ron.trffclb.com/f.php
51.83.143.92302 Found 0 B IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /f.php HTTP/1.1
Host: ron.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 26 Jan 2023 10:49:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round:
Raund:
Location: https://go.redanemone.xyz/redirect?feed=465513&url=&subid=888fb&query=888fb
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11130
Expires: Thu, 26 Jan 2023 13:55:14 GMT
Date: Thu, 26 Jan 2023 10:49:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7255
Expires: Thu, 26 Jan 2023 12:50:39 GMT
Date: Thu, 26 Jan 2023 10:49:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 10:42:53 GMT
content-type: application/json
age: 411
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8691
Expires: Thu, 26 Jan 2023 13:14:35 GMT
Date: Thu, 26 Jan 2023 10:49:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: L5MxEh1oqcAwTgZDYFoSxw4NwAvytdvbX+7qpt8yoi9uxYhZpD4hRknao0X+7KDlRc/X1rDjWSOGNCtV7oVVIw==
x-amz-request-id: AYNJT2JZ4S6CHD59
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 10:48:56 GMT
age: 48
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 10:49:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c64ba088bc8e8310417ae02eddd4efb5
142cdac9aad991ee1ca4d4aa0819984aa61408cf
e9bc94116c5f5ff4360030665690081e56c90edf49dfb1d66ebeee44d8fecc54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9BC94116C5F5FF4360030665690081E56C90EDF49DFB1D66EBEEE44D8FECC54"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18844
Expires: Thu, 26 Jan 2023 16:03:49 GMT
Date: Thu, 26 Jan 2023 10:49:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 10:49:01 GMT
age: 44
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20436
Expires: Thu, 26 Jan 2023 16:30:21 GMT
Date: Thu, 26 Jan 2023 10:49:45 GMT
Connection: keep-alive
go.redanemone.xyz/redirect?feed=465513&url=&subid=888fb&query=888fb
198.134.116.30302 Found 0 B URL HTTP/1.1 go.redanemone.xyz/redirect?feed=465513&url=&subid=888fb&query=888fb
IP 198.134.116.30:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=465513&url=&subid=888fb&query=888fb HTTP/1.1
Host: go.redanemone.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 26 Jan 2023 10:49:45 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://feed.us.adrunnr.com/12/?id=256a0240-9d67-11ed-9943-df80d631519d
Pragma: no-cache
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8hAL6T+gtVeNLIWlXX62DQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0f2I96c0L9BBPNYWuiZ9tB+h6QA=
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 057160789e196357cedfb9bb624bb899
0dbe22ace4e91ad7b37a6f7f26aa923f79a499f1
36b8277ec38f23aece733dcb0a1323364fdbe5264533df60723046f11705cfad
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 10:49:45 GMT
Last-Modified: Thu, 26 Jan 2023 09:08:06 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: o5SdIlUl08wNMvFyM3RcZ8dBNGg0a05wkNTibSFqD36l9eDxxSJw3g==
Age: 6099
feed.us.adrunnr.com/12/?id=256a0240-9d67-11ed-9943-df80d631519d
44.209.25.171307 Temporary Redirect 0 B URL HTTP/2 feed.us.adrunnr.com/12/?id=256a0240-9d67-11ed-9943-df80d631519d
IP 44.209.25.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /12/?id=256a0240-9d67-11ed-9943-df80d631519d HTTP/1.1
Host: feed.us.adrunnr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Thu, 26 Jan 2023 10:49:45 GMT
content-length: 0
location: https://trk.suprclicks.com/82464d51-0c69-45bf-8f1f-a7e73c8a358d?pid=7077801d&cost=0.0007&browser=Firefox&carrier=&cid=2569db2f-9d67-11ed-9943-e13caca542ba
set-cookie: __sess=25cae746-9d67-11ed-9943-df80d631519d; Expires=Thu, 01 Jan 2099 00:00:00 GMT; Domain=adrunnr.com; Secure; SameSite=None
X-Firefox-Spdy: h2
trk.suprclicks.com/82464d51-0c69-45bf-8f1f-a7e73c8a358d?pid=7077801d&cost=0.0007&browser=Firefox&carrier=&cid=2569db2f-9d67-11ed-9943-e13caca542ba
18.158.88.249302 Found 0 B URL HTTP/2 trk.suprclicks.com/82464d51-0c69-45bf-8f1f-a7e73c8a358d?pid=7077801d&cost=0.0007&browser=Firefox&carrier=&cid=2569db2f-9d67-11ed-9943-e13caca542ba
IP 18.158.88.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /82464d51-0c69-45bf-8f1f-a7e73c8a358d?pid=7077801d&cost=0.0007&browser=Firefox&carrier=&cid=2569db2f-9d67-11ed-9943-e13caca542ba HTTP/1.1
Host: trk.suprclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Thu, 26 Jan 2023 10:49:46 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/1/?payload=wtoid57m8v8b726m2bf0sshq
pragma: no-cache
set-cookie: 82464d51-0c69-45bf-8f1f-a7e73c8a358d-v4=022Z8BWSvI39SF6atep_U3i0MAFUfprtfzyHuJ0cWgY; Max-Age=86400; Expires=Fri, 27-Jan-2023 10:49:46 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=ZXTauTRb7NniwRkA8Ov2ruLbmfjZaqcKeb5ikww9TUiMiaLDB3x4dVPLeBhK3A5knxl8GEOfS1ol%2FbWCv6DPNR1%2BHvm%2BxWeR24sjBhh9W23Cso3y5qrcakqphVe9Xf4vBOWZlldo2H8EPVUZa1S1sg%3D%3D; Max-Age=31536000; Expires=Fri, 26-Jan-2024 10:49:46 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c39891fbfa9a6a9dad79104660fca6d7
a4d258c807ba8a4b3746143f672207e86b78c394
99fd282cc210be47c0ab791b6e79a1ae814ab12ba1fc315261c3ffea19d8986f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:46 GMT
Etag: "63d0988d-116"
Server: ECS (amb/6B71)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2bfed8acc89c174adfe9971c197a4a2f
e688cd7d71e7a8f6c53419c09459a61235bfbdfa
fb7871b76422b6bcd4f5d319772cefb3dbcdc5b47247ba2382d361ff9554ca4b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2316
Cache-Control: max-age=86159
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:46 GMT
Etag: "63d0ff4d-117"
Expires: Fri, 27 Jan 2023 10:45:45 GMT
Last-Modified: Wed, 25 Jan 2023 10:07:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9889
Expires: Thu, 26 Jan 2023 13:34:36 GMT
Date: Thu, 26 Jan 2023 10:49:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9889
Expires: Thu, 26 Jan 2023 13:34:36 GMT
Date: Thu, 26 Jan 2023 10:49:47 GMT
Connection: keep-alive
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
104.18.20.91200 OK 3.2 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d40515720b33d1eb7e5bae188a21575
d1503716353b57bb6d1e1ed256021b76e120b439
a33e4475fd94d712ffe38ffc48833281324421808415b90f004ae138a85745b4
GET /no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 3190
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=10475
content-disposition: inline; filename="insider_power_bar.webp"
etag: "568c79c7-28eb"
expires: Mon, 27 Feb 2023 05:37:30 GMT
last-modified: Wed, 06 Jan 2016 02:19:51 GMT
vary: Accept
cf-cache-status: HIT
age: 2135138
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff04b518-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfe699b31f96add9f1439af1ff1191eb
f77a833a69b69eef4a39e404c102f624e96b52c0
44312979ac13221e5c3328ad590f0f3dc7da00380c07c433382cd81c47b717f8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: e7d931f7-d086-42b9-a1f3-c8253b82eba6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSY_OHw7IAMFj6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d52e-4fd95c5f5a64861720a1ee60;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2yzeIjHl8sUO9s5n2sZfN6DSWOVDVQl-xdSrNmHu-yWXj_7VJJk5qA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:39:30 GMT
age: 11417
etag: "f77a833a69b69eef4a39e404c102f624e96b52c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.149.64200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.149.64:0
