4d4a6.xq.wy5532.com/
37.48.65.149200 OK 480 B IP 37.48.65.149:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (480), with no line terminators
Hash 57c960060e0c6eb8ea658bf4d75cdef4
556f21009020f3538b38a6527a7f43fd48ff09d8
c585c6a217fa453d8bf920263971e99ed4c0901131e5ded4cbea69b82fc62420
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 4d4a6.xq.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 480
content-type: text/html; charset=utf-8
date: Wed, 01 Feb 2023 12:52:36 GMT
server: nginx
set-cookie: sid=4dc1f080-a22f-11ed-a3e9-0fc326287266; path=/; domain=.wy5532.com; expires=Mon, 19 Feb 2091 16:06:44 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19454
Expires: Wed, 01 Feb 2023 18:16:51 GMT
Date: Wed, 01 Feb 2023 12:52:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5907
Expires: Wed, 01 Feb 2023 14:31:04 GMT
Date: Wed, 01 Feb 2023 12:52:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 12:43:25 GMT
content-type: application/json
age: 552
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5845
Expires: Wed, 01 Feb 2023 14:30:02 GMT
Date: Wed, 01 Feb 2023 12:52:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ORyc0e23Ga/XDRDQ3FmmCE2IDB2ethR6Qsus4wZbkyPHf/s4MckEEMurZkc+JrEgS1PATSMtZY0=
x-amz-request-id: F5JW9MPYW57BKMZW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 12:51:34 GMT
age: 63
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 12:52:37 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
4d4a6.xq.wy5532.com/favicon.ico
37.48.65.149404 Not Found 9 B URL HTTP/1.1 4d4a6.xq.wy5532.com/favicon.ico
IP 37.48.65.149:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: 4d4a6.xq.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4d4a6.xq.wy5532.com/
Cookie: sid=4dc1f080-a22f-11ed-a3e9-0fc326287266
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Wed, 01 Feb 2023 12:52:37 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 12:49:05 GMT
age: 212
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
4d4a6.xq.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTI2MzE1NywiaWF0IjoxNjc1MjU1OTU3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZyOHFtMW5xdjRpMXYybzgxczAzbWUiLCJuYmYiOjE2NzUyNTU5NTcsInRzIjoxNjc1MjU1OTU3MDE1MDY3fQ.p2BdCWzms9R_VnNHoRxM3fAYnpive_vqiFN78Ii0UBk&sid=4dc1f080-a22f-11ed-a3e9-0fc326287266
37.48.65.149302 Found 11 B URL HTTP/1.1 4d4a6.xq.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTI2MzE1NywiaWF0IjoxNjc1MjU1OTU3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZyOHFtMW5xdjRpMXYybzgxczAzbWUiLCJuYmYiOjE2NzUyNTU5NTcsInRzIjoxNjc1MjU1OTU3MDE1MDY3fQ.p2BdCWzms9R_VnNHoRxM3fAYnpive_vqiFN78Ii0UBk&sid=4dc1f080-a22f-11ed-a3e9-0fc326287266
IP 37.48.65.149:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTI2MzE1NywiaWF0IjoxNjc1MjU1OTU3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZyOHFtMW5xdjRpMXYybzgxczAzbWUiLCJuYmYiOjE2NzUyNTU5NTcsInRzIjoxNjc1MjU1OTU3MDE1MDY3fQ.p2BdCWzms9R_VnNHoRxM3fAYnpive_vqiFN78Ii0UBk&sid=4dc1f080-a22f-11ed-a3e9-0fc326287266 HTTP/1.1
Host: 4d4a6.xq.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4d4a6.xq.wy5532.com/
Cookie: sid=4dc1f080-a22f-11ed-a3e9-0fc326287266
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 01 Feb 2023 12:52:37 GMT
location: http://click-v4.celxkpdir.com/click?i=hITFZkIz49g_0
server: nginx
set-cookie: sid=4dc1f080-a22f-11ed-a3e9-0fc326287266; path=/; domain=.wy5532.com; expires=Mon, 19 Feb 2091 16:06:45 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16394
Expires: Wed, 01 Feb 2023 17:25:52 GMT
Date: Wed, 01 Feb 2023 12:52:38 GMT
Connection: keep-alive
click-v4.celxkpdir.com/click?i=hITFZkIz49g_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.celxkpdir.com/click?i=hITFZkIz49g_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=hITFZkIz49g_0 HTTP/1.1
Host: click-v4.celxkpdir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4d4a6.xq.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://feed.us.adrunnr.com/11/?id=4e136569-a22f-11ed-951b-a52f3726e3b9
Pragma: no-cache
push.services.mozilla.com/
54.202.152.202101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.152.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bKnTxZigwj9Wwyw10ciZFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K9yu45cWutspiHPxMSD59f2PnoY=
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 2376ec8111a6dd1aee996d5316b48014
9cdd25a16a9475c88c075433eed418c37945324e
b9a00d8179ee89aa8045f8a09859618879038ba5a459217a8c883cd30a8ed733
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91781
Date: Wed, 01 Feb 2023 12:52:38 GMT
Etag: "63d90fa4-1d7"
Expires: Thu, 02 Feb 2023 14:22:19 GMT
Last-Modified: Tue, 31 Jan 2023 12:55:00 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BU-qcqhPAZXE_oRsU9NJ__2Q6Xc2qqwB68HkXv2qYBb2ayuRbWt-mQ==
Age: 5239
feed.us.adrunnr.com/11/?id=4e136569-a22f-11ed-951b-a52f3726e3b9
52.206.44.96307 Temporary Redirect 0 B URL HTTP/2 feed.us.adrunnr.com/11/?id=4e136569-a22f-11ed-951b-a52f3726e3b9
IP 52.206.44.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11/?id=4e136569-a22f-11ed-951b-a52f3726e3b9 HTTP/1.1
Host: feed.us.adrunnr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4d4a6.xq.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Wed, 01 Feb 2023 12:52:38 GMT
content-length: 0
location: https://trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=6010c8be&cost=0.0007&browser=Firefox&carrier=&cid=4e136565-a22f-11ed-951b-2f49af90071b
set-cookie: __sess=4ecdb51e-a22f-11ed-951b-a52f3726e3b9; Expires=Thu, 01 Jan 2099 00:00:00 GMT; Domain=adrunnr.com; Secure; SameSite=None
X-Firefox-Spdy: h2
trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=6010c8be&cost=0.0007&browser=Firefox&carrier=&cid=4e136565-a22f-11ed-951b-2f49af90071b
18.158.88.249302 Found 0 B URL HTTP/2 trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=6010c8be&cost=0.0007&browser=Firefox&carrier=&cid=4e136565-a22f-11ed-951b-2f49af90071b
IP 18.158.88.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=6010c8be&cost=0.0007&browser=Firefox&carrier=&cid=4e136565-a22f-11ed-951b-2f49af90071b HTTP/1.1
Host: trk.suprclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4d4a6.xq.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 12:52:39 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w7npulfjhmk5ckami27vdf2s
pragma: no-cache
set-cookie: bc98edd7-1543-43f7-b2f0-6108fbb348b2-v4=cze5YWtdfGEx4gg51mLBtNRpnzrwsq-VchVg18-KkBA; Max-Age=86400; Expires=Thu, 02-Feb-2023 12:52:39 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=QV7FKhDAdOu1vD%2BzYiuJGIXR8wvcjslDHF3FruSqKT2%2BEA3RwYJ0mhT%2BnqjRcHflYMZKLxTKqhD6nXZSO5zS0xG2e7mUzraAkEskSNnZCntWN6izkmcowxCxbcweS%2FbLY3UXMF1m9V9btYqdfRL%2FvA%3D%3D; Max-Age=31536000; Expires=Thu, 01-Feb-2024 12:52:39 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3c0cc46599deb0b4fd6410b80661ccb0
0f4fac01713575a494f90b1a95f81ceaa994a715
ce770882d6da6cc39171ad5648f4755cbe1ea13e0ce4f4e4e6abd07ff6079bea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:39 GMT
Last-Modified: Wed, 01 Feb 2023 12:36:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 64213e16e8d5b9aa34dbd6fe56f33429
50dd32df3c82a053ce1ba8cd4f8e41012b150ddf
19105c18b6d189db53e1b259d93b3d1782c9bd84434467c6c77006a1d6e31925
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5773
Cache-Control: max-age=168643
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:39 GMT
Etag: "63da39cd-117"
Expires: Fri, 03 Feb 2023 11:43:22 GMT
Last-Modified: Wed, 01 Feb 2023 10:07:09 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 12:52:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 12:52:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 12:52:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 13:15:35 GMT
age: 85024
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 54620
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 37361
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daAf58GNG6Oy-ov_8TUeXnTcvZyW5eL_qwWz7dapr2Sy_5XSiS-3Mw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 54583
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2caf8f791d29d1c03e383b08fe71b042
91254d0b2c68291701ba967f71e5319c8edd1d0a
354892b28eda2bcf225909a8f92b6ddb5be5d47c43445ae4243a59c80e10ef9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7876
x-amzn-requestid: 6c502e4a-ac64-48cc-8210-59225f5e9947
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foetOH7PoAMFynA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ab21-539f36af56fde05121a0179a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:58:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Doj1fDH3h-Nvtuw3BLgKgDzxStiR2jqWLrggw_3Z5bJCmJ7FUuSkpA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:28:18 GMT
age: 44661
etag: "91254d0b2c68291701ba967f71e5319c8edd1d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6544847aa1270cea1c780e4ee562f2a2
7be75a9f2e5f9e945f60a20a5da70849ad32f72d
d820b25b833d644358c0d9d5a3dc05817770095c06a098a6fc8ed9b7230c80e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8415
x-amzn-requestid: 0d44aaae-d472-410f-9438-7527da366b10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCuGHRqoAMFxeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e4c0-7e7330ab2de5c1ba3e87df4b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:15:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fr2OB2bcdPtbbHXp2z2l7duVX--MbbazfFJAh_V7qqUMMFEme5bRpw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 06:46:49 GMT
age: 21950
etag: "7be75a9f2e5f9e945f60a20a5da70849ad32f72d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
insider.rizk.com/gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png
104.18.21.91200 OK 1.1 kB URL HTTP/2 insider.rizk.com/gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e97b23e842d4df6dfdd7fb049a87a26f
083cda549ea555b23a7b7aee461c0bc6a13070c0
d96df1d19452dbc92d39e276455f2f226b70daa7ca9ab52796be1247d677a689
GET /gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/webp
content-length: 1100
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5909
content-disposition: inline; filename="Rizk_avatar.webp"
etag: "5a37c146-1715"
expires: Mon, 13 Mar 2023 20:31:14 GMT
last-modified: Mon, 18 Dec 2017 13:23:18 GMT
vary: Accept
cf-cache-status: HIT
age: 1180950
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3547ba80b69-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/jewel_reward.svg
104.18.21.91200 OK 212 kB URL HTTP/2 rizk.com/assets/img/jewel_reward.svg
IP 104.18.21.91:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1914)
Size 212 kB (212265 bytes)
Hash 3af76f4086ba3c8a90d13f8abb2641f0
f43b64deacb6267b42836e0c0a2fc088b9d7b7a7
2c62092a27cf850e3a5d9e0a2aabeb10af17306ecc91aea5b382eadb0aaa3a77
GET /assets/img/jewel_reward.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 10:59:52 GMT
etag: W/"63761428-cdb"
expires: Tue, 17 Jan 2023 07:13:49 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 5147903
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3544b8c0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-no-tm.svg
104.18.21.91200 OK 94 kB URL HTTP/2 rizk.com/assets/img/rizk-logo-no-tm.svg
IP 104.18.21.91:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1498)
Hash ba59e9f644cecc2b6fe86bbbb159f608
ca399313927f387cbe4625d8b969b6a9d6e38f8c
3603eea3ebc4a0794fd0c226f12b84c77f3a1d532e4b94754c0374acb0c52bd2
GET /assets/img/rizk-logo-no-tm.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 10:59:52 GMT
etag: W/"63761428-5db"
expires: Tue, 17 Jan 2023 07:13:47 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 5150182
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3544b8b0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg
104.18.21.91200 OK 130 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 130 kB (130425 bytes)
Hash 794572b9bff04e9c10cd69d8edbd3355
c9dbef9c4e0eabb549c756b63f711c866ba08995
230a06f7ebfa76f4c7b52f4ec0e3e42dacf8ae62362b632f4d88c4715f22f8cc
GET /no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 130425
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=138146, status=webp_bigger
etag: "5ce50804-21ba2"
expires: Sat, 18 Feb 2023 20:35:22 GMT
last-modified: Wed, 22 May 2019 08:27:48 GMT
cf-cache-status: HIT
age: 2747063
