Overview

URLtelefonica.site/ph/spin/globe/
IP 79.98.24.35 (Lithuania)
ASN#212531 UAB Interneto vizija
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-26 16:01:22 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (18)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.pki.goog (5) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
fonts.gstatic.com (5) 0 2014-09-09 00:40:21 UTC 2022-11-26 10:10:14 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.89.217.163
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-26 05:33:16 UTC 34.117.237.239
my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-11-26 05:56:01 UTC 139.45.195.8
voices-kerence.com (1) 0 2020-04-20 12:32:36 UTC 2022-11-26 10:05:20 UTC 18.193.209.105 Unknown ranking
rbn-bc-7s.lptrak.com (1) 0 No data No data 23.36.79.43 Unknown ranking
rbnwc.lpmediastorage.com (15) 0 2022-11-18 12:30:24 UTC 2022-11-26 08:12:29 UTC 104.18.36.105 Domain (lpmediastorage.com) ranked at: 936145
whampamp.com (3) 30947 2022-03-12 13:52:24 UTC 2022-11-26 06:03:25 UTC 139.45.197.236
joxi.imgsrcdata.com (38) 0 2018-04-18 09:14:20 UTC 2022-11-26 08:33:17 UTC 104.16.151.45 Unknown ranking
telefonica.site (1) 0 2019-08-24 03:11:01 UTC 2022-11-26 06:01:04 UTC 79.98.24.35 Unknown ranking
ocsp.digicert.com (10) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-26 05:33:20 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
rabona.com (29) 470859 2016-07-06 07:41:41 UTC 2022-11-26 09:00:25 UTC 45.8.106.46
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-11-26 07:22:52 UTC 142.250.74.10

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-26 2 whampamp.com Sinkholed
2022-11-26 2 whampamp.com Sinkholed
2022-11-26 2 whampamp.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 79.98.24.35
Date UQ / IDS / BL URL IP
2022-12-07 22:15:19 +0000 0 - 0 - 1 media5.site/ 79.98.24.35
2022-12-07 07:15:25 +0000 0 - 0 - 1 media5.site/ 79.98.24.35
2022-12-05 09:29:20 +0000 0 - 0 - 3 media5.site/bg/fortune/vivacom/ 79.98.24.35
2022-12-05 05:45:30 +0000 0 - 0 - 2 media5.site/ph/env/globe/ 79.98.24.35
2022-12-05 05:45:17 +0000 0 - 0 - 2 media5.site/ph/env/globe 79.98.24.35


Last 5 reports on ASN: UAB Interneto vizija
Date UQ / IDS / BL URL IP
2023-01-31 07:25:24 +0000 0 - 0 - 1 joingrupwa.com/ 185.5.54.98
2023-01-31 05:01:54 +0000 0 - 0 - 4 tele10.site/m/th/ppt3/ 79.98.29.29
2023-01-31 03:39:30 +0000 0 - 12 - 0 archsia.com.tr/ 62.77.153.148
2023-01-31 02:57:19 +0000 0 - 6 - 3 tele-phones.site/th/bx/true/ 79.98.29.30
2023-01-31 01:59:17 +0000 0 - 8 - 3 tele-phones.site/my/bx/maxis/ 79.98.29.30


Last 5 reports on domain: telefonica.site
Date UQ / IDS / BL URL IP
2022-12-04 12:58:57 +0000 0 - 0 - 3 telefonica.site/ph/bx/globe/ 79.98.24.35
2022-12-04 12:58:56 +0000 0 - 0 - 4 telefonica.site/ph/bx/globe 79.98.24.35
2022-12-04 11:59:34 +0000 0 - 0 - 2 telefonica.site/dz/bx/nl/?key=eyJ0aW1lc3RhbXA (...) 79.98.24.35
2022-12-04 11:59:33 +0000 0 - 0 - 2 telefonica.site/dz/bx/nl?key=eyJ0aW1lc3RhbXAi (...) 79.98.24.35
2022-12-04 10:58:48 +0000 0 - 0 - 2 telefonica.site/bd/fortune/nl/?key=eyJ0aW1lc3 (...) 79.98.24.35


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-10 10:21:57 +0000 0 - 0 - 1 rouonixon.com/4/3714661/ 139.45.197.238
2022-12-05 07:44:15 +0000 0 - 0 - 2 ak.phumpauk.com/4/5108254 95.101.10.65
2022-12-02 04:32:04 +0000 0 - 0 - 2 nicevids.ru/?cnv_id=97f65oj374ka3dzd38 104.21.10.39
2022-11-26 12:27:21 +0000 0 - 0 - 2 inoradde.com/4326573/ 139.45.197.238
2022-11-26 09:10:25 +0000 0 - 0 - 2 trk.ago-gave-collect-jet.run/gg/adr?to=becrus (...) 172.67.191.58

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (127)


Request Response
                                        
                                            GET /ph/spin/globe/ HTTP/1.1 
Host: telefonica.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         79.98.24.35
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Date: Sat, 26 Nov 2022 16:01:08 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ed2
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3969
Expires: Sat, 26 Nov 2022 17:07:18 GMT
Date: Sat, 26 Nov 2022 16:01:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3654
Cache-Control: max-age=156653
Date: Sat, 26 Nov 2022 16:01:09 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:32:02 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13966
Expires: Sat, 26 Nov 2022 19:53:55 GMT
Date: Sat, 26 Nov 2022 16:01:09 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 15:17:32 GMT
cache-control: public,max-age=3600
age: 2617
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: YCFzlBdPi2tzWkDcl/iDjiXxU+0KlNVShGa2L6/Mc7mYNhTjHb7SaLwRC7idHe82sIW7keLlb9w=
x-amz-request-id: H2AD2N7Q4R1MSE4G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 15:44:17 GMT
age: 1012
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /4/5087048?var=ed2 HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         139.45.197.236
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
                                        