File type ASCII text, with very long lines (21747)
Hash 4292e44eba0796aac4d0b7aab80daec2
8131fd92ed85c9e8378d78e2b668cd7163fdf875
0deff459ca0049e97fc03f4a80660ef7e69185057ffdcd1a462cd3bcaffb6e5b
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: QpLkTroHlqrE0LequA2uwg==
last-modified: Tue, 24 Jan 2023 16:31:17 GMT
etag: 0x8DAFE286B147C1C
x-ms-request-id: e250b3df-201e-0005-4851-302c99000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 58285
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f8af14fc4d0b41-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg
104.18.20.91200 OK 76 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e84e09b2755a7cb78cb96550af24897d
b684e3e4c1fce86f6e4a7f72780343d165cb4760
6ae096074523a6cb45488636c636733c10e35c0e0a27eca9b9d76155068e840b
GET /no/wp-content/uploads/sites/5/2016/01/rizk-casino-mobile.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 76412
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=164109
content-disposition: inline; filename="rizk-casino-mobile.webp"
etag: "568c79fd-2810d"
expires: Sat, 14 Jan 2023 20:04:05 GMT
last-modified: Wed, 06 Jan 2016 02:20:45 GMT
vary: Accept
cf-cache-status: HIT
age: 3345187
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff05b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg
104.18.20.91200 OK 242 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 242 kB (241870 bytes)
Hash 4fb86378cf3ab83690aff25e4bcd84d8
09118e6252fe712f6841888008e11f9533544cf2
b7650624b1e7314d79f112351a8180776b6b2375443901135f01e92f9a60383b
GET /no/wp-content/uploads/sites/5/2016/08/rizk_zero2hero.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 241870
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=412787
content-disposition: inline; filename="rizk_zero2hero.webp"
etag: "57ad98e4-64c73"
expires: Mon, 13 Mar 2023 13:06:44 GMT
last-modified: Fri, 12 Aug 2016 09:37:40 GMT
vary: Accept
cf-cache-status: HIT
age: 926524
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14fefeb518-OSL
X-Firefox-Spdy: h2
record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/1/?payload=wtoid57m8v8b726m2bf0sshq
104.18.189.136301 Moved Permanently 26 kB URL HTTP/2 record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/1/?payload=wtoid57m8v8b726m2bf0sshq
IP 104.18.189.136:0
Hash 849b41fe5025b73731740798a1ba1b34
3890bfbc2f9139817325fbc60e8004ee2b988c55
aaab171cb919c61b95d755eed82167b5532b9265b9e3954b338fae0abcaa8a50
GET /_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/1/?payload=wtoid57m8v8b726m2bf0sshq HTTP/1.1
Host: record.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Thu, 26 Jan 2023 10:49:46 GMT
content-type: text/html; charset=utf-8
location: https://rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
cache-control: private, no-cache, must-revalidate, Cache-Control: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
set-cookie: VID1=KiwzPFgsU0BXLTM0WCxgYGAKYAo%3D; expires=Fri, 26-Jan-2024 10:49:46 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; expires=Fri, 26-Jan-2024 10:49:46 GMT; Max-Age=31536000; path=/; domain=.rizk.com; secure; HttpOnly; SameSite=None
PartnerId=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; expires=Sat, 25-Feb-2023 10:49:46 GMT; Max-Age=2592000; path=/; SameSite=Lax
marketingproduct=Casino; expires=Sat, 25-Feb-2023 10:49:46 GMT; Max-Age=2592000; path=/; domain=.rizk.com; SameSite=Lax
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f8af10c8480b65-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
104.18.20.91200 OK 163 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 163 kB (163416 bytes)
Hash fd99cab71c6ba9ffe54779befae48d7c
1c84255a3770befc78081b4ed050a29061517bb8
c950567cfa088b0934dc2462b23334ba5be74a3c75a388b7d03c6262c831a6b7
GET /no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 163416
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=411655
content-disposition: inline; filename="rizk_captains_cashback_insider.webp"
etag: "578ddbe4-64807"
expires: Sun, 15 Jan 2023 17:19:41 GMT
last-modified: Tue, 19 Jul 2016 07:51:00 GMT
vary: Accept
cf-cache-status: HIT
age: 3859900
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff03b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
104.18.20.91200 OK 104 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 104 kB (104549 bytes)
Hash 034cc3ec5138ace96420bf5f92da763a
9a6a6cd46ed8c2855eced3a29bac948a96197d8c
4326a495eaf2973adf16b37976efe685ba6818c07f0e041b12a9ed2f81a7a687
GET /no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 104549
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=110109, status=webp_bigger
etag: "62b46fa1-1ae1d"
expires: Mon, 13 Feb 2023 21:05:53 GMT
last-modified: Thu, 23 Jun 2022 13:50:25 GMT
cf-cache-status: HIT
age: 3184929
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff06b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
104.18.20.91200 OK 117 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 117 kB (116891 bytes)
Hash 57d4e12acdf47787731bc06c9fd6112e
1cc607aba15378b7709324e209159b2057ae2066
530c063437bc59d01e044f2cbbd0ccf9e3ae47598818e1be7b8affa1cfa03577
GET /no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 116891
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=118194, status=webp_bigger
etag: "6318b35c-1cdb2"
expires: Mon, 20 Feb 2023 20:17:59 GMT
last-modified: Wed, 07 Sep 2022 15:06:04 GMT
cf-cache-status: HIT
age: 655177
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff0bb518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg
104.18.20.91200 OK 123 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 123 kB (123132 bytes)
Hash 341d6a23c5e812aeaf495248004ab7fc
4168e2e4296aa381667ff9c7dd811a63cb67cb6a
b381902f5d9b1b4fe648915947a9ac9432b06457926a35d27a1a1d733483621b
GET /no/wp-content/uploads/sites/5/2022/09/RZ-HR_26.08-Double-Speed-Wednesday_Promo-HR-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 123132
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128662, status=webp_bigger
etag: "63120677-1f696"
expires: Sun, 01 Jan 2023 22:48:55 GMT
last-modified: Fri, 02 Sep 2022 13:34:47 GMT
cf-cache-status: HIT
age: 2235454
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff0cb518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
104.18.20.91200 OK 105 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 105 kB (104910 bytes)
Hash 68ef88c9f828a10d55a04133fe5658f3
1aac5886a146873fb39bacf53f76fd55c448bcae
8493ade7db211441aa7cee1689b27b1e5c084ec1a22898ce0443229d186d60e3
GET /no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 104910
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=109099, status=webp_bigger
etag: "56a8a1f4-1aa2b"
expires: Mon, 13 Feb 2023 21:05:54 GMT
last-modified: Wed, 27 Jan 2016 10:54:44 GMT
cf-cache-status: HIT
age: 786174
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff0fb518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg
104.18.20.91200 OK 178 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 178 kB (178130 bytes)
Hash ea632bbffee05d4ab2c11c1bd0cf156c
1b9b16716f21ed62d448bb5fabdcfe6870510654
8df9b085cc67bb8a10e9de2a1c2cc2dcee36f2c6539a4b2a0b401de9160c7f04
GET /no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 178130