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3547ba70b69-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1ff74aab442f09fcaad69b961f34050b
dce6b1606d9f84c107dda78b54575db0abc2f58f
c52c37fd5e4c15f34a0aec3c57639ca95e1914937858d2d6fbff16530ae0cedb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1396
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:39 GMT
Last-Modified: Wed, 01 Feb 2023 12:29:23 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
insider.rizk.com/no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg
104.18.21.91200 OK 279 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 279 kB (278858 bytes)
Hash e9e7535c065a438e4407b2d809511c54
c2c73ee585d77fa4e7e98072073c82e6a3a8199e
f5d32d6e179b67997a72382818a95893217a5d8414679cac7e57f5976c568691
GET /no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/webp
content-length: 278858
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=322951
content-disposition: inline; filename="Insider-and-Email-1080x450.webp"
etag: "59524281-4ed87"
expires: Mon, 30 Jan 2023 10:33:34 GMT
last-modified: Tue, 27 Jun 2017 11:33:21 GMT
vary: Accept
cf-cache-status: HIT
age: 4385673
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3548bb40b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
104.18.21.91200 OK 3.2 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d40515720b33d1eb7e5bae188a21575
d1503716353b57bb6d1e1ed256021b76e120b439
a33e4475fd94d712ffe38ffc48833281324421808415b90f004ae138a85745b4
GET /no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/webp
content-length: 3190
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=10475
content-disposition: inline; filename="insider_power_bar.webp"
etag: "568c79c7-28eb"
expires: Mon, 27 Feb 2023 05:37:30 GMT
last-modified: Wed, 06 Jan 2016 02:19:51 GMT
vary: Accept
cf-cache-status: HIT
age: 2660910
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3549bcd0b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg
104.18.21.91200 OK 76 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e84e09b2755a7cb78cb96550af24897d
b684e3e4c1fce86f6e4a7f72780343d165cb4760
6ae096074523a6cb45488636c636733c10e35c0e0a27eca9b9d76155068e840b
GET /no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/webp
content-length: 76412
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=164109
content-disposition: inline; filename="rizk-casino-mobile.webp"
etag: "568c79fd-2810d"
expires: Sat, 14 Jan 2023 20:04:05 GMT
last-modified: Wed, 06 Jan 2016 02:20:45 GMT
vary: Accept
cf-cache-status: HIT
age: 3870959
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3549bd00b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
104.18.21.91200 OK 174 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 174 kB (174360 bytes)
Hash 723b5a7e7cec506c95f571606f1b6de2
3444eeb2f4b3fea6d959b6a3eea42ee8e783862f
ecbfd5956d791f388ac85fe3411f9cb3ef982bbb3d4b1ad305928b194fc55ece
GET /no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/webp
content-length: 174360
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=384172
content-disposition: inline; filename="rizk_progressive_jackpot_no.webp"
etag: "579ef777-5dcac"
expires: Sat, 31 Dec 2022 16:27:47 GMT
last-modified: Mon, 01 Aug 2016 07:17:11 GMT
vary: Accept
cf-cache-status: HIT
age: 4123529
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3548bbd0b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
104.18.21.91200 OK 163 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 163 kB (163416 bytes)
Hash fd99cab71c6ba9ffe54779befae48d7c
1c84255a3770befc78081b4ed050a29061517bb8
c950567cfa088b0934dc2462b23334ba5be74a3c75a388b7d03c6262c831a6b7
GET /no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/webp
content-length: 163416
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=411655
content-disposition: inline; filename="rizk_captains_cashback_insider.webp"
etag: "578ddbe4-64807"
expires: Sun, 15 Jan 2023 17:19:41 GMT
last-modified: Tue, 19 Jul 2016 07:51:00 GMT
vary: Accept
cf-cache-status: HIT
age: 4385672
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3549bcb0b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
104.18.21.91200 OK 125 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 125 kB (125078 bytes)
Hash 72f2e83e609637b33061f935cea88b62
bc74db10f461af183eeae38ff48ebfb4ea4a0f87
09cad8ab2b9365e3412d2877a35b31167b68bf8a2f28ab33fd3218661cd581a6
GET /no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 125078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128279, status=webp_bigger
etag: "5f855e98-1f517"
expires: Mon, 27 Feb 2023 05:37:28 GMT
last-modified: Tue, 13 Oct 2020 08:00:24 GMT
cf-cache-status: HIT
age: 2747104
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3547ba90b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
104.18.21.91200 OK 224 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 224 kB (223961 bytes)
Hash 06de96686a021bd5896038a67d8aa373
b6b2e5765cf5696bcd397e1b30fdc195011a40ba
684097549048af5e181aa8d430f60828a9dfb9067444dfa038a5555f1a1e991f
GET /no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 223961
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=233162, status=webp_bigger
etag: "5aeaee7e-38eca"
expires: Mon, 27 Feb 2023 05:37:28 GMT
last-modified: Thu, 03 May 2018 11:11:58 GMT
cf-cache-status: HIT
age: 1311949
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3548bb30b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
104.18.21.91200 OK 104 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 104 kB (104549 bytes)
Hash 034cc3ec5138ace96420bf5f92da763a
9a6a6cd46ed8c2855eced3a29bac948a96197d8c
4326a495eaf2973adf16b37976efe685ba6818c07f0e041b12a9ed2f81a7a687
GET /no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 104549
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=110109, status=webp_bigger
etag: "62b46fa1-1ae1d"
expires: Mon, 13 Feb 2023 21:05:53 GMT
last-modified: Thu, 23 Jun 2022 13:50:25 GMT
cf-cache-status: HIT
age: 3710701
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad354abe60b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
104.18.21.91200 OK 117 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 117 kB (116891 bytes)
Hash 57d4e12acdf47787731bc06c9fd6112e
1cc607aba15378b7709324e209159b2057ae2066
530c063437bc59d01e044f2cbbd0ccf9e3ae47598818e1be7b8affa1cfa03577
GET /no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 116891
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=118194, status=webp_bigger
etag: "6318b35c-1cdb2"
expires: Mon, 20 Feb 2023 20:17:59 GMT
last-modified: Wed, 07 Sep 2022 15:06:04 GMT
cf-cache-status: HIT
age: 1180949
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad354abec0b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg
104.18.21.91200 OK 123 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 123 kB (123132 bytes)
Hash 341d6a23c5e812aeaf495248004ab7fc
4168e2e4296aa381667ff9c7dd811a63cb67cb6a
b381902f5d9b1b4fe648915947a9ac9432b06457926a35d27a1a1d733483621b
GET /no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 123132
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128662, status=webp_bigger
etag: "63120677-1f696"
expires: Sun, 01 Jan 2023 22:48:55 GMT
last-modified: Fri, 02 Sep 2022 13:34:47 GMT
cf-cache-status: HIT
age: 2761226
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad354abed0b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
104.18.21.91200 OK 105 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 105 kB (104910 bytes)
Hash 68ef88c9f828a10d55a04133fe5658f3
1aac5886a146873fb39bacf53f76fd55c448bcae
8493ade7db211441aa7cee1689b27b1e5c084ec1a22898ce0443229d186d60e3
GET /no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 104910
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=109099, status=webp_bigger
etag: "56a8a1f4-1aa2b"
expires: Mon, 13 Feb 2023 21:05:54 GMT
last-modified: Wed, 27 Jan 2016 10:54:44 GMT
cf-cache-status: HIT
age: 1311946
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad354fc2c0b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg
104.18.21.91200 OK 236 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 236 kB (236534 bytes)
Hash fe1f908a1ea3ad74d7580a4bb10732cc
e563c2ad2593b1fd0ab914c6c06686efc9bd4a72
16e4a3f6178cbac41c7010999daf2c62184fa06a7c02605cdaa75ea6cbfd74f0
GET /no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 236534
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=247916, status=webp_bigger
etag: "59e9e8f9-3c86c"
expires: Mon, 27 Feb 2023 05:37:29 GMT
last-modified: Fri, 20 Oct 2017 12:15:53 GMT
cf-cache-status: HIT
age: 2747104
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3548bb60b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
104.18.21.91200 OK 200 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 200 kB (199509 bytes)
Hash b57e8271b267921cf7faa4db4d13c313
2f72cbdc71ad2376390a369a7459c2af19cdd3ab
1a2a86f45d3128fcc9b11912f20bf92ce49b2c502dfa996e2133120360678090
GET /no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 199509
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=209043, status=webp_bigger
etag: "5742ff10-33093"
expires: Mon, 13 Mar 2023 04:37:11 GMT
last-modified: Mon, 23 May 2016 13:01:04 GMT
cf-cache-status: HIT
age: 1311946
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3549bc80b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/RZ-Wild-Wednesday-Cashback-Promo-NO-1030x580.jpg
104.18.21.91200 OK 173 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/RZ-Wild-Wednesday-Cashback-Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 173 kB (173053 bytes)
Hash 1b4dcceb8d7f7d550a923cbdc7aff2a8
5d7aba8e7a8a1406be5aee45d57babe331d95aa9
cb4c7c096ebb649b506aaa31bc394d35d6ee2571eccb7d3a734b4fe10d88ec8d
GET /no/wp-content/uploads/sites/5/2023/01/RZ-Wild-Wednesday-Cashback-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 173053
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=182025, status=webp_bigger
etag: "63d25344-2c709"
expires: Sat, 01 Apr 2023 16:06:15 GMT
last-modified: Thu, 26 Jan 2023 10:17:40 GMT
cf-cache-status: HIT
age: 74784
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3549bd10b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg
104.18.21.91200 OK 178 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 178 kB (178130 bytes)
Hash ea632bbffee05d4ab2c11c1bd0cf156c
1b9b16716f21ed62d448bb5fabdcfe6870510654
8df9b085cc67bb8a10e9de2a1c2cc2dcee36f2c6539a4b2a0b401de9160c7f04
GET /no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 178130
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=186454, status=webp_bigger
etag: "63cead1e-2d856"
expires: Sat, 25 Mar 2023 15:27:38 GMT
last-modified: Mon, 23 Jan 2023 15:51:58 GMT
cf-cache-status: HIT
age: 681901
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad354abe80b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg
104.18.21.91200 OK 150 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 150 kB (149799 bytes)
Hash 9ebb7e0f0f489d3d8a3745f8febb5b15
ea1c8f36a0edf023eb6d39817b7df092f9f54763
dd1b3a8795857591e492cd5510da49c929e3e0e3ae5168b391a00628867f7cff
GET /no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 149799
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=155887, status=webp_bigger
etag: "620227ed-260ef"
expires: Sat, 18 Feb 2023 20:35:22 GMT
last-modified: Tue, 08 Feb 2022 08:21:01 GMT
cf-cache-status: HIT
age: 1311946
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad354cc0d0b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg
104.18.21.91200 OK 202 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 202 kB (201797 bytes)
Hash 6b236304b4d875c745e572e9fbda254e
c584e908e55b7caa2135ebf25022804e7d1ef0db
e9dbf688fabc7b3452affa6d60690e2ac75536299300fbf5cdd5944e55bf16cb
GET /no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 201797
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=211099, status=webp_bigger
etag: "63c80b0e-3389b"
expires: Fri, 24 Mar 2023 09:03:35 GMT
last-modified: Wed, 18 Jan 2023 15:06:54 GMT
cf-cache-status: HIT
age: 791344
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad354abea0b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg
104.18.21.91200 OK 194 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 194 kB (194157 bytes)
Hash 1cca37417fe863df82c0319381e01e1f
f8b0a8aab239568c0db450be1d6d7b445529e436
694d7c5a7ba696111b5c0db984c9f9121b97c2a1a4f37520bcd6a597252dacd7
GET /no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/jpeg
content-length: 194157
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=203250, status=webp_bigger
etag: "6202912a-319f2"
expires: Thu, 16 Feb 2023 17:29:48 GMT
last-modified: Tue, 08 Feb 2022 15:50:02 GMT
cf-cache-status: HIT
age: 2747111
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad354cc0f0b69-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
104.18.21.91200 OK 99 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Hash fc9c3d854084e790e9ceba940b916906
bbe5ab038437a76672dc65c87fcfd4d4a8f1033d
fe129e245e6ef9f8258b84ce83141faa532e5a2e81ed96065aaf7dbdfeee2db9
GET /no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:40 GMT
content-type: image/jpeg
content-length: 99225
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=103824, status=webp_bigger
etag: "56795660-19590"
expires: Mon, 02 Jan 2023 08:52:09 GMT
last-modified: Tue, 22 Dec 2015 13:55:44 GMT
cf-cache-status: HIT
age: 5139742
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad356ddcf0b69-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 8.4 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (25592)
Hash e248bb3ed9070ee48f0b5bc674e6a49d
46a6ac373399405df390e910c580cf850dce9886
74fd866eaf62b63cec2b85eadf2245e9302107f4c8fabc25f9c3e5cd49f40a6b
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:40 GMT
content-type: application/javascript
content-length: 8384
content-encoding: gzip
content-md5: 4ki7PtkHDuSPC1vGdOaknQ==
last-modified: Mon, 30 Jan 2023 20:36:09 GMT
etag: 0x8DB03019EC57C05
x-ms-request-id: 8bd5a73a-801e-0125-0408-350600000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 65652
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792ad356de99b4f7-OSL
X-Firefox-Spdy: h2
use.typekit.net/jdw0csx.js
23.36.76.186200 OK 7.2 kB URL HTTP/2 use.typekit.net/jdw0csx.js
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (6501)
Hash 28429e05f83935c1fb93424ad783e8bb
36b7dd84e6948af59b101520baf8bf2838f6eb3c
6751313549b4090109dfebcaaf8c6512e50fb67c49bafb7542e7e5ebd752e75b
GET /jdw0csx.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 7248
date: Wed, 01 Feb 2023 12:52:40 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32025)
Hash 38a76bd9db7bcd61655d35a37046ad1d
b8aef4bba84d71000810736dd76f643a872ee15c
d4e1d1ccb31338384004beeef249ac102cbd298136b26dfe158ecb7bf4f62937
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 26646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1499c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1101175
expires: Mon, 22 Jan 2024 12:52:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhoQjKAW%2BzEO%2FCrFZ8dy8Td6wwoarLVlZFJuVgox%2BT3eDwppGd8K9akbr1dt5gGOEbv9DKGj0anVBwSq%2FPGOsWwTF1kAXBgM%2Bb7z%2F53jUsaOPIk7FXmrybnmgubRFCkWgkpyHpQc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 792ad3572f4dfac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.typekit.net/af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 16 kB URL HTTP/2 use.typekit.net/af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16488, version 1.0\012- data
Hash 77ee853d54976f653eae7f9bf3756b81
14479919cb6c4795e9681b0116d9b45878e59a27
a3824d6f1e6f3aaa29342418aa60106500897804becaa0305d29e6328c4fe999
GET /af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16488
etag: "4d3b0c26b9e19a72e0c7ed499882c33f6eb1f980"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: sOQQtBZBGW4grpdJZkhuDA==, MvskAWoTx95/w9xlk4ja1w==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 28236, version 1.0\012- data
Hash 4b65d6cda48fa321ba802818f81ba7e5
fe1c677b815b4cb9eeb861916acc1c7155aa5760
5ba8e72d5af3c0cc39c4e804d2ed9478399ff2af3697707c30bd929613c2c2b5
GET /af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 28236
etag: "0e16f9f570445a3af398ac3254132299060fa940"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 26936, version 1.0\012- data
Hash f12d00a94108d5711ea7d06f09e5c68d
ea0d3da174d13daa20a5a874dd9e2f505a407f9e
cc2543e733021a267b439eb74704905ef328ce55a7ca95aed93e7193b930fe01
GET /af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26936
etag: "fe7fdcb6d53c12b4d0552a6bc637b554f3517dd0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: 8gqwq4IzJl07NBWNV5EMWA==, dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23872, version 1.0\012- data
Hash a27b9659dc0abd423cf8ef68b3b5f090
c6e53b9fa38a64f79de589330ada752e508e1d79
8856e4523739253fa932474ea1297a4bde5154aba949eb0bf526e33a416f80ef
GET /af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23872
etag: "3e9f0bc1bba61dac43bde99f04314859477ffd8d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
www.clickcease.com/monitor/stat.js
54.230.111.16200 OK 79 kB URL HTTP/2 www.clickcease.com/monitor/stat.js
IP 54.230.111.16:0
Hash ab51e5f057a0287ce3e32443c631a0c6
ae8f48900e9a0183c8cfc6e049e63b3837fee07d
76ed93377534b133f48d54218dafc5fedceb0f2c03a4fb3a58b9dec4db1f699b
GET /monitor/stat.js HTTP/1.1
Host: www.clickcease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 12:52:40 GMT
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YR6lieNSqI5rylee9yXMHWdW79RTbZvBFM8l238zu6_O_igcZWZGsw==
age: 7
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: microphone 'none'; camera 'none';
X-Firefox-Spdy: h2
use.typekit.net/af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27036, version 1.0\012- data
Hash 4b420ce7adfa2d14176827c218589866
c1207ab86cedc1b975be5c32b9d4f795facf1c86
02e354581457b68fd0f38d82f91fc66da60f461348815a478ee777b8e59317f6
GET /af/7f7817/00000000000000003b9b3879/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27036
etag: "aeb323a44d7429e94b480beeda936a742b20393f"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 25 kB URL HTTP/2 use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24944, version 1.0\012- data
Hash 4db1a622a8ec326f0b65e39dd2147c3c
6f554080b360e101d1c4c0872559a5770620eb99
125ac250cf3b6bf24697c353ee5db63ffd8eecef03ddf43ed1ade4450ae5d11e
GET /af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24944
etag: "b1fff3be18990092dac37cd165ff020dcdec4dcd"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27328, version 1.0\012- data
Hash fe70ae94ddc6f65b13db6a45e89352ae
8d413902aaba44dd5ce275bd78ad959e8de5ece1
007a6041b879f4840186d37bf62cb24354dc0257b1ce663d315c8778e9746fc4
GET /af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27328
etag: "1f5ee00caffae153bc4e97ee7fc744982328dae1"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24416, version 1.0\012- data
Hash 942518d5490873c5b04873d49668920d
567714dda462382b7f8744a2ef5fed11e095ff8d
1e7e73097a1cb1eb21133807422bbecd3f09a91d8f3fc4e6dbe9a654496b64ea
GET /af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24416
etag: "362038376e4edfd49eadab55e78eb8c8fad75576"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.186200 OK 120 kB URL HTTP/2 use.typekit.net/af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 119904, version 1.0\012- data
Size 120 kB (119904 bytes)
Hash 28a88f4e70f45eb49c96d18da7f44869
3c707b6df2c0d8fdb324bb1883e1890a38644622
a998f1a4c9e921275caf71058390cf6cc33268c25c12ce3d9ccab137bb67f591
GET /af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 119904
etag: "9cf7b880c940e69005d99d254f5c957320db9920"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: MvskAWoTx95/w9xlk4ja1w==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
rizk.com/assets/images/04532da6-menu-icons-s.png
104.18.21.91200 OK 6.1 kB URL HTTP/2 rizk.com/assets/images/04532da6-menu-icons-s.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 42207df0d63f162c0e4628718aa606e1
f692963891ed031073bdcb796b9a7d8e67e454ea
d3ecbd89b841f3c0873ea22ffb3fc87b270ac5176cb2abc734874cf6441adba4
GET /assets/images/04532da6-menu-icons-s.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675255959
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/webp
content-length: 6130
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=11277
content-disposition: inline; filename="04532da6-menu-icons-s.webp"
etag: "637614c1-2c0d"
expires: Sat, 21 Jan 2023 21:30:52 GMT
last-modified: Thu, 17 Nov 2022 11:02:25 GMT
vary: Accept
cf-cache-status: HIT
age: 4461278
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35d0be40b69-OSL
X-Firefox-Spdy: h2
rizk.com/assets/css/base.css?1675255959
104.18.21.91200 OK 192 kB URL HTTP/2 rizk.com/assets/css/base.css?1675255959
IP 104.18.21.91:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 192 kB (192293 bytes)
Hash efdabf209c915bfdf9282b06f5947759
6801da64db29af9b0b13f3b79bbd4f070ecb6f8f
67c335153f6c45fe02c8a230f603b440a48e4947a04ca81ec53fa631bcab7166
GET /assets/css/base.css?1675255959 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:40 GMT
content-type: text/css
last-modified: Thu, 26 Jan 2023 12:38:44 GMT
etag: W/"63d27454-5026a"
cf-cache-status: HIT
age: 0
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3543b7d0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/flag-is.png
104.18.21.91200 OK 142 B URL HTTP/2 rizk.com/assets/img/flags/flag-is.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6d73273e182c35e4f0afd10e5409b46e
0d5a7ec0c80536576e3cfb14092dc96804771aef
d972ebf138951eb06a75652b04a37d1e00e588a620b215af0073ee258b360f8b
GET /assets/img/flags/flag-is.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675255959
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/webp
content-length: 142
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=776
content-disposition: inline; filename="flag-is.webp"
etag: "63b6a805-308"
expires: Tue, 07 Mar 2023 21:06:33 GMT
last-modified: Thu, 05 Jan 2023 10:35:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1888976
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35d1bec0b69-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 141 kB URL HTTP/2 use.typekit.net/af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 140860, version 1.0\012- data
Size 141 kB (140860 bytes)
Hash 6bfaf65a2c550ba5bfe4af17a108b036
f580547cca47791a9bc16d97d3b1a6d9ba7ff1ee
d872a3dcfd2d278eee0ed07ce8ceecff0c5ee30cef33aa92a1224bda28888dec
GET /af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 140860
etag: "bf19a0104a0de96dfd0edb2276eadec4d02bf248"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos-colors8.png
104.18.21.91200 OK 59 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos-colors8.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fe6a3d9473736b893ae03740c16c3028
a5e1f8814aa259b908c7fb8cb78b8fe95f5f5b87
053d5dc7fa0a82552a93b9a4de1be785a3a498efbb1064f0cf91522630870a5c
GET /assets/img/footer/footer-logos-colors8.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675255959
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/webp
content-length: 59014
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=92815
content-disposition: inline; filename="footer-logos-colors8.webp"
etag: "63d27455-16a8f"
expires: Mon, 27 Mar 2023 12:40:09 GMT
last-modified: Thu, 26 Jan 2023 12:38:45 GMT
vary: Accept
cf-cache-status: HIT
age: 519141
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35d1bf40b69-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 141 kB URL HTTP/2 use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 141220, version 1.0\012- data
Size 141 kB (141220 bytes)
Hash 9f122ab64b701b87597137ad1fa662b4
c4fee49ffd9edf8123742b60f0aa0a905f2e96b9
e1506e1413472be6886a35777303ede29d4a113f2dbc71af9806395e47de87e7
GET /af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 141220
etag: "9c467641a743d4e8fda4fd28f2eebdc227275260"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/locale-flags-small.png
104.18.21.91200 OK 6.9 kB URL HTTP/2 rizk.com/assets/img/flags/locale-flags-small.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cbf69efd1161ae68af7c62a9ed5aedda
e52470c459f19223c367a6b8f0139b6869babb97
027c3e30e700f7cadb699b50f16e55638f0c5b8e80a6bcd47b4f44924d808868
GET /assets/img/flags/locale-flags-small.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675255959
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/webp