Server: nginx
Date: Sat, 26 Nov 2022 16:01:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: f91a99e94bac4d519d31f285cf7c8331
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ oaidts=1669478469; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5406)
Size:   2954
Md5:    21c43bc930326f775e89bdc25c2cbe7d
Sha1:   6650d4627e69070b7b0fb37482465ac378628ca3
Sha256: 4677fe602c2c5e5e9082b82753f43d34c553b5edc083439f44e69e1521b04649

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 26 Nov 2022 16:01:09 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5914
Expires: Sat, 26 Nov 2022 17:39:43 GMT
Date: Sat, 26 Nov 2022 16:01:09 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ed2
Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; oaidts=1669478469

search
                                         139.45.197.236
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Sat, 26 Nov 2022 16:01:09 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /img.gif?f=merge&userId=2be49b473d934e2ca2331e348e2f5bc3 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sat, 26 Nov 2022 16:01:09 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2be49b473d934e2ca2331e348e2f5bc3; expires=Sun, 26 Nov 2023 16:01:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 462
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; oaidts=1669478469
Upgrade-Insecure-Requests: 1

search
                                         139.45.197.236
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sat, 26 Nov 2022 16:01:09 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: f8c99511d87f8a97f84bb364f8282133
Link: <https://voices-kerence.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://voices-kerence.com/26df10eb-34ec-4879-9dd6-7903ddd1b3d9?zoneid=5087048&bannerid=15819990&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6347981&useragent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0&language=en&connectiontype=broadband&cost=0.003150&visitor_id=620400269049737758&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=2be49b473d934e2ca2331e348e2f5bc3; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ oaidts=1669478469; expires=Sun, 26 Nov 2023 16:01:09 GMT; path=/ syncedCookie=true; expires=Sat, 03 Dec 2022 16:01:09 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /26df10eb-34ec-4879-9dd6-7903ddd1b3d9?zoneid=5087048&bannerid=15819990&browser=firefox&os=windows&user_activity=high&zone_type={zone_type}&campaignid=6347981&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.003150&visitor_id=620400269049737758&rdk=rk3 HTTP/1.1 
Host: voices-kerence.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         18.193.209.105
HTTP/2 302 Found
                                        
server: nginx
date: Sat, 26 Nov 2022 16:01:09 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://rbn-bc-7s.lptrak.com/redirect.aspx?pid=1360468&lpid=16823&bid=9057&clickid=w4g2d23s5gc9egoki37sivek
pragma: no-cache
set-cookie: 26df10eb-34ec-4879-9dd6-7903ddd1b3d9-v4=Z0SIQTFWaBohKVuzUYwRdMylwkiUyYMBGkafDc739WM; Max-Age=86400; Expires=Sun, 27-Nov-2022 16:01:09 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=1SyTkkDVtvYWB0xa5fI%2FHjgByJVvfzYZtKifrV5Ffe0nF2SFM3G1TvUErv6%2FhAXTRDT8zU57vj9AecfMgT7hRAyTlqu6Ez8X54Tg1%2BQxXsZ3y2DLMe19%2FwUzqjcpFrhRsZVV71%2FM121f2KKdki8Kdg%3D%3D; Max-Age=31536000; Expires=Sun, 26-Nov-2023 16:01:09 GMT; Domain=voices-kerence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 15:08:54 GMT
cache-control: public,max-age=3600
age: 3135
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2779
Cache-Control: max-age=150721
Date: Sat, 26 Nov 2022 16:01:09 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 09:53:10 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /redirect.aspx?pid=1360468&lpid=16823&bid=9057&clickid=w4g2d23s5gc9egoki37sivek HTTP/1.1 
Host: rbn-bc-7s.lptrak.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         23.36.79.43
HTTP/2 307 Temporary Redirect
content-type: text/html
                                        
content-length: 0
location: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 26 Nov 2022 16:01:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 26 Nov 2022 16:01:09 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a1360468%2c%22BID%22%3a9057%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669478469869)%5c%2f%22%2c%22CookieTag%22%3a%2290571360468451240919C20221126161%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22546355988%7c1%22%7d%5d; domain=.lptrak.com; expires=Mon, 26-Nov-3021 16:01:09 GMT; path=/; secure; SameSite=Strict
server-timing: edge; dur=1, origin; dur=67, cdn-cache; desc=MISS
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5872
Cache-Control: max-age=88669
Date: Sat, 26 Nov 2022 16:01:09 GMT
Etag: "6380d8b2-116"
Expires: Sun, 27 Nov 2022 16:38:58 GMT
Last-Modified: Fri, 25 Nov 2022 15:01:06 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /lang.1669191633059.js HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
cf-bgj: minify
etag: W/"637dd7ff-bb6"
last-modified: Wed, 23 Nov 2022 08:21:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 11
expires: Sat, 26 Nov 2022 20:01:10 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 7703d7562d56b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2998), with no line terminators
Size:   2035
Md5:    a938bd4c1d665f7c53c4f92e6f5d6c36
Sha1:   53e5fb03642b6df7d16ddb3ab1cea67aa01ab3d1
Sha256: 4d904aa1225bc7f740fae13ef7b08d577a081eecf5b1619e96e91234bbfeea54
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C6Lf1lHjjCLE6uqpryWlNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.89.217.163
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SwYPX8A1YKsvjcBTBQQuFj1l/+Q=

                                        
                                            GET /942.1669191633059.js HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
cf-bgj: minify
cf-polished: origSize=424564
etag: W/"637dd7ff-67a74"
last-modified: Wed, 23 Nov 2022 08:21:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 11
expires: Sat, 26 Nov 2022 20:01:10 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 7703d7562d60b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size:   139162
Md5:    4ffc71a18fb31896e715b05afdb38363
Sha1:   51bc8a91972df725c94dcf4b3051c719a8714035
Sha256: bf83690f77e26ddbe0fac7bd4de5dee044f3df51067050ad0cea6fe6ca907cd6
                                        