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=186454, status=webp_bigger
etag: "63cead1e-2d856"
expires: Sat, 25 Mar 2023 15:27:38 GMT
last-modified: Mon, 23 Jan 2023 15:51:58 GMT
cf-cache-status: HIT
age: 156129
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff07b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
104.18.20.91200 OK 200 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 200 kB (199509 bytes)
Hash b57e8271b267921cf7faa4db4d13c313
2f72cbdc71ad2376390a369a7459c2af19cdd3ab
1a2a86f45d3128fcc9b11912f20bf92ce49b2c502dfa996e2133120360678090
GET /no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 199509
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=209043, status=webp_bigger
etag: "5742ff10-33093"
expires: Mon, 13 Mar 2023 04:37:11 GMT
last-modified: Mon, 23 May 2016 13:01:04 GMT
cf-cache-status: HIT
age: 786174
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff02b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/RZ-CashDrop-Kalamba-Games-Promo-NO-1030x580.jpg
104.18.20.91200 OK 178 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/RZ-CashDrop-Kalamba-Games-Promo-NO-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 178 kB (178222 bytes)
Hash 6ae6be5cd2c1f0fb8080255588009745
aaf233663bd7100a662a519e96e451d426c9df24
1919fbf2d86d19b60bbf054dbfdaa281152643f6c1531ed3e582322a2aa8284a
GET /no/wp-content/uploads/sites/5/2023/01/RZ-CashDrop-Kalamba-Games-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 178222
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=185818, status=webp_bigger
etag: "63c95719-2d5da"
expires: Sat, 25 Mar 2023 15:27:39 GMT
last-modified: Thu, 19 Jan 2023 14:43:37 GMT
cf-cache-status: HIT
age: 156128
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff0ab518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg
104.18.20.91200 OK 150 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 150 kB (149799 bytes)
Hash 9ebb7e0f0f489d3d8a3745f8febb5b15
ea1c8f36a0edf023eb6d39817b7df092f9f54763
dd1b3a8795857591e492cd5510da49c929e3e0e3ae5168b391a00628867f7cff
GET /no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 149799
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=155887, status=webp_bigger
etag: "620227ed-260ef"
expires: Sat, 18 Feb 2023 20:35:22 GMT
last-modified: Tue, 08 Feb 2022 08:21:01 GMT
cf-cache-status: HIT
age: 786174
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff0db518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg
104.18.20.91200 OK 202 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 202 kB (201797 bytes)
Hash 6b236304b4d875c745e572e9fbda254e
c584e908e55b7caa2135ebf25022804e7d1ef0db
e9dbf688fabc7b3452affa6d60690e2ac75536299300fbf5cdd5944e55bf16cb
GET /no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 201797
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=211099, status=webp_bigger
etag: "63c80b0e-3389b"
expires: Fri, 24 Mar 2023 09:03:35 GMT
last-modified: Wed, 18 Jan 2023 15:06:54 GMT
cf-cache-status: HIT
age: 265572
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff08b518-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b242645f0cc22e3b12c132e6d03722ac
dec70f83182de58e03bfcb95fc240b7c33f20674
59a2d8c972d27598dfe38637197f90053186c4f68b80a5a90283cb11ddaf8a31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6609
x-amzn-requestid: 129067f4-c79b-493d-8863-2eb6c1565ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZABF4IIAMFsig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d533-4908ab6e5c751213084de3c6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hUp-Y119Uly8FlGe1Wr8b-_pNoyg_iV-KaNaC7Fo44iN_sDU3BnCbA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:35:29 GMT
age: 11658
etag: "dec70f83182de58e03bfcb95fc240b7c33f20674"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg
104.18.20.91200 OK 194 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 194 kB (194157 bytes)
Hash 1cca37417fe863df82c0319381e01e1f
f8b0a8aab239568c0db450be1d6d7b445529e436
694d7c5a7ba696111b5c0db984c9f9121b97c2a1a4f37520bcd6a597252dacd7
GET /no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 194157
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=203250, status=webp_bigger
etag: "6202912a-319f2"
expires: Thu, 16 Feb 2023 17:29:48 GMT
last-modified: Tue, 08 Feb 2022 15:50:02 GMT
cf-cache-status: HIT
age: 2221339
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14ff0eb518-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13cd008fb3e2739ec7caadadbd427655
c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1
a300a4fde1863c8b806d0557d9f0adaed19e1c612989d7e3f79a7bb45e6e74dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8822
x-amzn-requestid: e16ae781-25f3-4b7d-b62b-85b35d6571c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwF2KIAMFjDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-377f24bd18dea32564b148bd;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n2ULSpeRMRZ9CDjmrwd56ti_gPYh9ApC521naXURI2Bh1eiKwjyHZw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:51:26 GMT
age: 46701
etag: "c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
104.18.20.91200 OK 224 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 224 kB (223961 bytes)
Hash 06de96686a021bd5896038a67d8aa373
b6b2e5765cf5696bcd397e1b30fdc195011a40ba
684097549048af5e181aa8d430f60828a9dfb9067444dfa038a5555f1a1e991f
GET /no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 223961
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=233162, status=webp_bigger
etag: "5aeaee7e-38eca"
expires: Mon, 27 Feb 2023 05:37:28 GMT
last-modified: Thu, 03 May 2018 11:11:58 GMT
cf-cache-status: HIT
age: 786177
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af15cff3b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg
104.18.20.91200 OK 94 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b99510dc64dceb3317011b5a1dd14066
da97fa0b25758d0d5f35d762bb6e74665e4f4d50
0625ba3c4b37dbd008551eb7e6652a350735305fcf02f24ac2b57ec717f7a403
GET /no/wp-content/uploads/sites/5/2018/09/10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 93626
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=122140
content-disposition: inline; filename="10-09-2018-1000FS-Oktoberfest-Newsletter-ROW.webp"
etag: "5b962484-1dd1c"
expires: Mon, 13 Mar 2023 13:06:43 GMT
last-modified: Mon, 10 Sep 2018 08:00:04 GMT
vary: Accept
cf-cache-status: HIT
age: 1180836
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af15cff1b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg
104.18.20.91200 OK 130 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 130 kB (130425 bytes)
Hash 794572b9bff04e9c10cd69d8edbd3355
c9dbef9c4e0eabb549c756b63f711c866ba08995
230a06f7ebfa76f4c7b52f4ec0e3e42dacf8ae62362b632f4d88c4715f22f8cc
GET /no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 130425
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=138146, status=webp_bigger
etag: "5ce50804-21ba2"
expires: Sat, 18 Feb 2023 20:35:22 GMT
last-modified: Wed, 22 May 2019 08:27:48 GMT
cf-cache-status: HIT
age: 2221291
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af15cff9b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
104.18.20.91200 OK 125 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
IP 104.18.20.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 125 kB (125078 bytes)