content-length: 6942
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=16785
content-disposition: inline; filename="locale-flags-small.webp"
etag: "6388832c-4191"
expires: Tue, 31 Jan 2023 05:59:27 GMT
last-modified: Thu, 01 Dec 2022 10:34:20 GMT
vary: Accept
cf-cache-status: HIT
age: 4825041
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35d1beb0b69-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26668, version 1.0\012- data
Hash f3c582e5ca61298fe63dd09a8c9323f0
8561b44c4a4bc035cbf0c533d9bcfb83edc5a8b5
abb1e2fb045dd6b00673ffa1bc1a51b754e05691c69aa54d9b712b3ccbb7fc96
GET /af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26668
etag: "116e12f7283140ad38d72901d816fba7ce41690e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: PuT1oxgzAM/a8Zag57qtsg==, dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/ecogra.png
104.18.21.91200 OK 28 kB URL HTTP/2 rizk.com/assets/img/footer/ecogra.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 30ffda9881d8c1c2ccb46ff7b2ea50af
e19a29ba3abddb9beff5b09ef264ca81e9b41290
a972cf53714ef5e43e6bda7b67348f3680f9d3810841ac63a061a91ae2430b8d
GET /assets/img/footer/ecogra.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675255959
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/webp
content-length: 27890
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=80752
content-disposition: inline; filename="ecogra.webp"
etag: "63bfd1ff-13b70"
expires: Mon, 13 Mar 2023 17:26:51 GMT
last-modified: Thu, 12 Jan 2023 09:25:19 GMT
vary: Accept
cf-cache-status: HIT
age: 1711133
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35d2c030b69-OSL
X-Firefox-Spdy: h2
unpkg.com/yett/dist/yett.min.modern.js
104.16.125.175302 Found 26 kB URL HTTP/2 unpkg.com/yett/dist/yett.min.modern.js
IP 104.16.125.175:0
Hash a097b878b0bf99f49e78369f35e8cecd
442d577afed44fc203ec6711bb8e826482777859
380274ada304b11021c84479f019fc34cacd501696b63ecd76a5ca4c6d7cb88d
GET /yett/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /yett@0.2.3/dist/yett.min.modern.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GR6G7HRAB34SCK2XM7MVR8H1-fra
cf-cache-status: HIT
age: 363
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792ad3545995b4ee-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27684, version 1.0\012- data
Hash 962b0ccdf6555a8b81741bb83f696949
deed4a3bd9835c6fa5fdf47f511874a5f4116b9d
9cfaeffef650a761e27f14dec12810366a0bd679027c13015f95dccf9611e463
GET /af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27684
etag: "e2094b44e42b94d755331c3ee7b8c732b4c5882e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos3.png
104.18.21.91200 OK 30 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos3.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 91f88b0da0473fbd507dcd1a759533af
36133c385d1c171958c5a5fc60ef1f5d12237e30
b75061abacce30de1bddabb464f7ca044dba230382cd1323f59079c8d0cdc260
GET /assets/img/footer/footer-logos3.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675255959
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/webp
content-length: 30078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=63052
content-disposition: inline; filename="footer-logos3.webp"
etag: "639b02c9-f64c"
expires: Mon, 13 Feb 2023 19:41:30 GMT
last-modified: Thu, 15 Dec 2022 11:19:37 GMT
vary: Accept
cf-cache-status: HIT
age: 3871252
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35d3c0f0b69-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26656, version 1.0\012- data
Hash 843379cf54b236ae4934db29570421f7
1ecfe53a9b021d8cfbdedd77b995a7f6f13f32b6
46f2ac0d9703243c85b6ad1b9f8ce05ce5a2a9d7adaf550fbfa061ecbf093e53
GET /af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26656
etag: "de5daa0372d6be1d2b0ba0e28b1c2c00515f2fce"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 16 kB URL HTTP/2 use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16028, version 1.0\012- data
Hash 0dd4d271ed7ee5c0273e79583ddf8d3e
796801d9390b8253bc98890f8ed5430f58967874
dda79dbffad3c2454d4b8f1560f357ecd9879ec9400a8d732cd6943b28572d66
GET /af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16028
etag: "09f0318a3a474a88e125155447b116ce923c5e58"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27716, version 1.0\012- data
Hash aae09c973c0e8c1a2ece8d4922e4c72b
d35720d96434aeb1ce0be89a1e817bdd94774a09
07919fde0a59ac04f7fafd0e4a2c510822688affe0e011c996aff25025c7bc7f
GET /af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27716
etag: "8c57889473eaf8566c3bde8fd1b284dadb35fe4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Wed, 01 Feb 2023 12:52:41 GMT
X-Firefox-Spdy: h2
rizk.com/assets/fonts/rizk-icons-font.ttf
104.18.21.91200 OK 7.3 kB URL HTTP/2 rizk.com/assets/fonts/rizk-icons-font.ttf
IP 104.18.21.91:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash e430bba6922f67c139ea3cc3da148146
1403eafe8c68c8822be1253dda00fe96c368d628
0b0beeeb28012258a5016cb95f982a34d443ecd1fae612d579ea5a37d2f085ad
GET /assets/fonts/rizk-icons-font.ttf HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675255959
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: application/octet-stream
content-length: 7264
last-modified: Thu, 20 Oct 2022 08:06:56 GMT
etag: "635101a0-1c60"
expires: Tue, 20 Dec 2022 05:33:18 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 5149803
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35d7c630b69-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/favicon/android-icon-192x192.png
104.18.21.91200 OK 3.1 kB URL HTTP/2 rizk.com/assets/img/favicon/android-icon-192x192.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 314c2b722ec91013441562d73c4d8fb3
f7dbb17a8708cb7801ae1e4d449389ec10e7dc81
baced404c8a57e0d0d4f17d00a2850352b98e90a343681b1fea15f263385c82a
GET /assets/img/favicon/android-icon-192x192.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/webp
content-length: 3082
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=4135
content-disposition: inline; filename="android-icon-192x192.webp"
etag: "63c9889b-1027"
expires: Mon, 20 Mar 2023 22:54:10 GMT
last-modified: Thu, 19 Jan 2023 18:14:51 GMT
vary: Accept
cf-cache-status: HIT
age: 484781
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35e0cd80b69-OSL
X-Firefox-Spdy: h2
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js
54.230.245.9200 OK 27 kB URL HTTP/1.1 d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js
IP 54.230.245.9:0
File type ASCII text, with very long lines (32806)
Hash fa979f12aafaca9dfc3c01fdb35f2c8a
b2e14da49f38a08294f14376d61dc9b011727f6b
88f23962aff99d99d3d6603b7cc1e6bea1bc37b56c49f1db68f62b19a51f15f5
GET /integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js HTTP/1.1
Host: d2yyd1h5u9mauk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 01 Feb 2023 12:51:28 GMT
Status: 200 OK
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-UA-Compatible: IE=Edge,chrome=1
Cache-Control: max-age=120, public
Content-Security-Policy: default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://*.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://*.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://*.quora.com https://*.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
X-Request-Id: 4d4438d1282b32ed36d5c94a61f4463b
X-Runtime: 0.041043
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CTGaoQYkWSDr83HuarfAqiloubOw3y9lH5XpOPuOKrS4XfVNxLsOFA==
Age: 73
rizk.com/assets/img/favicon/favicon-16x16.png
104.18.21.91200 OK 352 B URL HTTP/2 rizk.com/assets/img/favicon/favicon-16x16.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 25a53aaffe9a3246411deb3361d57d32
1d5249c888910c27a6125c0d92dd60d2377738c0
9ca4b1fb97777d6c5b3fbe165f2734e3b38525d586828c526ad7bfa91bab2238
GET /assets/img/favicon/favicon-16x16.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/webp
content-length: 352
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=571
content-disposition: inline; filename="favicon-16x16.webp"
etag: "63c9889b-23b"
expires: Mon, 27 Mar 2023 06:07:09 GMT
last-modified: Thu, 19 Jan 2023 18:14:51 GMT
vary: Accept
cf-cache-status: HIT
age: 483317
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35e1ce80b69-OSL
X-Firefox-Spdy: h2
rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
104.18.21.91301 Moved Permanently 531 B URL HTTP/2 rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
IP 104.18.21.91:0
Hash 0e44dfb440616e545611e6c6047ad114
998ad9e310e9b6310a88c8a24ca29c8501104555
48f0a4a8f482b44943d2770ee8d36f54cd8a38495784fd9641c7b3d4f032face
GET /no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4d4a6.xq.wy5532.com/
Connection: keep-alive
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: text/html; charset=UTF-8
location: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
x-powered-by: PHP/7.1.33
set-cookie: PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; path=/; secure; HttpOnly
btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; expires=Wed, 15-Feb-2023 12:52:39 GMT; Max-Age=1209600; path=/; secure
Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; expires=Fri, 03-Mar-2023 12:52:39 GMT; Max-Age=2592000; path=/; secure; httponly
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35219790b69-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 045de77c25553cc3c7bcafa7f7c8419f
a073bbbfd3ffa062948db22a42c7f6bcd3bc082d
a756edf2fee4d6b169aab055c2d2f7ea9cc99a248691014aa708e72c32aff3d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5929
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:41 GMT
Last-Modified: Wed, 01 Feb 2023 11:13:52 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
104.16.148.64200 OK 90 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (65455)
Hash 669fc272b6662bb850d92e9cfedf53a7
e573ee887b0ca01445457cc338f510c559a092f4
e77f0bfe908a1ee2181992bad85721333d192528c2a00aac42077549f7d377ba
GET /scripttemplates/6.39.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: application/javascript
content-length: 90454
content-encoding: gzip
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
etag: 0x8DA87805EB35DE2
x-ms-request-id: 41a1e322-301e-0173-6402-efee70000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 58545
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792ad35f9a85b4f7-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e186dce1fd1ccf03fdcee7d14ffa216
03814faf439fe941ef696a02fca0e10ca8e6c0a1
6f0e98fcf2266d560f28288fb755123bd9ad00aa285413cdafb0a9ed09813b0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5817
Cache-Control: max-age=160774
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:41 GMT
Etag: "63da1ae6-116"
Expires: Fri, 03 Feb 2023 09:32:15 GMT
Last-Modified: Wed, 01 Feb 2023 07:55:18 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 3.1 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
File type ASCII text, with very long lines (9097)
Hash 1d4224928316e814e1b1dafd57129c82
00b9d71e25f5fa5839385f1131bacfb1f9339618
734c59eb829c63ec269858c7ca7cf4d51f34364ea9b027e7b8db0b9f9b633237
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 232
expires: Sat, 04 Feb 2023 12:52:41 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 792ad35ffb2ab4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json
104.16.148.64200 OK 18 kB URL HTTP/2 cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json
IP 104.16.148.64:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65222), with no line terminators
Hash 52edc17dd959eec04919e5f8f7366ebd
b0afc9516325109205e3b7a7656c990ac3ce23f7
f101a7d16badd7407e56c6ecdb70a97147abd8e652d9ec80164cb449f225f8d8
GET /consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: application/x-javascript
content-length: 17666
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: Uu3BfdlZ7sBJGeX49zZuvQ==
last-modified: Thu, 11 Aug 2022 10:56:24 GMT
etag: 0x8DA7B8822255DC0
x-ms-request-id: a06e6807-601e-0142-288a-adb5a7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 37031
expires: Thu, 02 Feb 2023 12:52:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792ad3602e340b55-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
104.16.148.64200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (11118)
Hash 5f1f3dee54d56068cc422c2e182af30c