                                            GET /app.1669191633059.js HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
cf-bgj: minify
etag: W/"637dd7ff-d07c"
last-modified: Wed, 23 Nov 2022 08:21:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 11
expires: Sat, 26 Nov 2022 20:01:10 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 7703d7562d63b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (53372), with no line terminators
Size:   12945
Md5:    941d8618300f1675eef76913e2239e83
Sha1:   fceb07ed63651200a717b35f8bbd9d368a9f5f66
Sha256: c0da670484295db10313ea5e202d867b8b540862e826fcc804441ab568807893
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6135
Cache-Control: max-age=171714
Date: Sat, 26 Nov 2022 16:01:10 GMT
Etag: "63821c11-118"
Expires: Mon, 28 Nov 2022 15:43:04 GMT
Last-Modified: Sat, 26 Nov 2022 14:00:49 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /492.1669191633059.js HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
cf-bgj: minify
etag: W/"637dd7ff-37ac"
last-modified: Wed, 23 Nov 2022 08:21:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 11
expires: Sat, 26 Nov 2022 20:01:10 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 7703d7562d4eb527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14252), with no line terminators
Size:   5249
Md5:    5c36e7e78a56d7908b8d5fbe696753e4
Sha1:   9b046db3f1adbd789c60886ab0c699b239821b8c
Sha256: 5f6a2645e7d97efe35c92935c7c0a83be8c21a369dc53342ccce2a541fd313b7
                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_champions-league_2x.png HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
content-length: 31170
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=34923
content-disposition: inline; filename="prize_champions-league_2x.webp"
etag: "6357d318-886b"
last-modified: Tue, 25 Oct 2022 12:14:16 GMT
vary: Accept
cf-cache-status: HIT
age: 703836
accept-ranges: bytes
server: cloudflare
cf-ray: 7703d7595bbdb4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   31170
Md5:    2b5870e66cb3abbeccbe7db8021297b1
Sha1:   a0ff1ad6f14af2ea2fd45dfe221c366b0d8d7775
Sha256: ea2bde9f9a3768859d584c6b948ae9d1f4e492382e496c564abf95ba3018e6a7
                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_holidays_2x.png HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
content-length: 24224
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=26094
content-disposition: inline; filename="prize_holidays_2x.webp"
etag: "6357d318-65ee"
last-modified: Tue, 25 Oct 2022 12:14:16 GMT
vary: Accept
cf-cache-status: HIT
age: 699084
accept-ranges: bytes
server: cloudflare
cf-ray: 7703d7595bbeb4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   24224
Md5:    208c02c90f77e71efcb51f01ded20311
Sha1:   93e27e93b19fc20415294b4e91c6a6969833a3f7
Sha256: bdddc61dab64a211198a836fc2d6655321018f527e91055172b173fa2bee3e94
                                        
                                            GET /index.1669191633059.css HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
cf-bgj: minify
cf-polished: origSize=25491
etag: W/"637dd7ff-6393"
last-modified: Wed, 23 Nov 2022 08:21:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 49
expires: Sat, 26 Nov 2022 20:01:10 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 7703d7563d64b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25477), with no line terminators
Size:   181740
Md5:    0b3ea2195ebe32709f5fbd5636e0167b
Sha1:   898504d00f39d3449fe2a06f826d314eb47a8b77
Sha256: 45f262ab4c96ca29e5efd61af073853e4e2b58ef293050b6071f8029f7b66e15
                                        
                                            GET /sprite.1669191633059.css HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
cf-bgj: minify
cf-polished: origSize=5063
etag: W/"637dd7ff-13c7"
last-modified: Wed, 23 Nov 2022 08:21:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 49
expires: Sat, 26 Nov 2022 20:01:10 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 7703d7563d67b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5055), with no line terminators
Size:   17797
Md5:    c01f6cca26faabaee983e374feb11a60
Sha1:   658004d57306f2e77b37593dbcfcc081dd58cf1d
Sha256: e8ac790ab987441d78fa8619c0a74d15876389a531cd49825f497ad2be2c527a
                                        
                                            GET /landings/rabona/web_components/decor/world-cup-landing/decor_under-steps.png HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
content-length: 218568
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=246593
content-disposition: inline; filename="decor_under-steps.webp"
etag: "6357d318-3c341"
last-modified: Tue, 25 Oct 2022 12:14:16 GMT
vary: Accept
cf-cache-status: HIT
age: 703836
accept-ranges: bytes
server: cloudflare
cf-ray: 7703d7595bc9b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   218568
Md5:    5a40cfa500a5735b69c40699ac055899
Sha1:   7a832ee76d32993579f067b12354f4913e4b2998
Sha256: 27ccfda9e1fc590b8630c0d3e1f432da93c82ede9378fe2530ba1cce84d1e63f
                                        
                                            GET /landings/rabona/web_components/decor/world-cup-landing/decor_shape-under-prizes.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
last-modified: Tue, 25 Oct 2022 12:14:16 GMT
etag: W/"6357d318-412"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703836
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d7594bb2b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   29464
Md5:    64bdb9cd99d14d35c3bee7672d4a1c78
Sha1:   d0b9b1e43203a5f7ceabb2e37eaec5b92e6f7e29
Sha256: 276e3ff63b068e4e0b32e068b7ddccfa0f2716878323508e1187671758c07209
                                        