Hash 72f2e83e609637b33061f935cea88b62
bc74db10f461af183eeae38ff48ebfb4ea4a0f87
09cad8ab2b9365e3412d2877a35b31167b68bf8a2f28ab33fd3218661cd581a6
GET /no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 125078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128279, status=webp_bigger
etag: "5f855e98-1f517"
expires: Mon, 27 Feb 2023 05:37:28 GMT
last-modified: Tue, 13 Oct 2020 08:00:24 GMT
cf-cache-status: HIT
age: 2221332
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af15cff4b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png
104.18.20.91200 OK 1.1 kB URL HTTP/2 insider.rizk.com/gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e97b23e842d4df6dfdd7fb049a87a26f
083cda549ea555b23a7b7aee461c0bc6a13070c0
d96df1d19452dbc92d39e276455f2f226b70daa7ca9ab52796be1247d677a689
GET /gb/wp-content/uploads/sites/6/2017/12/Rizk_avatar.png HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 1100
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5909
content-disposition: inline; filename="Rizk_avatar.webp"
etag: "5a37c146-1715"
expires: Mon, 13 Mar 2023 20:31:14 GMT
last-modified: Mon, 18 Dec 2017 13:23:18 GMT
vary: Accept
cf-cache-status: HIT
age: 655178
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af15d805b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
104.18.20.91200 OK 99 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Hash fc9c3d854084e790e9ceba940b916906
bbe5ab038437a76672dc65c87fcfd4d4a8f1033d
fe129e245e6ef9f8258b84ce83141faa532e5a2e81ed96065aaf7dbdfeee2db9
GET /no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 99225
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=103824, status=webp_bigger
etag: "56795660-19590"
expires: Mon, 02 Jan 2023 08:52:09 GMT
last-modified: Tue, 22 Dec 2015 13:55:44 GMT
cf-cache-status: HIT
age: 4613969
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af15cff0b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg
104.18.20.91200 OK 211 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1031x580, components 3\012- data
Size 211 kB (210675 bytes)
Hash 0275594aa0da61a963b34c14cba7cda2
90ba5e1fc41183812108f7cdee35057e7d8d73ff
9a3c6eaedf96f97bf55bec6950624f26e9e07d49158f24f3e221a400f60ac8db
GET /no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 210675
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=219775, status=webp_bigger
etag: "5ee086d3-35a7f"
expires: Mon, 13 Mar 2023 13:06:43 GMT
last-modified: Wed, 10 Jun 2020 07:08:03 GMT
cf-cache-status: HIT
age: 625329
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af15cff7b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg
104.18.20.91200 OK 236 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg
IP 104.18.20.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 236 kB (236534 bytes)
Hash fe1f908a1ea3ad74d7580a4bb10732cc
e563c2ad2593b1fd0ab914c6c06686efc9bd4a72
16e4a3f6178cbac41c7010999daf2c62184fa06a7c02605cdaa75ea6cbfd74f0
GET /no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/jpeg
content-length: 236534
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=247916, status=webp_bigger
etag: "59e9e8f9-3c86c"
expires: Mon, 27 Feb 2023 05:37:29 GMT
last-modified: Fri, 20 Oct 2017 12:15:53 GMT
cf-cache-status: HIT
age: 2221332
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af15d807b518-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg
104.18.20.91200 OK 279 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 279 kB (278858 bytes)
Hash e9e7535c065a438e4407b2d809511c54
c2c73ee585d77fa4e7e98072073c82e6a3a8199e
f5d32d6e179b67997a72382818a95893217a5d8414679cac7e57f5976c568691
GET /no/wp-content/uploads/sites/5/2017/05/Insider-and-Email-1080x450.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 278858
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=322951
content-disposition: inline; filename="Insider-and-Email-1080x450.webp"
etag: "59524281-4ed87"
expires: Mon, 30 Jan 2023 10:33:34 GMT
last-modified: Tue, 27 Jun 2017 11:33:21 GMT
vary: Accept
cf-cache-status: HIT
age: 3859901
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af160835b518-OSL
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32025)
Hash 38a76bd9db7bcd61655d35a37046ad1d
b8aef4bba84d71000810736dd76f643a872ee15c
d4e1d1ccb31338384004beeef249ac102cbd298136b26dfe158ecb7bf4f62937
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 26646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1499c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 575402
expires: Tue, 16 Jan 2024 10:49:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FwrxNGo3bugQnkLaBmxG00hRM70BGQsYEPx2e2Rjut2N3tJNwLtB3XDBpyP%2BiJAuPPsTnFrcn9RuqX27BS%2BHpPY5Ty%2FG1kuQe0t5DhYFKEKCv4lJYU3jzs98WxfXPcuTeaANcbh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78f8af167a83b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.typekit.net/jdw0csx.js
23.36.76.186200 OK 7.2 kB URL HTTP/2 use.typekit.net/jdw0csx.js
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (6501)
Hash 28429e05f83935c1fb93424ad783e8bb
36b7dd84e6948af59b101520baf8bf2838f6eb3c
6751313549b4090109dfebcaaf8c6512e50fb67c49bafb7542e7e5ebd752e75b
GET /jdw0csx.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 7248
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
rizk.com/assets/js/scripts.ca966fb8.js
104.18.20.91200 OK 118 kB URL HTTP/2 rizk.com/assets/js/scripts.ca966fb8.js
IP 104.18.20.91:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (64757), with no line terminators
Size 118 kB (118454 bytes)
Hash f59df004faca307a5f975a5d216523d3
997723b585003905b58071ff34eabffb1bc641de
48adc5b14cef938769d538c4e2ac9bd84ccc9950f1ebadbbcab165d4fcf2bfef
GET /assets/js/scripts.ca966fb8.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 18:14:52 GMT
etag: W/"63c9889c-63901"
cf-cache-status: HIT
age: 6638
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14fef1b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4a5b8e0e0477b932d19c52b5a23576e8
2f384849ab8357d8be978c21f365b3f28e3f85e4
77bae75a140bf3bbf5a2d1bc1dcc8ff93372b7c9a5c3f71133d0feaa83a304f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4520
Cache-Control: max-age=155320
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:47 GMT
Etag: "63d204db-117"
Expires: Sat, 28 Jan 2023 05:58:27 GMT
Last-Modified: Thu, 26 Jan 2023 04:43:07 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
use.typekit.net/af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 16 kB URL HTTP/2 use.typekit.net/af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16488, version 1.0\012- data
Hash 77ee853d54976f653eae7f9bf3756b81
14479919cb6c4795e9681b0116d9b45878e59a27
a3824d6f1e6f3aaa29342418aa60106500897804becaa0305d29e6328c4fe999
GET /af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16488
etag: "4d3b0c26b9e19a72e0c7ed499882c33f6eb1f980"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: sOQQtBZBGW4grpdJZkhuDA==, MvskAWoTx95/w9xlk4ja1w==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23908, version 1.0\012- data
Hash 081509e2766b8e53d3e9629517a5094c
81b9e67814e563e491f3b7ca83129910191d7429
e5212f6b941b7ec75f72829b00476a94f76ad97bd3cbd41000fafff883d93922
GET /af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23908