307e86761b9ecbc0262af0358acfc0e0b95e7ea5
482ea2a9ca60ee6292211fcbfb5ea4b28ef501cd7be34899a43384c8f9a113e8
GET /scripttemplates/6.39.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: application/json
content-length: 3007
content-encoding: gzip
content-md5: Xx897lTVYGjMQiwuGCrzDA==
last-modified: Fri, 26 Aug 2022 16:30:55 GMT
etag: 0x8DA87805972EF22
x-ms-request-id: 77d93883-701e-0112-6b8a-b9aaaf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 37888
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792ad3605e5c0b55-OSL
X-Firefox-Spdy: h2
rizk.com/serviceWorker.js
104.18.21.91200 OK 14 kB URL HTTP/2 rizk.com/serviceWorker.js
IP 104.18.21.91:0
Hash 095c6c574a3ee6d4afbb19070a21a74e
10c1711314b376b09cda330f0c32ca71339687b1
41e8ac7e3e218994c88c71d052e968c02564220fa1134ab79ff0b0219971e12b
GET /serviceWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/OneSignalSDKWorker.js
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:30 GMT
etag: W/"63d27446-4e5"
cf-cache-status: HIT
age: 6194
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35f9e6e0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/ef1e7412-c61f-4d80-8864-afd77df9fe19/3c8f4585-e221-4b13-9563-e2283f98b4ed/76734d0d-25b0-4d9e-906d-a2d45303e621/android-icon-192x192.png
104.16.148.64200 OK 4.1 kB URL HTTP/2 cdn.cookielaw.org/logos/ef1e7412-c61f-4d80-8864-afd77df9fe19/3c8f4585-e221-4b13-9563-e2283f98b4ed/76734d0d-25b0-4d9e-906d-a2d45303e621/android-icon-192x192.png
IP 104.16.148.64:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 1cfc5cde5e96f35a24f6db0a76981d91
ff1ac1cecf4b1572b174d753534b644b67d917b6
14430bc422f22b9eb5390f563691365fb38ac5878ebebea5e8bdd528ccac96a6
GET /logos/ef1e7412-c61f-4d80-8864-afd77df9fe19/3c8f4585-e221-4b13-9563-e2283f98b4ed/76734d0d-25b0-4d9e-906d-a2d45303e621/android-icon-192x192.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/png
content-length: 4135
content-md5: HPxc3l6W81ok9tsKdpgdkQ==
last-modified: Thu, 24 Mar 2022 10:25:14 GMT
etag: 0x8DA0D8095ED2DEE
x-ms-request-id: d61608bc-601e-010d-7b50-7b71bf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 35656
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792ad360ec35b4f7-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rizk.com/assets/js/mustache.b0b33cad.js
104.18.21.91200 OK 103 kB URL HTTP/2 rizk.com/assets/js/mustache.b0b33cad.js
IP 104.18.21.91:0
File type ASCII text, with very long lines (6027)
Size 103 kB (103391 bytes)
Hash 8f317e8f1b4b1c7f7323143985218df6
e86ba0f22aece35fd2ba8cd58cec9c982ed9ce2e
1cc9875b524083f1d8e5ce52f831dbfaaaf9d1dc28e9a4a8f520b007951b6b90
GET /assets/js/mustache.b0b33cad.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Wed+Feb+01+2023+12%3A53%3A03+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-186c"
cf-cache-status: HIT
age: 3403
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad360bf6c0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c252d8dd92c8a3cc895f2cbb335a5014
aedd6576e0e9a41283f9efde022c4b78bf59984c
da2a3947cf36253d5287fd38fa2956334b829f48eb85b58997a5903de5b35ee8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1578
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Last-Modified: Wed, 01 Feb 2023 12:26:24 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 109cc43dcc8f2e31c27a60f009eb74c3
e9cfb0f791e11f6b6b303cf54cd5641dd2b98dde
31a9c59eb07ad609be891b0e96ce0e15599014a98788ac4cf38b89914422490e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "31A9C59EB07AD609BE891B0E96CE0E15599014A98788AC4CF38B89914422490E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10929
Expires: Wed, 01 Feb 2023 15:54:51 GMT
Date: Wed, 01 Feb 2023 12:52:42 GMT
Connection: keep-alive
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (30923), with no line terminators
Hash 957d65dfa972893511879b4d2abce54b
a0106f59c171c72c527a88cc3b06263af186a5c4
24cae1a14856e2642826fe9d960b0e61ae60fa45a778ec61f2b7d862dc3af603
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Wed, 01 Feb 2023 12:52:42 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Thu, 02 Feb 2023 11:31:52 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xqBvcKEDw7Qt0KMikzZ3NZVyeSoLhIbbJ9Udytz-aTLawoZwur-c1w==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 109cc43dcc8f2e31c27a60f009eb74c3
e9cfb0f791e11f6b6b303cf54cd5641dd2b98dde
31a9c59eb07ad609be891b0e96ce0e15599014a98788ac4cf38b89914422490e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "31A9C59EB07AD609BE891B0E96CE0E15599014A98788AC4CF38B89914422490E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10929
Expires: Wed, 01 Feb 2023 15:54:51 GMT
Date: Wed, 01 Feb 2023 12:52:42 GMT
Connection: keep-alive
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
23.36.79.43200 OK 37 kB URL HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (62459)
Hash d2e8fadea66d50de6764cc8815911655
5219f9385a355cddd3cf5893794e2e3c554ead1c
621097f07e85bf9c2eb4b75eea6664762dfc8e3bc3a7f464aa5055295b7cb80d
GET /dist/tag-manager.js?id=STM-AAAAKR HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: fqJEPgeJDoEEPHg=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37261
x-serial: 1128
x-check-cacheable: YES
x-akamai-pragma-client-ip: 23.36.79.39, 146.247.142.3
date: Wed, 01 Feb 2023 12:52:42 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash bfabaed42977089538e4f8a04e2b058a
35f1c862d8d9d97d1cd997021f21ba4a71f59999
8ba3f436fa2c797171704b8c1443d5d399bdfeb0c6dda2ad040499a2074dd776
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92052
Date: Wed, 01 Feb 2023 12:52:42 GMT
Etag: "63d91c4f-1d7"
Expires: Thu, 02 Feb 2023 14:26:54 GMT
Last-Modified: Tue, 31 Jan 2023 13:49:03 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Vtf56IErJQG7lcZF84r9gf6NGFuDrVJ60rF6nEmoZWat263XpWJZlQ==
Age: 2271
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5f9249a357bef67738b1fe36ec709148
e3789bbbc311effea659629db4797a43bee22b15
8d27c49331163156397e2751ac909e50bb2881c355b673680da1ba557ff2a6f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3757
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Last-Modified: Wed, 01 Feb 2023 11:50:05 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
carma-scripts-cf.s3.amazonaws.com/roi.js
52.219.140.154200 OK 3.7 kB URL HTTP/1.1 carma-scripts-cf.s3.amazonaws.com/roi.js
IP 52.219.140.154:0
File type ASCII text, with CRLF line terminators
Hash 04cb6a245b3c82cab89108b117a879e4
7470d1ea561f19a331558ebc901eb3d214dfbea4
061840fb42ac4bf71ce18b139324b7d4a89ce7bc08cee4696649ea4b892fa8b7
GET /roi.js HTTP/1.1
Host: carma-scripts-cf.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: mfEONL3x4BJ8eTaCQ++WUpUq+nzo4W/cOWK8T+rliT9BXOjOAW1mDimhHqFOFvGX2CcgKb0JOME=
x-amz-request-id: AE3AVMSY3D82C1RZ
Date: Wed, 01 Feb 2023 12:52:43 GMT
Last-Modified: Mon, 15 Feb 2021 12:30:52 GMT
ETag: "04cb6a245b3c82cab89108b117a879e4"
x-amz-meta-sha256: 061840fb42ac4bf71ce18b139324b7d4a89ce7bc08cee4696649ea4b892fa8b7
x-amz-meta-s3b-last-modified: 20210215T122739Z
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 3737
tracker.ads.sportradar.com/dist/tracker.js
23.36.79.43200 OK 12 kB URL HTTP/2 tracker.ads.sportradar.com/dist/tracker.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (34755)
Hash b34b13d85152f71b7fd15289c78c0583
0bb20191b022bbd0e75f2bbce7f6332886079c2c
7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: EeWcXnw5b_WQBVyQkN3hrtHVebmMaThQpW2F37a44gAqhmPt6qbVZA==
vary: Accept-Encoding
content-encoding: gzip
content-length: 11553
date: Wed, 01 Feb 2023 12:52:42 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ed6286d916c2c34ccab0f11b62cd611a
7a25a94bf3a4f72a17a34a5f441593d7832c8028
cd5c7d4c5eb55c439e266e5aa89025a07781bb086d0336dfd44de9b9cf27f6ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5867
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Last-Modified: Wed, 01 Feb 2023 11:14:55 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f5502806bd8ec64b094a05582d92545
8872e48f430c616566c846dff0331374e4f6b60d
430f18e2a21665d0cb7b0b2eb33ab4721bebf47ac6a94d64b164a1c69d6a83a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5334
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Last-Modified: Wed, 01 Feb 2023 11:23:48 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f5502806bd8ec64b094a05582d92545
8872e48f430c616566c846dff0331374e4f6b60d
430f18e2a21665d0cb7b0b2eb33ab4721bebf47ac6a94d64b164a1c69d6a83a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6072
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Last-Modified: Wed, 01 Feb 2023 11:11:30 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f5502806bd8ec64b094a05582d92545
8872e48f430c616566c846dff0331374e4f6b60d
430f18e2a21665d0cb7b0b2eb33ab4721bebf47ac6a94d64b164a1c69d6a83a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5334
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Last-Modified: Wed, 01 Feb 2023 11:23:48 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
37.157.2.238302 Found 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
IP 37.157.2.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving/cookie/match?party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 12:52:42 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Wed, 01 Mar 2023 12:52:42 GMT; domain=adform.net; path=/
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist//sp-2.14.0.js
23.36.79.43200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: rwLFuH76gyBuOOKfMU6fioIQYlVlN4USMSMuK47JehscNYA176w4qg==
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 01 Feb 2023 12:52:42 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=47c0df93-8ca7-4016-8fbe-be6b2eb6362b&u_sclid=a9f79147-2f85-4221-a6b9-ab3e8125efad
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=47c0df93-8ca7-4016-8fbe-be6b2eb6362b&u_sclid=a9f79147-2f85-4221-a6b9-ab3e8125efad
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=47c0df93-8ca7-4016-8fbe-be6b2eb6362b&u_sclid=a9f79147-2f85-4221-a6b9-ab3e8125efad HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:42 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 545
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:42 GMT
access-control-allow-origin: https://rizk.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBixUAIAQAwIm85xMyTpQpDN9d8iOibGDHC+ugQeR2qPJqiS1ydIbMlVXDePADeCbUljIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 5
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f5502806bd8ec64b094a05582d92545
8872e48f430c616566c846dff0331374e4f6b60d
430f18e2a21665d0cb7b0b2eb33ab4721bebf47ac6a94d64b164a1c69d6a83a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6072
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Last-Modified: Wed, 01 Feb 2023 11:11:30 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
region1.analytics.google.com/g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1u0&_p=1884422301&_gaz=1&cid=366933451.1675255984&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675255983&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dr=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_currency=&up.rizk_language=NO&up.rizk_user_id=logged-out
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1u0&_p=1884422301&_gaz=1&cid=366933451.1675255984&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675255983&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dr=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_currency=&up.rizk_language=NO&up.rizk_user_id=logged-out
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1u0&_p=1884422301&_gaz=1&cid=366933451.1675255984&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675255983&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dr=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_currency=&up.rizk_language=NO&up.rizk_user_id=logged-out HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rizk.com
date: Wed, 01 Feb 2023 12:52:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/up/pixie.js
23.38.200.189200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 23.38.200.189:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: "60b79de0-23b3"
X-Serial: 327
X-Check-Cacheable: YES
X-Akamai-Pragma-Client-IP: 23.36.79.13, 146.247.142.2
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 3340
