290d2c1b2f14abb9a394694 Sha256: cf5dbfc0fee120aeca579e1c52158d980899aacb3016d5d8aa892cd6cabad2e8
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3364 Cache-Control: max-age=110285 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 22:39:17 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F713) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5051 Cache-Control: max-age=111971 Date: Sat, 26 Nov 2022 16:01:12 GMT Etag: "638136f1-118" Expires: Sun, 27 Nov 2022 23:07:23 GMT Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 45d3829581c890b944f2c7e10e56d881 Sha1: c330786685c2871172d201b734b6684becc19906 Sha256: b073e8f48efbe5a4dd90205ffbfc02d02bdc06b5263f7776e549a72c7d5ca79a
GET /no/api/v2/lang/translation HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/lang/translation FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-0914c785-8d4b-440a-bab3-15fbf61c1b44 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 16:00:21 GMT cf-cache-status: HIT age: 49 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75a2aadb527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/netherlands.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/netherlands.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"e53fc83f569b904b5b883c87a37b5607" last-modified: Mon, 23 Aug 2021 17:59:40 GMT vary: Origin, Accept-Encoding x-amz-request-id: 170135A072BE1B5F x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 1387627 server: cloudflare cf-ray: 7703d762fc8db527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_visa.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:11 GMT etag: W/"60102d13-e95" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d762f884b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_postepay.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-26b7" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d763f9b8b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611070661_por.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611070661_por.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"3e907ae18a94e609e4b57f70ece34f35" last-modified: Wed, 16 Nov 2022 15:04:30 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D3010817B x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec80b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611167363_cmrn.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611167363_cmrn.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"b7131391313c2a47343e321a396366b6" last-modified: Wed, 16 Nov 2022 15:06:07 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30E4A5FB x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: MISS cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec7cb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611699912_mo.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rabona.com/dimg/team/1668611699912_mo.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"41cae12f02c3c035a6e40bdd2bfbb5bf" last-modified: Wed, 16 Nov 2022 15:14:59 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D2F79346E x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7630cb2b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_banktransfer.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:11 GMT etag: W/"60102d13-2efc" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7643a14b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_litecoin.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-c3c" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7644a20b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /no/api/v2/page/item/rbnwc-info-page-promo HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/page/item/rbnwc-info (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-c566f214-6208-444a-8174-85e418fcfe2b x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 16:01:01 GMT cf-cache-status: HIT age: 9 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75b5c16b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-3_default.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 13:43:14 GMT etag: W/"636bae72-f1a" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d896ab4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_cartasi.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-2466" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d763089bb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_ecopayz.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-1771" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d76419ddb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611337887_bel.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rabona.com/dimg/team/1668611337887_bel.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"a8e60e6d6ba2b86740fd5e9a8d5b2bd9" last-modified: Wed, 16 Nov 2022 15:08:57 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D3008C185 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7643e1bb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_interac.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Wed, 06 Jul 2022 14:21:26 GMT etag: W/"62c59a66-32bc" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d763f9bbb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611759307_mx.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rabona.com/dimg/team/1668611759307_mx.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"78a506ed9f0592c91389bc71e183eb81" last-modified: Wed, 16 Nov 2022 15:15:59 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C496AE07C1C x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7643e19b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47 (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: text/html date: Sat, 26 Nov 2022 16:01:10 GMT last-modified: Wed, 23 Nov 2022 08:21:19 GMT vary: Accept-Encoding cf-cache-status: MISS expires: Sat, 26 Nov 2022 20:01:10 GMT cache-control: public, max-age=14400 server: cloudflare cf-ray: 7703d7552c24b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611673222_cr.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611673222_cr.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"d70b83d15bec9f4ee6e32f5a16c23320" last-modified: Wed, 16 Nov 2022 15:14:33 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30A0BE75 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec7ab527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /no/api/v2/icon/list?category=landing-licenses&count=100 HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/icon/list?category=l (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-1d5b1a56-da1f-41cf-93f3-eaadaf755d72 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 15:43:25 GMT cf-cache-status: HIT age: 461 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75b7c33b527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611119507_uy.