etag: "f071080bfe4e46008015da21150516f906ef2d5b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23872, version 1.0\012- data
Hash a27b9659dc0abd423cf8ef68b3b5f090
c6e53b9fa38a64f79de589330ada752e508e1d79
8856e4523739253fa932474ea1297a4bde5154aba949eb0bf526e33a416f80ef
GET /af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23872
etag: "3e9f0bc1bba61dac43bde99f04314859477ffd8d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 28236, version 1.0\012- data
Hash 4b65d6cda48fa321ba802818f81ba7e5
fe1c677b815b4cb9eeb861916acc1c7155aa5760
5ba8e72d5af3c0cc39c4e804d2ed9478399ff2af3697707c30bd929613c2c2b5
GET /af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 28236
etag: "0e16f9f570445a3af398ac3254132299060fa940"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 26936, version 1.0\012- data
Hash f12d00a94108d5711ea7d06f09e5c68d
ea0d3da174d13daa20a5a874dd9e2f505a407f9e
cc2543e733021a267b439eb74704905ef328ce55a7ca95aed93e7193b930fe01
GET /af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26936
etag: "fe7fdcb6d53c12b4d0552a6bc637b554f3517dd0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: 8gqwq4IzJl07NBWNV5EMWA==, dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.186200 OK 120 kB URL HTTP/2 use.typekit.net/af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 119904, version 1.0\012- data
Size 120 kB (119904 bytes)
Hash 28a88f4e70f45eb49c96d18da7f44869
3c707b6df2c0d8fdb324bb1883e1890a38644622
a998f1a4c9e921275caf71058390cf6cc33268c25c12ce3d9ccab137bb67f591
GET /af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 119904
etag: "9cf7b880c940e69005d99d254f5c957320db9920"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: MvskAWoTx95/w9xlk4ja1w==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 121 kB URL HTTP/2 use.typekit.net/af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 121276, version 1.0\012- data
Size 121 kB (121276 bytes)
Hash 93a15a2450f801f4a3fe29b883366d36
3b1b4a1e3b64de56da974d3b2d40c1072d33d746
980203ee1e65591546aa6e163eea6f6e0bffdf15a4a8c442ac5ea6b4bbdd1be5
GET /af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 121276
etag: "db81c212189c4bd156df357725724066ea88d6f4"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 141 kB URL HTTP/2 use.typekit.net/af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 140860, version 1.0\012- data
Size 141 kB (140860 bytes)
Hash 6bfaf65a2c550ba5bfe4af17a108b036
f580547cca47791a9bc16d97d3b1a6d9ba7ff1ee
d872a3dcfd2d278eee0ed07ce8ceecff0c5ee30cef33aa92a1224bda28888dec
GET /af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 140860
etag: "bf19a0104a0de96dfd0edb2276eadec4d02bf248"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 141 kB URL HTTP/2 use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 141220, version 1.0\012- data
Size 141 kB (141220 bytes)
Hash 9f122ab64b701b87597137ad1fa662b4
c4fee49ffd9edf8123742b60f0aa0a905f2e96b9
e1506e1413472be6886a35777303ede29d4a113f2dbc71af9806395e47de87e7
GET /af/5033af/0000000000000000000151d3/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 141220
etag: "9c467641a743d4e8fda4fd28f2eebdc227275260"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.18.20.91200 OK 28 kB URL HTTP/2 rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.18.20.91:0
Hash 1ac94c395128abf344d9cb2de10502ec
a0561d03cc15fda8bba31fee78dace33013276d5
fc75bc099f16831c2d54fa7c6d864f21f320660b4a2da6dc6fb517cd8efce4e1
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-4d7"
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14eee4b518-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 28 Jan 2023 10:49:47 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 25 kB URL HTTP/2 use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24944, version 1.0\012- data
Hash 4db1a622a8ec326f0b65e39dd2147c3c
6f554080b360e101d1c4c0872559a5770620eb99
125ac250cf3b6bf24697c353ee5db63ffd8eecef03ddf43ed1ade4450ae5d11e
GET /af/ef2129/00000000000000003b9b387c/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24944
etag: "b1fff3be18990092dac37cd165ff020dcdec4dcd"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
rizk.com/assets/images/04532da6-menu-icons-s.png
104.18.20.91200 OK 6.1 kB URL HTTP/2 rizk.com/assets/images/04532da6-menu-icons-s.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 42207df0d63f162c0e4628718aa606e1
f692963891ed031073bdcb796b9a7d8e67e454ea
d3ecbd89b841f3c0873ea22ffb3fc87b270ac5176cb2abc734874cf6441adba4
GET /assets/images/04532da6-menu-icons-s.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674730186
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 6130
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=11277
content-disposition: inline; filename="04532da6-menu-icons-s.webp"
etag: "637614c1-2c0d"
expires: Sat, 21 Jan 2023 21:30:52 GMT
last-modified: Thu, 17 Nov 2022 11:02:25 GMT
vary: Accept
cf-cache-status: HIT
age: 3935504
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af183b56b518-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24416, version 1.0\012- data
Hash 942518d5490873c5b04873d49668920d
567714dda462382b7f8744a2ef5fed11e095ff8d
1e7e73097a1cb1eb21133807422bbecd3f09a91d8f3fc4e6dbe9a654496b64ea
GET /af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24416
etag: "362038376e4edfd49eadab55e78eb8c8fad75576"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27328, version 1.0\012- data
Hash fe70ae94ddc6f65b13db6a45e89352ae
8d413902aaba44dd5ce275bd78ad959e8de5ece1
007a6041b879f4840186d37bf62cb24354dc0257b1ce663d315c8778e9746fc4
GET /af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27328
etag: "1f5ee00caffae153bc4e97ee7fc744982328dae1"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 16 kB URL HTTP/2 use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16028, version 1.0\012- data
Hash 0dd4d271ed7ee5c0273e79583ddf8d3e
796801d9390b8253bc98890f8ed5430f58967874
dda79dbffad3c2454d4b8f1560f357ecd9879ec9400a8d732cd6943b28572d66
GET /af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16028
etag: "09f0318a3a474a88e125155447b116ce923c5e58"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26656, version 1.0\012- data
Hash 843379cf54b236ae4934db29570421f7
1ecfe53a9b021d8cfbdedd77b995a7f6f13f32b6
46f2ac0d9703243c85b6ad1b9f8ce05ce5a2a9d7adaf550fbfa061ecbf093e53
GET /af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26656
etag: "de5daa0372d6be1d2b0ba0e28b1c2c00515f2fce"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/locale-flags-small.png
104.18.20.91200 OK 6.9 kB URL HTTP/2 rizk.com/assets/img/flags/locale-flags-small.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cbf69efd1161ae68af7c62a9ed5aedda
e52470c459f19223c367a6b8f0139b6869babb97
027c3e30e700f7cadb699b50f16e55638f0c5b8e80a6bcd47b4f44924d808868
GET /assets/img/flags/locale-flags-small.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674730186
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 6942
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=16785
content-disposition: inline; filename="locale-flags-small.webp"
etag: "6388832c-4191"
expires: Tue, 31 Jan 2023 05:59:27 GMT
last-modified: Thu, 01 Dec 2022 10:34:20 GMT
vary: Accept
cf-cache-status: HIT
age: 4299267
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af185b71b518-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/flag-is.png