                                            GET /landings/rabona/web_components/bg/world-cup-landing/offer_bg.png HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
content-length: 363844
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=387867
content-disposition: inline; filename="offer_bg.webp"
etag: "6357d31d-5eb1b"
last-modified: Tue, 25 Oct 2022 12:14:21 GMT
vary: Accept
cf-cache-status: HIT
age: 703836
accept-ranges: bytes
server: cloudflare
cf-ray: 7703d7596bcbb4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   363844
Md5:    2f40d7ff017e57aebb72a41a54069669
Sha1:   85eb63ee1c8447059e68d32be2524a76bd7db83a
Sha256: 143a981873ee828840e10ed944af31149a0f72a76e7dbaceda6ab67dab5dbfa0
                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_holidays_2x.webp HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
content-length: 26798
last-modified: Tue, 25 Oct 2022 12:14:21 GMT
etag: "6357d31d-68ae"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703836
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75a1c98b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   26798
Md5:    4b715beb3b07e6ef7121e75e6eb17841
Sha1:   559f56493de681788e9177bcc93025b67d326cb5
Sha256: 653154cc70106fe67893c78971dd479512080eb38bdfa35e394c21f8ffb77b19
                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_bitcoit_2x.webp HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
content-length: 188138
last-modified: Tue, 25 Oct 2022 12:14:21 GMT
etag: "6357d31d-2deea"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703836
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75a1c99b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   188138
Md5:    fb32d198244f858d040d39097f390e83
Sha1:   da9beb8b020f3c3ae8a6576d6b7e8f9b5c1751e1
Sha256: 2fa83cad0ab5404b29c9736a1e19ce6c529dcd1f2884ed819c8ab73bfa3c97fb
                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_official-shirts_2x.webp HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
content-length: 29558
last-modified: Tue, 25 Oct 2022 12:14:21 GMT
etag: "6357d31d-7376"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703836
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75a1c9ab4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   29558
Md5:    b334a21c602eab15a2497f6ca0c5814e
Sha1:   246f5bd92aac1f6fceaa936da05747348f99a946
Sha256: c343dab054ae1fdecddee80f147d2ef2663ea1166ae27dacdbd066b883aa83a7
                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_iphone-rabona_2x.webp HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
content-length: 16698
last-modified: Tue, 25 Oct 2022 12:14:21 GMT
etag: "6357d31d-413a"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703836
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75a2c9eb4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   16698
Md5:    b78e3a413988d60fd6966556f291857a
Sha1:   25bf1c21b48a26e0adc50b4f0c2792d99539e6df
Sha256: 3ed5e7c864dc2b08549fde9df2f526a3c00b223515083e97843a19c125d63770
                                        
                                            GET /landings/rabona/web_components/images/world-cup-prizes/prize_champions-league_2x.webp HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
content-length: 44816
last-modified: Tue, 25 Oct 2022 12:14:16 GMT
etag: "6357d318-af10"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703836
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75a1c96b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   44816
Md5:    56b4cdef4512497f7e54c28ec6a648e6
Sha1:   b9acaeb583debe36cd5f5555e4a2bf5bf452c36b
Sha256: 32a336fb039d5e08ec954a9ba9e808e977a688fe283483745cec532ac50b49ce
                                        
                                            GET /landings/rabona/web_components/bg/world-cup-landing/offer_bg.avif HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: application/octet-stream
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
content-length: 382139
last-modified: Tue, 25 Oct 2022 12:14:16 GMT
etag: "6357d318-5d4bb"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703836
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75a2ca0b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, AVIF Image\012- data
Size:   382139
Md5:    2b3c4044f4585347634b3ae11e03e6d4
Sha1:   8fdb7ea564e06de5353352514d8d694f36d270d8
Sha256: 7bdcd9fc0b5fa6b2e935b64f753544187cf4f36337d2631e5dc28b929728f12a
                                        
                                            GET /landings/rabona/web_components/decor/world-cup-landing/decor_under-main-banner.png HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
content-length: 323484
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=371796
content-disposition: inline; filename="decor_under-main-banner.webp"
etag: "6357d318-5ac54"
last-modified: Tue, 25 Oct 2022 12:14:16 GMT
vary: Accept
cf-cache-status: HIT
age: 703837
accept-ranges: bytes
server: cloudflare
cf-ray: 7703d75d08a4b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   323484
Md5:    bfebd07818ed68b63c66825c7467a5f5
Sha1:   6bba5424e27e69358f09b987f5b6852a293a9589
Sha256: 9c7641676b6af62758d6932818c8e2a627b31b5b2f75d585735bccb8da86a947
                                        
                                            GET /no/api/v2/page/item/rbnwc-info-page-tournament HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-expose-headers: X-Device-Type,X-Device-Name
request-id: feapi-981b622b-3185-41fb-80d1-2883b2df9df1
x-device-name: Other
x-device-type: desktop
x-xss-protection: 1; mode=block
x-cache-status: MISS
last-modified: Sat, 26 Nov 2022 15:50:20 GMT
cf-cache-status: HIT
age: 49
expires: Sat, 26 Nov 2022 20:01:10 GMT
server: cloudflare
cf-ray: 7703d75b4c10b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (10867), with no line terminators
Size:   152993
Md5:    c53f51b0ee2b9749f3368fbb171e232f
Sha1:   89675c9f22b392ee096edfe8389e05a9b23b0a4b
Sha256: 0067ded95f40bd5f8fd7648395f1253eb064a7396d7c82ce9ea87780e89449df
                                        
                                            GET /landings/rabona/video/world-cup/wc-animation_breakpoint-768.mp4?v=3 HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
content-length: 864243
last-modified: Wed, 09 Nov 2022 13:43:14 GMT
etag: "636bae72-d2ff3"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703837
content-range: bytes 0-864242/864243
server: cloudflare
cf-ray: 7703d75dc9bdb4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   864243
Md5:    b39ebad3480f40d75720ddca7251fe89
Sha1:   eae540c150999d46470d61f1c5927387b640383e
Sha256: 158da18f61b743741968888656b5f22aae265f3063232316b278eda63903294f
                                        
                                            GET /landings/rabona/video/world-cup/wc-animation_breakpoint-414-360.mp4?v=3 HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
content-length: 608540
last-modified: Wed, 09 Nov 2022 13:43:14 GMT
etag: "636bae72-9491c"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703837
content-range: bytes 0-608539/608540
server: cloudflare
cf-ray: 7703d75dc9c9b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   608540
Md5:    f246b917c1518b3675002ef5517f7e46
Sha1:   32998b34ba8333305713fe3a2cd4dd585b63b6d0
Sha256: e5aaa106fc828edbc01a521863194522d43ef744a8769827b005df4904bd3d0c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 16:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/rabona/web_components/steps/world-cup/wcstep_underline_default.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
last-modified: Wed, 09 Nov 2022 14:45:10 GMT
etag: W/"636bbcf6-a5"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703837
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75d18c1b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1551253
Md5:    3c60ee68be172ed9dbeb309325c017db
Sha1:   9b99256ea1cba30ea57312e69ce343fea2e37bb9
Sha256: 2a71b57e97580303aa95b64ee167d4667b67dd2435183baf16f92912e4dd9fc2
                                        