Cache-Control: max-age=86402
Expires: Thu, 02 Feb 2023 12:52:44 GMT
Date: Wed, 01 Feb 2023 12:52:42 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 717cf52cfdc9e790ae36f7a4e1d19d16
03b71415f75565d67d059f1046fa363be72245e5
f76f4406c8796751e4b51ecff884ff3b3ea2bff4c60b6a8941d68b31951b4541
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5413
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Last-Modified: Wed, 01 Feb 2023 11:22:30 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 11:46:59 GMT
expires: Wed, 01 Feb 2023 13:46:59 GMT
cache-control: public, max-age=7200
age: 3943
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 33d53ccc60956302701b43e09efdec2a
b753ac33799aea04a575a3d2b3791bec1030271e
cb0e25830213486cfe452e7a47f2a3d772c1984bbcebb800c6bbc83f92fd738b
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "CB0E25830213486CFE452E7A47F2A3D772C1984BBCEBB800C6BBC83F92FD738B"
Last-Modified: Wed, 01 Feb 2023 06:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3140
Expires: Wed, 01 Feb 2023 13:45:02 GMT
Date: Wed, 01 Feb 2023 12:52:42 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 33d53ccc60956302701b43e09efdec2a
b753ac33799aea04a575a3d2b3791bec1030271e
cb0e25830213486cfe452e7a47f2a3d772c1984bbcebb800c6bbc83f92fd738b
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "CB0E25830213486CFE452E7A47F2A3D772C1984BBCEBB800C6BBC83F92FD738B"
Last-Modified: Wed, 01 Feb 2023 06:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3164
Expires: Wed, 01 Feb 2023 13:45:26 GMT
Date: Wed, 01 Feb 2023 12:52:42 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4c9a8ce96aa57d27a6bd55df00f08ac
180302ed4863fb5b22b45ab0cc7c770a12a8c63d
3707163ad693f536f95ed3331f045060ad51b12e95d55690d341a4a93e7f1d12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.bannerflow.net/scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.12.64200 OK 1.9 kB URL HTTP/2 c.bannerflow.net/scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.12.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 230d6ef771359b03ede6c4fd9d192276
5293bc34f6cdffd475c8ea4a9bf8c476fbdf9825
2799e90182b1903c4cb98011b8de36812b561ae4e8337257e680c72e16800068
GET /scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: c.bannerflow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:42 GMT
content-type: text/html
cache-control: public,max-age=3600
content-md5: ECKsFMGYt00AJi96pRIpJw==
last-modified: Mon, 28 Mar 2022 11:38:52 GMT
x-ms-request-id: 892675fa-901e-0070-5c0b-e554d1000000
x-ms-version: 2011-08-18
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2026
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ad364388d0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-0WVZ21C8XH&cid=366933451.1675255984>m=2oe1u0&aip=1
64.233.162.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-0WVZ21C8XH&cid=366933451.1675255984>m=2oe1u0&aip=1
IP 64.233.162.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0WVZ21C8XH&cid=366933451.1675255984>m=2oe1u0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rizk.com
date: Wed, 01 Feb 2023 12:52:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rizk.com/OneSignalSDKWorker.js
104.18.21.91304 Not Modified 0 B URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.21.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Wed+Feb+01+2023+12%3A53%3A03+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; _gcl_au=1.1.1226018951.1675255983; _ga_0WVZ21C8XH=GS1.1.1675255983.1.0.1675255983.60.0.0; _ga=GA1.1.366933451.1675255984; _pk_ref.1.dd63=%5B%22%22%2C%22%22%2C1675255984%2C%22http%3A%2F%2F4d4a6.xq.wy5532.com%2F%22%5D; _pk_id.1.dd63=eb7e0bfc5045e97b.1675255984.; _pk_ses.1.dd63=1; _scid=43f426d7-245c-4488-9353-f11df6a51250; _sp_srt_ses.1633=*; _sp_srt_id.1633=2c8da73c-d511-4c43-8d2d-cdfb9d7a42d6.1675255984.1.1675255984.1675255984.7acc2616-afea-4699-81c5-0cfa49e34b11
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Thu, 26 Jan 2023 12:38:29 GMT
If-None-Match: W/"63d27445-56"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 01 Feb 2023 12:52:42 GMT
last-modified: Thu, 26 Jan 2023 12:38:29 GMT
etag: "63d27445-56"
cf-cache-status: HIT
age: 4004
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3684e580b69-OSL
X-Firefox-Spdy: h2
a.sportradarserving.com/pixel?type=js&aid=1263&id=3422
35.157.254.54302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1263&id=3422
IP 35.157.254.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1263&id=3422 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 01 Feb 2023 12:52:42 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
Set-Cookie: zuuid=f9c21a01-3f2b-4325-8cf4-a62e7f434c3f; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
c=1675255962; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675255962; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
35.157.254.54302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 35.157.254.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 01 Feb 2023 12:52:42 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=8a82d9e8-03d9-444c-bfc0-98d524c5a360; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
c=1675255962; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675255962; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: DEUofVCiSkT/mUAi8xE6J+TpDm0o/U6PfGW14Rhig+RbZD/udiy3+adIxhoYKMxf5X8l2Y9E19BVgHIQg9l1cA==
content-length: 27843
x-fb-trip-id: 1679558926
date: Wed, 01 Feb 2023 12:52:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tr.snapchat.com/config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js
35.190.43.134200 OK 200 B URL HTTP/2 tr.snapchat.com/config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js
IP 35.190.43.134:0
Hash 41718e98600d4fc6d43910133eca7187
15a6bf1f7c7d9d5f4b7b60b8f55655597e6fe83b
9d761a4ade15946ac2cb4bc7b90229b12ab9953b8e989c36f306ccaecef81242
GET /config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:42 GMT
access-control-allow-origin: https://rizk.com
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e186dce1fd1ccf03fdcee7d14ffa216
03814faf439fe941ef696a02fca0e10ca8e6c0a1
6f0e98fcf2266d560f28288fb755123bd9ad00aa285413cdafb0a9ed09813b0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5818
Cache-Control: max-age=160774
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Etag: "63da1ae6-116"
Expires: Fri, 03 Feb 2023 09:32:16 GMT
Last-Modified: Wed, 01 Feb 2023 07:55:18 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 717cf52cfdc9e790ae36f7a4e1d19d16
03b71415f75565d67d059f1046fa363be72245e5
f76f4406c8796751e4b51ecff884ff3b3ea2bff4c60b6a8941d68b31951b4541
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6233
Cache-Control: max-age=144238
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Etag: "63d9d8af-1d7"
Expires: Fri, 03 Feb 2023 04:56:40 GMT
Last-Modified: Wed, 01 Feb 2023 03:12:47 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e186dce1fd1ccf03fdcee7d14ffa216
03814faf439fe941ef696a02fca0e10ca8e6c0a1
6f0e98fcf2266d560f28288fb755123bd9ad00aa285413cdafb0a9ed09813b0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3929
Cache-Control: max-age=158885
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Etag: "63da1ae6-116"
Expires: Fri, 03 Feb 2023 09:00:47 GMT
Last-Modified: Wed, 01 Feb 2023 07:55:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
35.157.254.54200 OK 1.5 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
IP 35.157.254.54:0
File type ASCII text, with very long lines (1527), with no line terminators
Hash 328dcaab66045d47e62de020c0eb3791
e8322a4b3bcca31f827560ee960399ca36ef3917
e025fb2d069df59b530b78e8a0a8afe370eeb3b79d34168e8fce8e5e1ada2c10
GET /ul_cb/pixel?type=js&aid=1263&id=3422 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Cookie: zuuid=8a82d9e8-03d9-444c-bfc0-98d524c5a360; c=1675255962; zuuid_lu=1675255962
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Wed, 01 Feb 2023 12:52:42 GMT
Set-Cookie: zuuid=8a82d9e8-03d9-444c-bfc0-98d524c5a360; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675255962; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1675255962; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,444585162; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,444513162; path=/; expires=Thu, 01-Feb-2024 12:52:42 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1527
Connection: keep-alive
s2.adform.net/banners/scripts/st/trackpoint-async.js
37.157.5.73200 OK 31 kB URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP 37.157.5.73:0
File type ASCII text, with very long lines (992)
Hash 54302fc5484a25aa5d6179e475edcc21
a1c1005e40a4c0375f9194c18b31c86e030ca781
729785e66ca8947ed909ec68bdd67c74bf90351809fe49f1b86255dc2ab19399
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 12:52:42 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
x-rgw-object-type: Normal
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-amz-request-id: tx000008ea21c9e2f837d84-006385e0d3-32940f80-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
54.230.111.85200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
IP 54.230.111.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 8665e233ef6caaf010ca89793f27b6f8
5c593fa5f33e55b3081308b43e6e801b56c047f7
435a3ca7c1c49cbfac193647d056e46217e5c3f9c65c354974ad7acdfb8925ac
GET /box-2722367854ce9702c28ea74c51e2a23f.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "8665e233ef6caaf010ca89793f27b6f8"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vwh5PSMhEcF8AAJetXjCTA-gzbccl3FerdSTCs1bgwT2OV7CPp8DeQ==
age: 161196
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4c9a8ce96aa57d27a6bd55df00f08ac
180302ed4863fb5b22b45ab0cc7c770a12a8c63d
3707163ad693f536f95ed3331f045060ad51b12e95d55690d341a4a93e7f1d12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 12:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.4b160a4831adaf5337e6.js
54.230.111.93200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.4b160a4831adaf5337e6.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 3315b6999637291711ab85ba678211fa
d1bba723aa49e6276dfdb0f1313a9bf0b64be153
b3bd4f702044ae91c9227ce2d5c8411d3fec3abb82c9c1b7a9b69d2011c520e5
GET /modules.4b160a4831adaf5337e6.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68316
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3315b6999637291711ab85ba678211fa"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PDo3d5mYDbSUmaKsICnNleXIwh-sgSY1g7q3sgc6iMGo0Eb7N9DKxg==
age: 161197
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
54.230.111.4200 OK 222 B URL HTTP/2 rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
IP 54.230.111.4:0
Hash 40537b1abe9505bb799edac2255a8470
3b26d888b1d5f92da2d20c58863690c5587fa9c7
7f99464c6925fc098677d29ef278b73b2c0160dea8cce855eac94ab703477e78
GET /rules-p-qX80KJDWUUAcD.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 222
last-modified: Thu, 13 Oct 2022 22:18:39 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Wed, 01 Feb 2023 12:27:23 GMT
cache-control: max-age=3600
etag: "40537b1abe9505bb799edac2255a8470"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CFitk0kWCE4V-nXC39Y-1FgPOKdPV5U6PkQGguoo_a3_cYKoOZBjCA==
age: 1521
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=833726011406&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.4.24200 OK 562 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=833726011406&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.4.24:0
File type ASCII text, with very long lines (417), with CRLF line terminators
Hash c0c8f543eb656e0d2f22d0a2d53d76f7
7c9d2da185ce731c368be38f16ff2210a63c3fe7
41d0277cffa6c0a7600d6bd48003b61b6d76c9b839e7cbf8d3b125b6179e40c7
GET /Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=833726011406&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 12:52:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 562
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 01-Mar-2023 12:52:43 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1675255984372&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&st=1675255984371&et=1675255984372&if=0
185.89.210.212200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1675255984372&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&st=1675255984371&et=1675255984372&if=0