104.18.20.91200 OK 142 B URL HTTP/2 rizk.com/assets/img/flags/flag-is.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6d73273e182c35e4f0afd10e5409b46e
0d5a7ec0c80536576e3cfb14092dc96804771aef
d972ebf138951eb06a75652b04a37d1e00e588a620b215af0073ee258b360f8b
GET /assets/img/flags/flag-is.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674730186
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 142
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=776
content-disposition: inline; filename="flag-is.webp"
etag: "63b6a805-308"
expires: Tue, 07 Mar 2023 21:06:33 GMT
last-modified: Thu, 05 Jan 2023 10:35:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1363202
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af185b74b518-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27716, version 1.0\012- data
Hash aae09c973c0e8c1a2ece8d4922e4c72b
d35720d96434aeb1ce0be89a1e817bdd94774a09
07919fde0a59ac04f7fafd0e4a2c510822688affe0e011c996aff25025c7bc7f
GET /af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27716
etag: "8c57889473eaf8566c3bde8fd1b284dadb35fe4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos-colors7.png
104.18.20.91200 OK 58 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos-colors7.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5681c89b9d958a1c9d6655c141f555ca
84398bb376e9d50f2dcefde44a6f1b493e457b47
6e28b9308b97cb617380f1971b2d27c27521f3d7955a9fb02ba1a5cf2fb24f44
GET /assets/img/footer/footer-logos-colors7.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674730186
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 57774
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=71763
content-disposition: inline; filename="footer-logos-colors7.webp"
etag: "637f4f06-11853"
expires: Tue, 24 Jan 2023 09:51:52 GMT
last-modified: Thu, 24 Nov 2022 11:01:26 GMT
vary: Accept
cf-cache-status: HIT
age: 4811537
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af185b7eb518-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27684, version 1.0\012- data
Hash 962b0ccdf6555a8b81741bb83f696949
deed4a3bd9835c6fa5fdf47f511874a5f4116b9d
9cfaeffef650a761e27f14dec12810366a0bd679027c13015f95dccf9611e463
GET /af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27684
etag: "e2094b44e42b94d755331c3ee7b8c732b4c5882e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/Hjelpelinjen.png
104.18.20.91200 OK 26 kB URL HTTP/2 rizk.com/assets/img/footer/Hjelpelinjen.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2600acad4fa18b407caa42d12eceef0f
809b9de6ef5c469787ca4a199f737ec0e8d73db5
b5e78ae78e39f47d3acae58ce941aa17ec4620957654948039793460256d03f2
GET /assets/img/footer/Hjelpelinjen.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674730186
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 25908
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=61976
content-disposition: inline; filename="Hjelpelinjen.webp"
etag: "637f4f06-f218"
expires: Mon, 30 Jan 2023 04:43:57 GMT
last-modified: Thu, 24 Nov 2022 11:01:26 GMT
vary: Accept
cf-cache-status: HIT
age: 4811537
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af185b7fb518-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26668, version 1.0\012- data
Hash f3c582e5ca61298fe63dd09a8c9323f0
8561b44c4a4bc035cbf0c533d9bcfb83edc5a8b5
abb1e2fb045dd6b00673ffa1bc1a51b754e05691c69aa54d9b712b3ccbb7fc96
GET /af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26668
etag: "116e12f7283140ad38d72901d816fba7ce41690e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: PuT1oxgzAM/a8Zag57qtsg==, dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.182, 10.36.76.182
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/ecogra.png
104.18.20.91200 OK 28 kB URL HTTP/2 rizk.com/assets/img/footer/ecogra.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 30ffda9881d8c1c2ccb46ff7b2ea50af
e19a29ba3abddb9beff5b09ef264ca81e9b41290
a972cf53714ef5e43e6bda7b67348f3680f9d3810841ac63a061a91ae2430b8d
GET /assets/img/footer/ecogra.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674730186
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 27890
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=80752
content-disposition: inline; filename="ecogra.webp"
etag: "63bfd1ff-13b70"
expires: Mon, 13 Mar 2023 17:26:51 GMT
last-modified: Thu, 12 Jan 2023 09:25:19 GMT
vary: Accept
cf-cache-status: HIT
age: 1185359
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af185b82b518-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos3.png
104.18.20.91200 OK 30 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos3.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 91f88b0da0473fbd507dcd1a759533af
36133c385d1c171958c5a5fc60ef1f5d12237e30
b75061abacce30de1bddabb464f7ca044dba230382cd1323f59079c8d0cdc260
GET /assets/img/footer/footer-logos3.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674730186
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 30078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=63052
content-disposition: inline; filename="footer-logos3.webp"
etag: "639b02c9-f64c"
expires: Mon, 13 Feb 2023 19:41:30 GMT
last-modified: Thu, 15 Dec 2022 11:19:37 GMT
vary: Accept
cf-cache-status: HIT
age: 3345478
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af186b86b518-OSL
X-Firefox-Spdy: h2
rizk.com/assets/fonts/rizk-icons-font.ttf
104.18.20.91200 OK 7.3 kB URL HTTP/2 rizk.com/assets/fonts/rizk-icons-font.ttf
IP 104.18.20.91:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash e430bba6922f67c139ea3cc3da148146
1403eafe8c68c8822be1253dda00fe96c368d628
0b0beeeb28012258a5016cb95f982a34d443ecd1fae612d579ea5a37d2f085ad
GET /assets/fonts/rizk-icons-font.ttf HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674730186
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: application/octet-stream
content-length: 7264
last-modified: Thu, 20 Oct 2022 08:06:56 GMT
etag: "635101a0-1c60"
expires: Tue, 20 Dec 2022 05:33:18 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 4624029
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af18abf0b518-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/favicon/android-icon-192x192.png
104.18.20.91200 OK 3.1 kB URL HTTP/2 rizk.com/assets/img/favicon/android-icon-192x192.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 314c2b722ec91013441562d73c4d8fb3
f7dbb17a8708cb7801ae1e4d449389ec10e7dc81
baced404c8a57e0d0d4f17d00a2850352b98e90a343681b1fea15f263385c82a
GET /assets/img/favicon/android-icon-192x192.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 3082
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=4135
content-disposition: inline; filename="android-icon-192x192.webp"
etag: "63c9889b-1027"
expires: Mon, 20 Mar 2023 22:54:10 GMT
last-modified: Thu, 19 Jan 2023 18:14:51 GMT
vary: Accept
cf-cache-status: HIT
age: 37999
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af191c69b518-OSL
X-Firefox-Spdy: h2
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js
54.230.245.216200 OK 27 kB URL HTTP/1.1 d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js
IP 54.230.245.216:0
File type ASCII text, with very long lines (32806)
Hash fa979f12aafaca9dfc3c01fdb35f2c8a
b2e14da49f38a08294f14376d61dc9b011727f6b
88f23962aff99d99d3d6603b7cc1e6bea1bc37b56c49f1db68f62b19a51f15f5