                                            GET /no/api/v2/game-events-feed/feed?category=worldcup&count=100 HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-expose-headers: X-Device-Type,X-Device-Name
request-id: feapi-9ba55ae3-c7f4-4e6b-992f-ab1943dc0460
x-device-name: Other
x-device-type: desktop
x-xss-protection: 1; mode=block
x-cache-status: MISS
last-modified: Sat, 26 Nov 2022 15:50:32 GMT
cf-cache-status: HIT
age: 36
expires: Sat, 26 Nov 2022 20:01:10 GMT
server: cloudflare
cf-ray: 7703d75a2ab5b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (16980), with no line terminators
Size:   2463
Md5:    07db1d5e1a37c7315acd1dc2c2d2dbf3
Sha1:   8001af2e1b482cbd1c01186ffe412235ffa775ec
Sha256: 5f5d4c13f72bb6e275b4530936b9a12b0eae3b614c2c3b9a88dda4a735d84049
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rbnwc.lpmediastorage.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 248842
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 16:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 16:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rbnwc.lpmediastorage.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 266019
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rbnwc.lpmediastorage.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:51 GMT
expires: Thu, 23 Nov 2023 18:51:51 GMT
cache-control: public, max-age=31536000
age: 248960
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size:   15700
Md5:    3d7f7413fca69bff4d231ebdc50aaab0
Sha1:   cb18e7943b6a8a0e3672d7242197c19a226b92e8
Sha256: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 16:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rbnwc.lpmediastorage.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 246423
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /no/api/v2/page/item/rbnwc-info-page-prizes HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-expose-headers: X-Device-Type,X-Device-Name
request-id: feapi-81849977-f553-4a0d-9d29-478effe68c94
x-device-name: Other
x-device-type: desktop
x-xss-protection: 1; mode=block
x-cache-status: MISS
last-modified: Sat, 26 Nov 2022 15:40:54 GMT
cf-cache-status: HIT
age: 593
expires: Sat, 26 Nov 2022 20:01:10 GMT
server: cloudflare
cf-ray: 7703d75b5c18b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5179), with no line terminators
Size:   16550
Md5:    22dfe7d55f1caf69f2d48bb5f7031cae
Sha1:   df7b3daf19aeb57a1b695c7b93ae4a72847808b8
Sha256: c2750bcce3e0a87e91fd1b4f66000bd9c843fde06b3bdc1cfee3b1f7567c0bf8
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rbnwc.lpmediastorage.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 22:17:43 GMT
expires: Wed, 22 Nov 2023 22:17:43 GMT
cache-control: public, max-age=31536000
age: 323008
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size:   15660
Md5:    d7b0b953a50fddaa88089b5b787cf719
Sha1:   2f85bc568b27659a3d6452f58f9fd7678450326d
Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 16:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-1_active.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
last-modified: Wed, 09 Nov 2022 13:43:19 GMT
etag: W/"636bae77-451"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703837
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75d18c5b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1005
Md5:    b18c8e0c42776725502d54b1df4a7ec6
Sha1:   f89e89840ca20ea083c3f2846809afbb7ddab9ea
Sha256: 3aba8fdddfdd114048b94630241de62d73dbdda138f6cecccf08f638d8ba8349
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6783
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 16:01:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6783
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 16:01:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6783
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 16:01:11 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfe2d23-9843-4fb7-b46a-fd8ffd7bce9a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9011
x-amzn-requestid: f0e83373-0f65-4358-a902-45f2e9c24c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUfPHzAoAMF4ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813461-19e037da49c44e4363bbe8f0;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BhDa2CHAFtN7I8edeVOkRMzIRzmRPgHHnk1W_W5oZnRjaFN2vqze2g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:49 GMT
age: 65542
etag: "bed54bd4f659fbf29834b262e9179df7e7bc56a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9011
Md5:    d30923b7d20eeb37527255c3ee1da34f
Sha1:   bed54bd4f659fbf29834b262e9179df7e7bc56a6
Sha256: 3110f22342b17a7b1d30bd53350e6a11fd6032d97bccf4206e4a27d6e332c79b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:36 GMT
age: 65855
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9049
Md5:    c8dc4b8a7e9f7f4f84f0da568b43392b
Sha1:   3d32bff85cb7ec118c4496d0c3802829fdc9af3b
Sha256: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
age: 62882
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15818
Md5:    17ebe470d040a6ea8c57e9b9d4f4e828
Sha1:   1ac7a410cd4f3709f476c776dd5646dd982dcfa8
Sha256: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
                                        
                                            GET /landings/rabona/preloader.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
last-modified: Fri, 11 Mar 2022 15:53:11 GMT
etag: W/"622b7067-1013"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957077
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d758caffb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10881
Md5:    2753376a8ae9eec160e6279dd45b6275
Sha1:   5f7c2ac117c5ab0295c6d95f2a3f05f09b00751a
Sha256: 0a7e66228a8ba6b90bbffcca4bc15c545f2426cd64742adf8d02ae406ef8c662
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 31665
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3502
Md5:    a783df85f30f9c555f9df6b99f61744d
Sha1:   61f9bed607e81606be78285596acdc5e0e4f4994
Sha256: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 39403
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /landings/rabona/video/world-cup/wc-animation_breakpoint-414-360.webm?v=3 HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 206 Partial Content
content-type: video/webm
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
content-length: 755529
last-modified: Wed, 09 Nov 2022 13:43:19 GMT
etag: "636bae77-b8749"
access-control-allow-origin: *
cf-cache-status: HIT
age: 593129
content-range: bytes 0-755528/755529
server: cloudflare
cf-ray: 7703d760ad12b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   755529
Md5:    1128fbc6daaae24fe30316a6ca11bf77
Sha1:   99cc50e9b5dbee694b8f5eb172824300221fa221
Sha256: 46b3bb54d40a80df33a8e98a7f3308619d8ef4753a56ce1bace9a2ca115921f4
                                        