IP 185.89.210.212:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1675255984372&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&st=1675255984371&et=1675255984372&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 01 Feb 2023 12:52:43 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel.quantserve.com/pixel;r=1560190747;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ref=http%3A%2F%2F4d4a6.xq.wy5532.com%2F;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-1139363903-1675255984482;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;d=rizk.com;dst=0;et=1675255984570;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=e37cccfc-d8b7-4da3-a873-98d6a85745ce
91.228.74.244200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1560190747;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ref=http%3A%2F%2F4d4a6.xq.wy5532.com%2F;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-1139363903-1675255984482;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;d=rizk.com;dst=0;et=1675255984570;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=e37cccfc-d8b7-4da3-a873-98d6a85745ce
IP 91.228.74.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1560190747;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ref=http%3A%2F%2F4d4a6.xq.wy5532.com%2F;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-1139363903-1675255984482;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;d=rizk.com;dst=0;et=1675255984570;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=e37cccfc-d8b7-4da3-a873-98d6a85745ce HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:43 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EI8BBgGYKAISAaSUqA2e6bRu; expires=Tue, 02-May-2023 12:52:43 GMT; path=/; domain=.quantserve.com
mc=63da609b-21e57-c942d-bfca8; expires=Sun, 03-Mar-2024 12:52:43 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=833726011406&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2447939905524627095
37.157.4.24200 OK 201 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=833726011406&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2447939905524627095
IP 37.157.4.24:0
File type ASCII text, with CRLF line terminators
Hash 58843f6e7478fcbc58ce3f06ebc8a766
38be284fc6f347414e9c4e62966c738f1303a06a
00d40fbf21940008fde10ef8f27648b7a840b379ea469d72008afa81501c74da
GET /Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=833726011406&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2447939905524627095 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 12:52:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 201
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&if=false&ts=1675255984683&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675255984683.1300041857&it=1675255984448&coo=false&tm=1&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&if=false&ts=1675255984683&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675255984683.1300041857&it=1675255984448&coo=false&tm=1&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2F4d4a6.xq.wy5532.com%2F&if=false&ts=1675255984683&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675255984683.1300041857&it=1675255984448&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 01 Feb 2023 12:52:43 GMT
X-Firefox-Spdy: h2
vc.hotjar.io/sessions/661774?s=0.25&r=0.1842148601674678
54.230.111.91204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/661774?s=0.25&r=0.1842148601674678
IP 54.230.111.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/661774?s=0.25&r=0.1842148601674678 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Wed, 01 Feb 2023 12:52:43 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IR2TcWoT1hP-6JYTT7jF5359y6AzkSI28Ek9NUcJ6x7yOjRdklcNLQ==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7a37d5f14346f4c2d32067a67ed9cbf2
9364052ccda00fe675fe8cc3f2f244161f2a2f69
c0f55cbfc7ce76856115b4557edefe0c45f2b2979ed89b39fd92d185fddb8682
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 12:52:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 13:56:49 GMT
Expires: Tue, 07 Feb 2023 13:56:48 GMT
Etag: "9364052ccda00fe675fe8cc3f2f244161f2a2f69"
Cache-Control: max-age=521644,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792ad36b0960b4ed-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash d7261470ca9140952f4647686b7c2e51
14e619e15465ddf3777f5a8680b0c63c7a683e9e
a83d661d66e5565e877cee031de6252bf94f58680e96905a0d122577ab6ab67d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 12:52:43 GMT
Last-Modified: Wed, 01 Feb 2023 11:08:32 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UM5msF2Dx_M-jlWNo_lR8kWpg0W1ePrpkzxaUWtJojkaa8W2H1DFhA==
Age: 6251
x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8a82d9e8-03d9-444c-bfc0-98d524c5a360
3.120.17.109302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8a82d9e8-03d9-444c-bfc0-98d524c5a360
IP 3.120.17.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_group=1&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8a82d9e8-03d9-444c-bfc0-98d524c5a360 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 12:52:43 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8a82d9e8-03d9-444c-bfc0-98d524c5a360
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=3d7798ce-b005-4d29-8efe-8f57b9697a85; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=f709730f-0234-41fd-96f5-14915bec089f
3.120.17.109302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=f709730f-0234-41fd-96f5-14915bec089f
IP 3.120.17.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=f709730f-0234-41fd-96f5-14915bec089f HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 12:52:43 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=f709730f-0234-41fd-96f5-14915bec089f
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=901445a5-2c3f-41eb-9a04-5afdc5fdbe5c; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8a82d9e8-03d9-444c-bfc0-98d524c5a360
3.120.17.109200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8a82d9e8-03d9-444c-bfc0-98d524c5a360
IP 3.120.17.109:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_group=1&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8a82d9e8-03d9-444c-bfc0-98d524c5a360 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:43 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=f709730f-0234-41fd-96f5-14915bec089f
3.120.17.109302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=f709730f-0234-41fd-96f5-14915bec089f
IP 3.120.17.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=f709730f-0234-41fd-96f5-14915bec089f HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Feb 2023 12:52:43 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7a37d5f14346f4c2d32067a67ed9cbf2
9364052ccda00fe675fe8cc3f2f244161f2a2f69
c0f55cbfc7ce76856115b4557edefe0c45f2b2979ed89b39fd92d185fddb8682
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 12:52:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 13:56:49 GMT
Expires: Tue, 07 Feb 2023 13:56:48 GMT
Etag: "9364052ccda00fe675fe8cc3f2f244161f2a2f69"
Cache-Control: max-age=521644,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792ad36b0c43b4e8-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7a37d5f14346f4c2d32067a67ed9cbf2
9364052ccda00fe675fe8cc3f2f244161f2a2f69
c0f55cbfc7ce76856115b4557edefe0c45f2b2979ed89b39fd92d185fddb8682
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 12:52:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 13:56:49 GMT
Expires: Tue, 07 Feb 2023 13:56:48 GMT
Etag: "9364052ccda00fe675fe8cc3f2f244161f2a2f69"
Cache-Control: max-age=521644,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792ad36b0a7f0b06-OSL
x.bidswitch.net/syncd?dsp_id=409&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
3.120.17.109302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 3.120.17.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 12:52:43 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=33435ea9-bdae-4031-b9e8-8dd87c065430; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=c1fcfcb9-2801-4474-93fa-95ad98ea9680
3.120.17.109302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=c1fcfcb9-2801-4474-93fa-95ad98ea9680
IP 3.120.17.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=c1fcfcb9-2801-4474-93fa-95ad98ea9680 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 12:52:43 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=c1fcfcb9-2801-4474-93fa-95ad98ea9680
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=388ae878-78b3-426f-bbc4-091b2b91f272; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675255963; path=/; expires=Thu, 01-Feb-2024 12:52:43 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7a37d5f14346f4c2d32067a67ed9cbf2
9364052ccda00fe675fe8cc3f2f244161f2a2f69
c0f55cbfc7ce76856115b4557edefe0c45f2b2979ed89b39fd92d185fddb8682
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 12:52:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 13:56:49 GMT
Expires: Tue, 07 Feb 2023 13:56:48 GMT
Etag: "9364052ccda00fe675fe8cc3f2f244161f2a2f69"
Cache-Control: max-age=521644,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792ad36b0b13b517-OSL
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
3.120.17.109200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 3.120.17.109:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:43 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=c1fcfcb9-2801-4474-93fa-95ad98ea9680
3.120.17.109302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=c1fcfcb9-2801-4474-93fa-95ad98ea9680
IP 3.120.17.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=c1fcfcb9-2801-4474-93fa-95ad98ea9680 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Feb 2023 12:52:43 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.244200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.244:0
File type ASCII text, with very long lines (26102)
Hash 8499f27663f9759e8bdfcf721cdb1385
cce839c37e190e9c05b0e17216d91b80a889a7b8
3afcdc3d5510b0b50774c81fbdf2598888ad4926810f59f8a63972a1b50b90d7
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:42 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "j4o3/UzQJzEULY/aoGayAw=="
expires: Wed, 08 Feb 2023 12:52:42 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=87623cc0-8de9-4e77-a8ef-09829e2e0529
3.120.17.109302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=87623cc0-8de9-4e77-a8ef-09829e2e0529
IP 3.120.17.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&cb=87623cc0-8de9-4e77-a8ef-09829e2e0529 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Feb 2023 12:52:43 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 8161f942fc3183f8f28f2d5fbf5afe8e
ab65c743e7ac41551a9806c923d50633ec372838
011b33fcf2e834527ce0cdfa25851cb6e0ee9c3c487af7c1fc0b8757cebe6cb0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 12:52:43 GMT
Last-Modified: Wed, 01 Feb 2023 12:22:22 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7u_GTKuji2jx_CsqbxIREN-NfR7_FoVhTUTGEs4FzNbBWqOVWV0wNQ==
Age: 1821
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
52.29.44.9204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 52.29.44.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 01 Feb 2023 12:52:43 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
52.29.44.9204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 52.29.44.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 01 Feb 2023 12:52:43 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
52.29.44.9204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 52.29.44.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8a82d9e8-03d9-444c-bfc0-98d524c5a360&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 01 Feb 2023 12:52:43 GMT
X-Firefox-Spdy: h2
rizk.com/OneSignalSDKWorker.js