GET /integrations/web/v1/library/QPxy8SUPYerFUd7L/delighted.js HTTP/1.1
Host: d2yyd1h5u9mauk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 26 Jan 2023 10:49:05 GMT
Status: 200 OK
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-UA-Compatible: IE=Edge,chrome=1
Cache-Control: max-age=120, public
Content-Security-Policy: default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://*.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://*.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://*.quora.com https://*.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
X-Request-Id: 7f7c25daa04eb0fee37f6e0c21f34e9e
X-Runtime: 0.068234
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hOth9rvBfKd7MWakseEzUH7b01qiGprnlcTtxwb79h2Zj0C5JLVoMw==
Age: 42
rizk.com/assets/img/favicon/favicon-16x16.png
104.18.20.91200 OK 352 B URL HTTP/2 rizk.com/assets/img/favicon/favicon-16x16.png
IP 104.18.20.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 25a53aaffe9a3246411deb3361d57d32
1d5249c888910c27a6125c0d92dd60d2377738c0
9ca4b1fb97777d6c5b3fbe165f2734e3b38525d586828c526ad7bfa91bab2238
GET /assets/img/favicon/favicon-16x16.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 352
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=571
content-disposition: inline; filename="favicon-16x16.webp"
etag: "63bfd1ff-23b"
expires: Mon, 13 Mar 2023 19:48:39 GMT
last-modified: Thu, 12 Jan 2023 09:25:19 GMT
vary: Accept
cf-cache-status: HIT
age: 571021
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af193cbdb518-OSL
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1674730185682
23.36.76.186200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1674730185682
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1674730185682 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Thu, 26 Jan 2023 10:49:47 GMT
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
104.16.149.64200 OK 90 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
IP 104.16.149.64:0
File type ASCII text, with very long lines (65455)
Hash 669fc272b6662bb850d92e9cfedf53a7
e573ee887b0ca01445457cc338f510c559a092f4
e77f0bfe908a1ee2181992bad85721333d192528c2a00aac42077549f7d377ba
GET /scripttemplates/6.39.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: application/javascript
content-length: 90454
content-encoding: gzip
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
etag: 0x8DA87805EB35DE2
x-ms-request-id: 41a1e322-301e-0173-6402-efee70000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 51177
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f8af1a694c0b41-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json
104.16.149.64200 OK 18 kB URL HTTP/2 cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json
IP 104.16.149.64:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65222), with no line terminators
Hash 52edc17dd959eec04919e5f8f7366ebd
b0afc9516325109205e3b7a7656c990ac3ce23f7
f101a7d16badd7407e56c6ecdb70a97147abd8e652d9ec80164cb449f225f8d8
GET /consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: application/x-javascript
content-length: 17666
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: Uu3BfdlZ7sBJGeX49zZuvQ==
last-modified: Thu, 11 Aug 2022 10:56:24 GMT
etag: 0x8DA7B8822255DC0
x-ms-request-id: a06e6807-601e-0142-288a-adb5a7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 29873
expires: Fri, 27 Jan 2023 10:49:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f8af1aed44b505-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
104.16.149.64200 OK 14 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (51738)
Hash 3e961eb7fdc3f94310047addd52478f7
e653b0a0929096e9aaf34772f5839c6fc3f4da49
221064afa3bffb58aff4d7a036a9f5196c60ff0077e23453ca2aa7a1019be47a
GET /scripttemplates/6.39.0/assets/v2/otPcTab.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: application/json
content-length: 13981
content-encoding: gzip
content-md5: PpYet/3D+UMQBHrd1SR49w==
last-modified: Fri, 26 Aug 2022 16:30:58 GMT
etag: 0x8DA87805B3CBC97
x-ms-request-id: 8ef1e9a6-d01e-0150-2d8a-b981bb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 21350
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f8af1b5df1b505-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
104.16.149.64200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (11118)
Hash 5f1f3dee54d56068cc422c2e182af30c
307e86761b9ecbc0262af0358acfc0e0b95e7ea5
482ea2a9ca60ee6292211fcbfb5ea4b28ef501cd7be34899a43384c8f9a113e8
GET /scripttemplates/6.39.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: application/json
content-length: 3007
content-encoding: gzip
content-md5: Xx897lTVYGjMQiwuGCrzDA==
last-modified: Fri, 26 Aug 2022 16:30:55 GMT
etag: 0x8DA87805972EF22
x-ms-request-id: 77d93883-701e-0112-6b8a-b9aaaf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 30593
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f8af1b5df0b505-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/ef1e7412-c61f-4d80-8864-afd77df9fe19/3c8f4585-e221-4b13-9563-e2283f98b4ed/76734d0d-25b0-4d9e-906d-a2d45303e621/android-icon-192x192.png
104.16.149.64200 OK 4.1 kB URL HTTP/2 cdn.cookielaw.org/logos/ef1e7412-c61f-4d80-8864-afd77df9fe19/3c8f4585-e221-4b13-9563-e2283f98b4ed/76734d0d-25b0-4d9e-906d-a2d45303e621/android-icon-192x192.png
IP 104.16.149.64:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 1cfc5cde5e96f35a24f6db0a76981d91
ff1ac1cecf4b1572b174d753534b644b67d917b6
14430bc422f22b9eb5390f563691365fb38ac5878ebebea5e8bdd528ccac96a6
GET /logos/ef1e7412-c61f-4d80-8864-afd77df9fe19/3c8f4585-e221-4b13-9563-e2283f98b4ed/76734d0d-25b0-4d9e-906d-a2d45303e621/android-icon-192x192.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: image/png
content-length: 4135
content-md5: HPxc3l6W81ok9tsKdpgdkQ==
last-modified: Thu, 24 Mar 2022 10:25:14 GMT
etag: 0x8DA0D8095ED2DEE
x-ms-request-id: d61608bc-601e-010d-7b50-7b71bf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 28631
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f8af1bca570b41-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0bf8fccb276521254634abcdcb4b3f0d
a5b7ffa58daf7d1ea3e312b68533d4d0271348f4
991b03387ddbe0b07a9aee23ea7a98863fa85035cb26e631e0d22a1b999ee487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WVXWPTQ
142.250.74.168200 OK 101 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WVXWPTQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (38551)
Size 101 kB (100842 bytes)
Hash d9baa362b918c47e64ac698e83338465
91670a53756181a7e73a14e0bc2dfd62d78f944d
adfb9427bd6d4039224a0129affc4f3d0886c91f3fc3da2c28e060cf1de87da9
GET /gtm.js?id=GTM-WVXWPTQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 10:49:48 GMT
expires: Thu, 26 Jan 2023 10:49:48 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100842
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0bf8fccb276521254634abcdcb4b3f0d
a5b7ffa58daf7d1ea3e312b68533d4d0271348f4
991b03387ddbe0b07a9aee23ea7a98863fa85035cb26e631e0d22a1b999ee487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cebf907fe4fad2b3b25a3f855f69578f
1d71988330551653c285a942fec6c10f668a6912
991f5d2ac9c5fc319e145511fda31b72abba345dd11557a1453a5c4f081a00a1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6182
Cache-Control: max-age=101523
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:48 GMT