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611119507_uy.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"8009c4f010b949c65e70b06b2989c09e" last-modified: Wed, 16 Nov 2022 15:05:19 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D3377B439 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec81b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611711325_au.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611711325_au.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"1a50ab86dddf696e092e652181571d7e" last-modified: Wed, 16 Nov 2022 15:15:11 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30EE96FA x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7630ca6b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611815388_dk.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611815388_dk.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"2c078b26e453e344b02d028fcbd4a629" last-modified: Wed, 16 Nov 2022 15:16:55 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D3071F2F5 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7630ca8b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611653436_de.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rabona.com/dimg/team/1668611653436_de.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"b5aa958e4ae9e8029a1e03c19514f5bf" last-modified: Wed, 16 Nov 2022 15:14:13 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D32F8C98D x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7643e1cb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_ethereum.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:11 GMT etag: W/"60102d13-14ee" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7643a17b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668601370505_arg.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rabona.com/dimg/team/1668601370505_arg.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"65b662ea0607d3781ba130ca56463d51" last-modified: Wed, 16 Nov 2022 12:22:50 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1728169B1F6F2740 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 867380 server: cloudflare cf-ray: 7703d762ec77b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-3_active.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 13:43:19 GMT etag: W/"636bae77-f1c" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d8971b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668613878666_cr.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668613878666_cr.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"3eea5c265f7628a6b13c509adf4a1fa1" last-modified: Wed, 16 Nov 2022 15:51:18 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D331F67DD x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec8ab527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_mastercard.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:11 GMT etag: W/"60102d13-1b34" access-control-allow-origin: * cf-cache-status: HIT age: 847995 vary: Accept-Encoding server: cloudflare cf-ray: 7703d762f88ab4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668610639901_us.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668610639901_us.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"f9dcba64e77b89ca58c716938ffc16a1" last-modified: Wed, 16 Nov 2022 14:57:19 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30EA38F7 x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762fc9ab527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_jeton.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Thu, 02 Dec 2021 12:30:12 GMT etag: W/"61a8bc54-154d" access-control-allow-origin: * cf-cache-status: HIT age: 847995 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7646a5cb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611012743_rs.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611012743_rs.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"b0d2957d29d1bd475b5c28aa5680d14b" last-modified: Wed, 16 Nov 2022 15:03:32 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D3023C03B x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec7db527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-2_active.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/landings/rabona/web_components/step (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Wed, 09 Nov 2022 13:43:19 GMT etag: W/"636bae77-a61" access-control-allow-origin: * cf-cache-status: HIT age: 703837 vary: Accept-Encoding server: cloudflare cf-ray: 7703d75d694bb4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611881437_jp.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611881437_jp.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"07f5419b045afa9c776cf8431469c972" last-modified: Wed, 16 Nov 2022 15:18:01 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30F42CCD x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec89b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/wales.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/wales.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"d2c365be887ee592c10229e3cef43eff" last-modified: Mon, 23 Aug 2021 17:59:40 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1701232DEA64AFEF x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 1063281 server: cloudflare cf-ray: 7703d762fc92b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_mifinity.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:11 GMT etag: W/"60102d13-2163" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7644a26b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611744819_pl.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611744819_pl.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"4beb1bf287261c3d403f083895eb2436" last-modified: Wed, 16 Nov 2022 15:15:44 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C496E147CAF x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7630cafb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611031408_br.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611031408_br.