104.18.21.91304 Not Modified 0 B URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.21.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Wed+Feb+01+2023+12%3A53%3A03+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; _gcl_au=1.1.1226018951.1675255983; _ga_0WVZ21C8XH=GS1.1.1675255983.1.0.1675255983.60.0.0; _ga=GA1.1.366933451.1675255984; _pk_ref.1.dd63=%5B%22%22%2C%22%22%2C1675255984%2C%22http%3A%2F%2F4d4a6.xq.wy5532.com%2F%22%5D; _pk_id.1.dd63=eb7e0bfc5045e97b.1675255984.; _pk_ses.1.dd63=1; _scid=43f426d7-245c-4488-9353-f11df6a51250; _sp_srt_ses.1633=*; _sp_srt_id.1633=2c8da73c-d511-4c43-8d2d-cdfb9d7a42d6.1675255984.1.1675255984.1675255984.7acc2616-afea-4699-81c5-0cfa49e34b11; _gid=GA1.2.1721562373.1675255984; adformfrpid=2447939905524627095; _hjSessionUser_661774=eyJpZCI6IjBkNjFiNTE0LTI5ZDQtNTMwOS1iODZlLTdlMmQ1MDg3YjE4MCIsImNyZWF0ZWQiOjE2NzUyNTU5ODQ2NDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_661774=eyJpZCI6ImNiMzgxOTQ3LWQ1ZWUtNGY5My1iM2UxLTk2NjYyOWY5NmY1MiIsImNyZWF0ZWQiOjE2NzUyNTU5ODQ2NjAsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; __qca=P0-1139363903-1675255984482; _fbp=fb.1.1675255984683.1300041857
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Thu, 26 Jan 2023 12:38:29 GMT
If-None-Match: W/"63d27445-56"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 01 Feb 2023 12:52:43 GMT
last-modified: Thu, 26 Jan 2023 12:38:29 GMT
etag: "63d27445-56"
cf-cache-status: HIT
age: 4005
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad36edbf30b69-OSL
X-Firefox-Spdy: h2
unpkg.com/yett@0.2.3/dist/yett.min.modern.js
104.16.125.175200 OK 0 B URL HTTP/2 unpkg.com/yett@0.2.3/dist/yett.min.modern.js
IP 104.16.125.175:0
GET /yett@0.2.3/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"106a-F1kN/vqWtSduU82KJoxqMaLlX70"
via: 1.1 fly.io
fly-request-id: 01G53T04M04VGHTCMPW9JKYWMZ-fra
cf-cache-status: HIT
age: 20491874
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792ad354faceb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.27.85200 OK 0 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.27.85:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792ad35f5a51b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
rizk.com/assets/js/base.66506201.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/base.66506201.js
IP 104.18.21.91:0
GET /assets/js/base.66506201.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:40 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-7ba24"
cf-cache-status: HIT
age: 5969
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad356ede40b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
matomo.rizk-dev.com/matomo.js
104.18.15.144200 OK 0 B URL HTTP/2 matomo.rizk-dev.com/matomo.js
IP 104.18.15.144:0
GET /matomo.js HTTP/1.1
Host: matomo.rizk-dev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:42 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 08:56:29 GMT
etag: W/"6286063d-faed"
expires: Wed, 01 Feb 2023 16:52:42 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 3203
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-robots-tag: noindex
server: cloudflare
cf-ray: 792ad36349c50b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rizk.com/no/user/setOBtag
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/no/user/setOBtag
IP 104.18.21.91:0
POST /no/user/setOBtag HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no; OptanonConsent=isIABGlobal=false&datestamp=Wed+Feb+01+2023+12%3A53%3A03+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; _gcl_au=1.1.1226018951.1675255983
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:42 GMT
content-type: application/json
x-powered-by: PHP/7.1.33
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad36339b80b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/661774/visit-data?sv=7
34.241.37.119200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/661774/visit-data?sv=7
IP 34.241.37.119:0
POST /api/v2/client/sites/661774/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 129
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:43 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logo-odr.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/footer/footer-logo-odr.svg
IP 104.18.21.91:0
GET /assets/img/footer/footer-logo-odr.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675255959
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/svg+xml
last-modified: Thu, 15 Dec 2022 11:19:37 GMT
etag: W/"639b02c9-1c73"
expires: Sat, 18 Feb 2023 04:38:06 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 1159360
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35d5c320b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/OneSignalSDKWorker.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.21.91:0
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:29 GMT
etag: W/"63d27445-56"
cf-cache-status: HIT
age: 4003
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35f0def0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
IP 104.16.148.64:0
GET /scripttemplates/6.39.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: text/css
content-md5: B55i3ZY9miZIaUrwjufy0w==
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
x-ms-request-id: b3ac1c65-001e-0030-378a-b982cc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 36680
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792ad3606e6a0b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.173.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.173.188:0
GET /resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:42 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=3650
content-md5: 9U0JZZEfvIjj+rfzna0fNA==
etag: W/"0x8D7A4C7B64A6317"
last-modified: Wed, 29 Jan 2020 14:29:55 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 1b1234c4-701e-0091-595e-a55502000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 249
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ad3634db1b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w7npulfjhmk5ckami27vdf2s
104.18.191.136301 Moved Permanently 0 B URL HTTP/2 record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w7npulfjhmk5ckami27vdf2s
IP 104.18.191.136:0
GET /_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w7npulfjhmk5ckami27vdf2s HTTP/1.1
Host: record.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4d4a6.xq.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: text/html; charset=utf-8
location: https://rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
cache-control: private, no-cache, must-revalidate, Cache-Control: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
set-cookie: VID1=KiwzQFAsI0RXLDMkWCxQYGAKYAo%3D; expires=Thu, 01-Feb-2024 12:52:39 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; expires=Thu, 01-Feb-2024 12:52:39 GMT; Max-Age=31536000; path=/; domain=.rizk.com; secure; HttpOnly; SameSite=None
PartnerId=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; expires=Fri, 03-Mar-2023 12:52:39 GMT; Max-Age=2592000; path=/; SameSite=Lax
marketingproduct=Casino; expires=Fri, 03-Mar-2023 12:52:39 GMT; Max-Age=2592000; path=/; domain=.rizk.com; SameSite=Lax
vary: Accept-Encoding
server: cloudflare
cf-ray: 792ad3503e9cb50b-OSL
X-Firefox-Spdy: h2
rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.18.21.91:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:40 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 14:59:41 GMT
etag: W/"63d7db5d-4d7"
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad356ede00b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 03 Feb 2023 12:52:40 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
rizk.com/assets/js/scripts.a59bec0c.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/scripts.a59bec0c.js
IP 104.18.21.91:0
GET /assets/js/scripts.a59bec0c.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:40 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-654b4"
cf-cache-status: HIT
age: 5892
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad356ede50b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:42 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 233
expires: Sat, 04 Feb 2023 12:52:42 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 792ad3689a2db500-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-661774.js?sv=7
54.230.111.8200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-661774.js?sv=7
IP 54.230.111.8:0
GET /c/hotjar-661774.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 12:52:08 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/c343440da722d5be201bf3978a42f560
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8R6-5hGgu00oacf6-p-UdxIDzU4sebvgjBVC54_QdDStqfScXPwF_w==
age: 34
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDKWorker.js?v=151514
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDKWorker.js?v=151514
IP 104.18.226.52:0
GET /sdks/OneSignalSDKWorker.js?v=151514 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:43 GMT
content-type: application/javascript
etag: W/"2c6db169c2c60079c09fc4c994322b13"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 61
expires: Sat, 04 Feb 2023 12:52:42 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 792ad368aa5cb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
IP 104.16.148.64:0
GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/svg+xml
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Mon, 30 Jan 2023 20:36:11 GMT
x-ms-request-id: 3bf5664d-701e-0052-44ff-34c514000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 53042
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792ad360ec37b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
IP 104.18.21.91:0
GET /no/casino/kampanjer/casino/welcome-bonus/18644 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4d4a6.xq.wy5532.com/
Connection: keep-alive
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3531aa20b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/MGA.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/footer/MGA.svg
IP 104.18.21.91:0
GET /assets/img/footer/MGA.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675255959
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Jan 2023 10:35:49 GMT
etag: W/"63b6a805-49ef"
expires: Mon, 13 Mar 2023 05:08:21 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 1152239
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35d7c500b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-footer.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/rizk-logo-footer.svg
IP 104.18.21.91:0
GET /assets/img/rizk-logo-footer.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:40 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Oct 2022 08:50:04 GMT
etag: W/"633e96bc-789"
expires: Tue, 06 Dec 2022 01:38:03 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 5144774
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad356ddd00b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg
104.18.21.91200 OK 0 B URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg
IP 104.18.21.91:0
GET /no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:39 GMT
content-type: image/webp
content-length: 241870
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=412787
content-disposition: inline; filename="rizk_zero2hero.webp"
etag: "57ad98e4-64c73"
expires: Mon, 13 Mar 2023 13:06:44 GMT
last-modified: Fri, 12 Aug 2016 09:37:40 GMT
vary: Accept
cf-cache-status: HIT
age: 1452296
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad3548bbc0b69-OSL
X-Firefox-Spdy: h2
rizk.com/assets/js/runtime.ab229b8c.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/runtime.ab229b8c.js
IP 104.18.21.91:0
GET /assets/js/runtime.ab229b8c.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:40 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 12:38:46 GMT
etag: W/"63d27456-8fc"
cf-cache-status: HIT
age: 950
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad356ede20b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/no/translations/selection
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/no/translations/selection
IP 104.18.21.91:0
POST /no/translations/selection HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 3581
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=pe884jiru88kb1kk1gmuc15vnc; btag=a_10689784b_c_7fcR_8GKFNXfRuN1erex6mNd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; Referer=http%3A%2F%2F4d4a6.xq.wy5532.com%2F; RizkLocale=no
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:52:41 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 792ad35d7c520b69-OSL
content-encoding: br
X-Firefox-Spdy: h2