                                            GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-2_default.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
last-modified: Wed, 09 Nov 2022 13:43:19 GMT
etag: W/"636bae77-a5f"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703837
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75d694ab4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2911420
Md5:    7ef379a79affdbc5fbc3e7c0063b25ee
Sha1:   9d21af4712fc475d38c0df4a5a80e045af574efd
Sha256: a3c1481669e0bac714cc93a9d5c700f9b5307e2f7a401d0f36df21c1795294f3
                                        
                                            GET /landings/rabona/video/world-cup/wc-animation_breakpoint-1280.webm?v=3 HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 206 Partial Content
content-type: video/webm
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
content-length: 1651357
last-modified: Wed, 09 Nov 2022 13:43:14 GMT
etag: "636bae72-19329d"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703837
content-range: bytes 0-1651356/1651357
server: cloudflare
cf-ray: 7703d7609cf0b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   1651357
Md5:    5460627cbccc6ed993a0de5ef799d4b9
Sha1:   385e50136075f6bede3b784d4c6afce95fabf1d6
Sha256: 262619667c85f999279f6c5ed815fbae640f70ee9092b89360f1e0cf8e22aa01
                                        
                                            GET /landings/rabona/video/world-cup/wc-animation_breakpoint-2560-1920.webm?v=3 HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 206 Partial Content
content-type: video/webm
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
content-length: 2235588
last-modified: Wed, 09 Nov 2022 13:43:14 GMT
etag: "636bae72-221cc4"
access-control-allow-origin: *
cf-cache-status: HIT
age: 593129
content-range: bytes 0-2235587/2235588
server: cloudflare
cf-ray: 7703d7609ce7b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   2235588
Md5:    c66dc4b10e91273f6ed1eab4a4c4f8ed
Sha1:   e95de947d878f94fc6e822e12fb2de60cf4109aa
Sha256: 9186562b446a8dbb4282ba112d6689e01a4a27d214fcc15c507956e909b84e89
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5051
Cache-Control: max-age=111971
Date: Sat, 26 Nov 2022 16:01:12 GMT
Etag: "638136f1-118"
Expires: Sun, 27 Nov 2022 23:07:23 GMT
Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /dimg/team/1643980747480_senegal.png HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-length: 3432
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
content-security-policy: block-all-mixed-content
etag: "9ba943420d8e4526171502f6a18fdf33"
last-modified: Fri, 04 Feb 2022 13:19:07 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1701B83DF1D361AA
x-conv-cache-status: HIT
x-front-cache-status: HIT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1387627
accept-ranges: bytes
server: cloudflare
cf-ray: 7703d762ec8cb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 800 x 533, 8-bit colormap, non-interlaced\012- data
Size:   3432
Md5:    9ba943420d8e4526171502f6a18fdf33
Sha1:   22b45e3a20c8fd228d38ccd92d7cb1075f34e559
Sha256: ee1fb94a325d477b4fc58c93578acee4e496db605677dd4dc43ce18ac81e3acb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5051
Cache-Control: max-age=111971
Date: Sat, 26 Nov 2022 16:01:12 GMT
Etag: "638136f1-118"
Expires: Sun, 27 Nov 2022 23:07:23 GMT
Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4048
Cache-Control: max-age=110969
Date: Sat, 26 Nov 2022 16:01:12 GMT
Etag: "638136f1-118"
Expires: Sun, 27 Nov 2022 22:50:41 GMT
Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1950
Cache-Control: max-age=108870
Date: Sat, 26 Nov 2022 16:01:12 GMT
Etag: "638136f1-118"
Expires: Sun, 27 Nov 2022 22:15:42 GMT
Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /dimg/team/1667224821895_1280pxflagofghana.svg.png HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-length: 5700
cf-bgj: imgq:85,h2pri
cf-polished: origSize=5830, status=vary_header_present
content-security-policy: block-all-mixed-content
etag: "01eef8c9bf62a95eead0b44f96c9eb04"
last-modified: Mon, 31 Oct 2022 14:00:21 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17259EEFDB5DE05D
x-conv-cache-status: HIT
x-front-cache-status: MISS
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1063281
accept-ranges: bytes
server: cloudflare
cf-ray: 7703d762ec83b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 853, 8-bit colormap, non-interlaced\012- data
Size:   5700
Md5:    b90ee45164d3c59611c10b99fedfa049
Sha1:   d9c7f2841aa2b12b2bc8056d7c0a2a0ad475953c
Sha256: cbc4b69f95132368976d8ba974136db920c78b7835ad649f88e40d0fd8fc7953
                                        