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"cec2e1e57c4c996b857c65bef3df0b6a" last-modified: Wed, 16 Nov 2022 15:03:51 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30208D22 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec7eb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Roboto+Condensed:400,400i,700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Roboto+Condensed:400,40 (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 26 Nov 2022 16:01:10 GMT date: Sat, 26 Nov 2022 16:01:10 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /no/api/v2/icon/list?category=footer-payments&count=100 HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/no/api/v2/icon/list?category=f (...) FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 16:01:10 GMT access-control-allow-origin: * cache-control: public, max-age=14400 vary: Accept-Encoding access-control-expose-headers: X-Device-Type,X-Device-Name request-id: feapi-d9f87325-cde0-4732-ab2d-b02eb5a6e266 x-device-name: Other x-device-type: desktop x-xss-protection: 1; mode=block x-cache-status: MISS last-modified: Sat, 26 Nov 2022 15:40:55 GMT cf-cache-status: HIT age: 593 expires: Sat, 26 Nov 2022 20:01:10 GMT server: cloudflare cf-ray: 7703d75b6c2fb527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611102820_kr.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611102820_kr.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"151ff3dff78959bdf5d319d1ccce20f5" last-modified: Wed, 16 Nov 2022 15:05:02 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D30F6F337 x-xss-protection: 1; mode=block x-conv-cache-status: MISS x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762ec82b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /favicon.ico HTTP/1.1 Host: rbnwc.lpmediastorage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rbnwc.lpmediastorage.com/favicon.ico FQDN: rbnwc.lpmediastorage.com IP: 104.18.36.105 104.18.36.105 HTTP/2 200 OK content-type: image/x-icon date: Sat, 26 Nov 2022 16:01:11 GMT last-modified: Thu, 10 Nov 2022 10:46:09 GMT etag: W/"636cd671-3a6" cf-cache-status: HIT age: 512 expires: Sat, 26 Nov 2022 20:01:11 GMT cache-control: public, max-age=14400 vary: Accept-Encoding server: cloudflare cf-ray: 7703d76059adb527-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/france.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/france.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"2f9befe94ef9076d58b0a2ae38e1a025" last-modified: Mon, 23 Aug 2021 17:59:39 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17011B8BDC34D822 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 933280 server: cloudflare cf-ray: 7703d762fc9eb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668611849022_sa.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668611849022_sa.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"edd99f9074e52aaa9e704672d6a38a54" last-modified: Wed, 16 Nov 2022 15:17:29 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C496A7F063B x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d7630cb0b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_neosurf.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-db1" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d76429f9b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css2?family=Roboto:wght@400;500;70 (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 26 Nov 2022 16:01:10 GMT date: Sat, 26 Nov 2022 16:01:10 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1653981614751_flagofqatar-1.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1653981614751_flagofqatar-1.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"5bb5a068449de059e23908479a70ef42" last-modified: Tue, 31 May 2022 07:20:14 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1701B83DF15CB85F x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 938485 server: cloudflare cf-ray: 7703d762fc8eb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1653981171283_1280pxflagofiran-1.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1653981171283_1280pxflagofiran-1.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"4d4609d3ab43f2c54c689a5937df05e2" last-modified: Tue, 31 May 2022 07:12:51 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1701B83DF17555A5 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: HIT cf-cache-status: HIT age: 1063281 server: cloudflare cf-ray: 7703d762fc97b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1633594561146_ecuador2.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1633594561146_ecuador2.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"94317befb597bfc7cbe5a664dbe34afd" last-modified: Thu, 07 Oct 2021 08:16:01 GMT vary: Origin, Accept-Encoding x-amz-request-id: 1700F12C6910986D x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: MISS cf-cache-status: HIT age: 1387627 server: cloudflare cf-ray: 7703d762ec8bb527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /dimg/team/1668613854808_eng.svg HTTP/1.1 Host: rabona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: rabona.com/dimg/team/1668613854808_eng.svg FQDN: rabona.com IP: 45.8.106.46 45.8.106.46 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT content-security-policy: block-all-mixed-content etag: W/"88faab9969508f016f86cbbc328dbce7" last-modified: Wed, 16 Nov 2022 15:50:54 GMT vary: Origin, Accept-Encoding x-amz-request-id: 17281C4D303758E3 x-xss-protection: 1; mode=block x-conv-cache-status: HIT x-front-cache-status: MISS cf-cache-status: HIT age: 862791 server: cloudflare cf-ray: 7703d762fc96b527-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_footer_neteller.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Tue, 26 Jan 2021 14:54:16 GMT etag: W/"60102d18-af8" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7643a10b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /content-svg/payments-footer/rabona/paymsystem_bitcoin.svg HTTP/1.1 Host: joxi.imgsrcdata.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rbnwc.lpmediastorage.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: joxi.imgsrcdata.com/content-svg/payments-footer/rabona/ (...) FQDN: joxi.imgsrcdata.com IP: 104.16.151.45 104.16.151.45 HTTP/2 200 OK content-type: image/svg+xml date: Sat, 26 Nov 2022 16:01:12 GMT last-modified: Wed, 16 Jun 2021 09:33:13 GMT etag: W/"60c9c559-2085" access-control-allow-origin: * cf-cache-status: HIT age: 957079 vary: Accept-Encoding server: cloudflare cf-ray: 7703d7643a15b4f3-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---

Overview

Domain Summary (18)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 79.98.24.35

Last 5 reports on ASN: UAB Interneto vizija

Last 5 reports on domain: telefonica.site

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (127)

Overview

Domain Summary (18)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 79.98.24.35

Last 5 reports on ASN: UAB Interneto vizija

Last 5 reports on domain: telefonica.site

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (127)

Network Intrusion Detection Systems