                                            GET /dimg/team/1669401279135_flagoftunisia.svg.png HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/png
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-length: 61818
cf-bgj: imgq:85,h2pri
cf-polished: origSize=62053, status=vary_header_present
content-security-policy: block-all-mixed-content
etag: "fff80b663b71b53a88f114d1ea46807b"
last-modified: Fri, 25 Nov 2022 18:34:39 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 172AEFFC8709A317
x-conv-cache-status: HIT
x-front-cache-status: HIT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 67790
accept-ranges: bytes
server: cloudflare
cf-ray: 7703d762fc9bb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 2560 x 1707, 8-bit/color RGB, non-interlaced\012- data
Size:   61818
Md5:    daf66d5070c570b200260ff1db911b26
Sha1:   a8a8eb9e0d6287216290d2c1b2f14abb9a394694
Sha256: cf5dbfc0fee120aeca579e1c52158d980899aacb3016d5d8aa892cd6cabad2e8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3364
Cache-Control: max-age=110285
Date: Sat, 26 Nov 2022 16:01:12 GMT
Etag: "638136f1-118"
Expires: Sun, 27 Nov 2022 22:39:17 GMT
Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5051
Cache-Control: max-age=111971
Date: Sat, 26 Nov 2022 16:01:12 GMT
Etag: "638136f1-118"
Expires: Sun, 27 Nov 2022 23:07:23 GMT
Last-Modified: Fri, 25 Nov 2022 21:43:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /no/api/v2/lang/translation HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-expose-headers: X-Device-Type,X-Device-Name
request-id: feapi-0914c785-8d4b-440a-bab3-15fbf61c1b44
x-device-name: Other
x-device-type: desktop
x-xss-protection: 1; mode=block
x-cache-status: MISS
last-modified: Sat, 26 Nov 2022 16:00:21 GMT
cf-cache-status: HIT
age: 49
expires: Sat, 26 Nov 2022 20:01:10 GMT
server: cloudflare
cf-ray: 7703d75a2aadb527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/netherlands.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"e53fc83f569b904b5b883c87a37b5607"
last-modified: Mon, 23 Aug 2021 17:59:40 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 170135A072BE1B5F
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 1387627
server: cloudflare
cf-ray: 7703d762fc8db527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_visa.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:11 GMT
etag: W/"60102d13-e95"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d762f884b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_postepay.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:16 GMT
etag: W/"60102d18-26b7"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d763f9b8b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611070661_por.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"3e907ae18a94e609e4b57f70ece34f35"
last-modified: Wed, 16 Nov 2022 15:04:30 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D3010817B
x-xss-protection: 1; mode=block
x-conv-cache-status: MISS
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762ec80b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611167363_cmrn.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"b7131391313c2a47343e321a396366b6"
last-modified: Wed, 16 Nov 2022 15:06:07 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D30E4A5FB
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: MISS
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762ec7cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611699912_mo.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"41cae12f02c3c035a6e40bdd2bfbb5bf"
last-modified: Wed, 16 Nov 2022 15:14:59 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D2F79346E
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d7630cb2b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_banktransfer.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:11 GMT
etag: W/"60102d13-2efc"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d7643a14b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_litecoin.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:16 GMT
etag: W/"60102d18-c3c"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d7644a20b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/api/v2/page/item/rbnwc-info-page-promo HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-expose-headers: X-Device-Type,X-Device-Name
request-id: feapi-c566f214-6208-444a-8174-85e418fcfe2b
x-device-name: Other
x-device-type: desktop
x-xss-protection: 1; mode=block
x-cache-status: MISS
last-modified: Sat, 26 Nov 2022 16:01:01 GMT
cf-cache-status: HIT
age: 9
expires: Sat, 26 Nov 2022 20:01:10 GMT
server: cloudflare
cf-ray: 7703d75b5c16b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-3_default.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
last-modified: Wed, 09 Nov 2022 13:43:14 GMT
etag: W/"636bae72-f1a"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703837
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75d896ab4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_cartasi.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:16 GMT
etag: W/"60102d18-2466"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d763089bb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_ecopayz.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:16 GMT
etag: W/"60102d18-1771"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d76419ddb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611337887_bel.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"a8e60e6d6ba2b86740fd5e9a8d5b2bd9"
last-modified: Wed, 16 Nov 2022 15:08:57 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D3008C185
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d7643e1bb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_interac.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Wed, 06 Jul 2022 14:21:26 GMT
etag: W/"62c59a66-32bc"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d763f9bbb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611759307_mx.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"78a506ed9f0592c91389bc71e183eb81"
last-modified: Wed, 16 Nov 2022 15:15:59 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C496AE07C1C
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d7643e19b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057 HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: text/html
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
last-modified: Wed, 23 Nov 2022 08:21:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sat, 26 Nov 2022 20:01:10 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 7703d7552c24b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611673222_cr.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"d70b83d15bec9f4ee6e32f5a16c23320"
last-modified: Wed, 16 Nov 2022 15:14:33 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D30A0BE75
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762ec7ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/api/v2/icon/list?category=landing-licenses&count=100 HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-expose-headers: X-Device-Type,X-Device-Name
request-id: feapi-1d5b1a56-da1f-41cf-93f3-eaadaf755d72
x-device-name: Other
x-device-type: desktop
x-xss-protection: 1; mode=block
x-cache-status: MISS
last-modified: Sat, 26 Nov 2022 15:43:25 GMT
cf-cache-status: HIT
age: 461
expires: Sat, 26 Nov 2022 20:01:10 GMT
server: cloudflare
cf-ray: 7703d75b7c33b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611119507_uy.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"8009c4f010b949c65e70b06b2989c09e"
last-modified: Wed, 16 Nov 2022 15:05:19 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D3377B439
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762ec81b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611711325_au.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"1a50ab86dddf696e092e652181571d7e"
last-modified: Wed, 16 Nov 2022 15:15:11 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D30EE96FA
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d7630ca6b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611815388_dk.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"2c078b26e453e344b02d028fcbd4a629"
last-modified: Wed, 16 Nov 2022 15:16:55 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D3071F2F5
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d7630ca8b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611653436_de.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"b5aa958e4ae9e8029a1e03c19514f5bf"
last-modified: Wed, 16 Nov 2022 15:14:13 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D32F8C98D
x-xss-protection: 1; mode=block
x-conv-cache-status: MISS
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d7643e1cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_ethereum.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:11 GMT
etag: W/"60102d13-14ee"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d7643a17b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668601370505_arg.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"65b662ea0607d3781ba130ca56463d51"
last-modified: Wed, 16 Nov 2022 12:22:50 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1728169B1F6F2740
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 867380
server: cloudflare
cf-ray: 7703d762ec77b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-3_active.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
last-modified: Wed, 09 Nov 2022 13:43:19 GMT
etag: W/"636bae77-f1c"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703837
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75d8971b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668613878666_cr.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"3eea5c265f7628a6b13c509adf4a1fa1"
last-modified: Wed, 16 Nov 2022 15:51:18 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D331F67DD
x-xss-protection: 1; mode=block
x-conv-cache-status: MISS
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762ec8ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_mastercard.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:11 GMT
etag: W/"60102d13-1b34"
access-control-allow-origin: *
cf-cache-status: HIT
age: 847995
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d762f88ab4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668610639901_us.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"f9dcba64e77b89ca58c716938ffc16a1"
last-modified: Wed, 16 Nov 2022 14:57:19 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D30EA38F7
x-xss-protection: 1; mode=block
x-conv-cache-status: MISS
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762fc9ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_jeton.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Thu, 02 Dec 2021 12:30:12 GMT
etag: W/"61a8bc54-154d"
access-control-allow-origin: *
cf-cache-status: HIT
age: 847995
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d7646a5cb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611012743_rs.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"b0d2957d29d1bd475b5c28aa5680d14b"
last-modified: Wed, 16 Nov 2022 15:03:32 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D3023C03B
x-xss-protection: 1; mode=block
x-conv-cache-status: MISS
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762ec7db527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /landings/rabona/web_components/steps/world-cup/wcstep_icon-2_active.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
last-modified: Wed, 09 Nov 2022 13:43:19 GMT
etag: W/"636bae77-a61"
access-control-allow-origin: *
cf-cache-status: HIT
age: 703837
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d75d694bb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611881437_jp.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"07f5419b045afa9c776cf8431469c972"
last-modified: Wed, 16 Nov 2022 15:18:01 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D30F42CCD
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762ec89b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/wales.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"d2c365be887ee592c10229e3cef43eff"
last-modified: Mon, 23 Aug 2021 17:59:40 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1701232DEA64AFEF
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 1063281
server: cloudflare
cf-ray: 7703d762fc92b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_mifinity.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:11 GMT
etag: W/"60102d13-2163"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d7644a26b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611744819_pl.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"4beb1bf287261c3d403f083895eb2436"
last-modified: Wed, 16 Nov 2022 15:15:44 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C496E147CAF
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d7630cafb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611031408_br.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"cec2e1e57c4c996b857c65bef3df0b6a"
last-modified: Wed, 16 Nov 2022 15:03:51 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D30208D22
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762ec7eb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Roboto+Condensed:400,400i,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 16:01:10 GMT
date: Sat, 26 Nov 2022 16:01:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/api/v2/icon/list?category=footer-payments&count=100 HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sat, 26 Nov 2022 16:01:10 GMT
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-expose-headers: X-Device-Type,X-Device-Name
request-id: feapi-d9f87325-cde0-4732-ab2d-b02eb5a6e266
x-device-name: Other
x-device-type: desktop
x-xss-protection: 1; mode=block
x-cache-status: MISS
last-modified: Sat, 26 Nov 2022 15:40:55 GMT
cf-cache-status: HIT
age: 593
expires: Sat, 26 Nov 2022 20:01:10 GMT
server: cloudflare
cf-ray: 7703d75b6c2fb527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611102820_kr.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"151ff3dff78959bdf5d319d1ccce20f5"
last-modified: Wed, 16 Nov 2022 15:05:02 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D30F6F337
x-xss-protection: 1; mode=block
x-conv-cache-status: MISS
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762ec82b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: rbnwc.lpmediastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/no/?btag=658915_C57C18B4B0FA47C1B5C21CE76F4A4F60&clickid=w4g2d23s5gc9egoki37sivek&MSID=1360468&BID=9057
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.36.105
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Sat, 26 Nov 2022 16:01:11 GMT
last-modified: Thu, 10 Nov 2022 10:46:09 GMT
etag: W/"636cd671-3a6"
cf-cache-status: HIT
age: 512
expires: Sat, 26 Nov 2022 20:01:11 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d76059adb527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/france.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"2f9befe94ef9076d58b0a2ae38e1a025"
last-modified: Mon, 23 Aug 2021 17:59:39 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17011B8BDC34D822
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 933280
server: cloudflare
cf-ray: 7703d762fc9eb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668611849022_sa.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"edd99f9074e52aaa9e704672d6a38a54"
last-modified: Wed, 16 Nov 2022 15:17:29 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C496A7F063B
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d7630cb0b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_neosurf.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:16 GMT
etag: W/"60102d18-db1"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d76429f9b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 16:01:10 GMT
date: Sat, 26 Nov 2022 16:01:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1653981614751_flagofqatar-1.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"5bb5a068449de059e23908479a70ef42"
last-modified: Tue, 31 May 2022 07:20:14 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1701B83DF15CB85F
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 938485
server: cloudflare
cf-ray: 7703d762fc8eb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1653981171283_1280pxflagofiran-1.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"4d4609d3ab43f2c54c689a5937df05e2"
last-modified: Tue, 31 May 2022 07:12:51 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1701B83DF17555A5
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: HIT
cf-cache-status: HIT
age: 1063281
server: cloudflare
cf-ray: 7703d762fc97b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1633594561146_ecuador2.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"94317befb597bfc7cbe5a664dbe34afd"
last-modified: Thu, 07 Oct 2021 08:16:01 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 1700F12C6910986D
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: MISS
cf-cache-status: HIT
age: 1387627
server: cloudflare
cf-ray: 7703d762ec8bb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dimg/team/1668613854808_eng.svg HTTP/1.1 
Host: rabona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.8.106.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
content-security-policy: block-all-mixed-content
etag: W/"88faab9969508f016f86cbbc328dbce7"
last-modified: Wed, 16 Nov 2022 15:50:54 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17281C4D303758E3
x-xss-protection: 1; mode=block
x-conv-cache-status: HIT
x-front-cache-status: MISS
cf-cache-status: HIT
age: 862791
server: cloudflare
cf-ray: 7703d762fc96b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_footer_neteller.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Tue, 26 Jan 2021 14:54:16 GMT
etag: W/"60102d18-af8"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d7643a10b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /content-svg/payments-footer/rabona/paymsystem_bitcoin.svg HTTP/1.1 
Host: joxi.imgsrcdata.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbnwc.lpmediastorage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.151.45
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 26 Nov 2022 16:01:12 GMT
last-modified: Wed, 16 Jun 2021 09:33:13 GMT
etag: W/"60c9c559-2085"
access-control-allow-origin: *
cf-cache-status: HIT
age: 957079
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703d7643a15b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---