Etag: "63d12c39-116"
Expires: Fri, 27 Jan 2023 15:01:51 GMT
Last-Modified: Wed, 25 Jan 2023 13:18:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1b6b060c1d1187d872fa07828974effb
067eb5205dc6856d79af63b71032adb81246cec5
ab2ed38c03816ba893fe666ca719940194ebe6e758811ad7d42788f547c7737f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5989
Cache-Control: max-age=124709
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:48 GMT
Etag: "63d1878c-1d7"
Expires: Fri, 27 Jan 2023 21:28:17 GMT
Last-Modified: Wed, 25 Jan 2023 19:48:28 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
23.36.79.43200 OK 37 kB URL HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (62459)
Hash d2e8fadea66d50de6764cc8815911655
5219f9385a355cddd3cf5893794e2e3c554ead1c
621097f07e85bf9c2eb4b75eea6664762dfc8e3bc3a7f464aa5055295b7cb80d
GET /dist/tag-manager.js?id=STM-AAAAKR HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: fWICTiGWDoEEPOw=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37261
date: Thu, 26 Jan 2023 10:49:48 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (30923), with no line terminators
Hash 957d65dfa972893511879b4d2abce54b
a0106f59c171c72c527a88cc3b06263af186a5c4
24cae1a14856e2642826fe9d960b0e61ae60fa45a778ec61f2b7d862dc3af603
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Thu, 26 Jan 2023 10:49:48 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Fri, 27 Jan 2023 10:39:29 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0NFT7gYz2Bx46tvqaq7Qsa6V7bhew_F4C__R_aSFpREKOTw85qtZ9g==
X-Firefox-Spdy: h2
c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
37.157.3.20302 Found 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
IP 37.157.3.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving/cookie/match?party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 26 Jan 2023 10:49:48 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 26 Feb 2023 10:49:48 GMT; domain=adform.net; path=/
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 18b7cc753afd97307bf38db3072500c7
26c28a9473b0ef60d698659bfb3de9274eb53907
cfd2e66643c8ab28e380fdfa22df491d93ee77c9c1f03d231257f573754f6144
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CFD2E66643C8AB28E380FDFA22DF491D93EE77C9C1F03D231257F573754F6144"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2293
Expires: Thu, 26 Jan 2023 11:28:01 GMT
Date: Thu, 26 Jan 2023 10:49:48 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash bd2cb7fa13dbdbf4dfc86852188cc753
75b6e864efe73a7f117d84a88f62e9325735d128
b9943b2fd5eafae12739bcad64bb1a095414680f59a63f2e6b4a4a17461b33c0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101673
Date: Thu, 26 Jan 2023 10:49:48 GMT
Etag: "63d13351-1d7"
Expires: Fri, 27 Jan 2023 15:04:21 GMT
Last-Modified: Wed, 25 Jan 2023 13:49:05 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3OXr6PLdwDj0eqoiB1gF6iwMMTO9CpZa9OqGRTgi8GZP0vioYfMXDg==
Age: 4516
carma-scripts-cf.s3.amazonaws.com/roi.js
52.219.170.47200 OK 3.7 kB URL HTTP/1.1 carma-scripts-cf.s3.amazonaws.com/roi.js
IP 52.219.170.47:0
File type ASCII text, with CRLF line terminators
Hash 04cb6a245b3c82cab89108b117a879e4
7470d1ea561f19a331558ebc901eb3d214dfbea4
061840fb42ac4bf71ce18b139324b7d4a89ce7bc08cee4696649ea4b892fa8b7
GET /roi.js HTTP/1.1
Host: carma-scripts-cf.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Z81E/J8d/tmAE0kv5R7L3WQgzFTjAdm/AnJtGmnymx0XCgZyRADkIh1NlNnOcbBZLAmjsr6zsZU=
x-amz-request-id: Y2MAV2FBF5ZJ4Z0D
Date: Thu, 26 Jan 2023 10:49:49 GMT
Last-Modified: Mon, 15 Feb 2021 12:30:52 GMT
ETag: "04cb6a245b3c82cab89108b117a879e4"
x-amz-meta-sha256: 061840fb42ac4bf71ce18b139324b7d4a89ce7bc08cee4696649ea4b892fa8b7
x-amz-meta-s3b-last-modified: 20210215T122739Z
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 3737
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3295d3058141b2ed6e7eeaed9c42ecca
edd6774f3c676940d6acdebc428a3d8097c07f3e
e9342908ebad694375eefc306084a3af973b934526ffd363f46dd76718664ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6580
Cache-Control: max-age=164943
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:48 GMT
Etag: "63d22267-1d7"
Expires: Sat, 28 Jan 2023 08:38:51 GMT
Last-Modified: Thu, 26 Jan 2023 06:49:11 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3295d3058141b2ed6e7eeaed9c42ecca
edd6774f3c676940d6acdebc428a3d8097c07f3e
e9342908ebad694375eefc306084a3af973b934526ffd363f46dd76718664ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6580
Cache-Control: max-age=164943
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:48 GMT
Etag: "63d22267-1d7"
Expires: Sat, 28 Jan 2023 08:38:51 GMT
Last-Modified: Thu, 26 Jan 2023 06:49:11 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3295d3058141b2ed6e7eeaed9c42ecca
edd6774f3c676940d6acdebc428a3d8097c07f3e
e9342908ebad694375eefc306084a3af973b934526ffd363f46dd76718664ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3894
Cache-Control: max-age=162257
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:48 GMT
Etag: "63d22267-1d7"
Expires: Sat, 28 Jan 2023 07:54:05 GMT
Last-Modified: Thu, 26 Jan 2023 06:49:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
cdn.bannerflow.com/resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.170.188200 OK 13 kB URL HTTP/2 cdn.bannerflow.com/resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.170.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Hash 01887fa89c6d007d6b732ae68989a68d
0e9c4b6fd9873dfb409302891ffae14341328d0e
a89c5d85f0ec58809fcfc06afc0b5dcf5bb70604da4f3c54dc5831b852da6f1c
GET /resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: text/html
content-md5: qRcQewUQpBCpHWX0csvwPQ==
last-modified: Thu, 10 Sep 2020 09:09:07 GMT
x-ms-request-id: ff32aea2-d01e-005f-750f-2aa63e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 516
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f8af1e886bb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=03541bb7-6cc7-4fa2-be28-b03bb036524f&u_sclid=e26da627-322e-47c9-9f0b-55aaa84318cf
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=03541bb7-6cc7-4fa2-be28-b03bb036524f&u_sclid=e26da627-322e-47c9-9f0b-55aaa84318cf
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=03541bb7-6cc7-4fa2-be28-b03bb036524f&u_sclid=e26da627-322e-47c9-9f0b-55aaa84318cf HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 510
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
access-control-allow-origin: https://rizk.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIQB65cRTcguFtkeXPCsQdQqYKAvxSRK9zl2uXzUhs28qSOfwBbRCAWTIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 7
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist//sp-2.14.0.js
23.36.79.43200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: rwLFuH76gyBuOOKfMU6fioIQYlVlN4USMSMuK47JehscNYA176w4qg==
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 26 Jan 2023 10:49:48 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3295d3058141b2ed6e7eeaed9c42ecca
edd6774f3c676940d6acdebc428a3d8097c07f3e
e9342908ebad694375eefc306084a3af973b934526ffd363f46dd76718664ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6580
Cache-Control: max-age=164943
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:48 GMT
Etag: "63d22267-1d7"
Expires: Sat, 28 Jan 2023 08:38:51 GMT
Last-Modified: Thu, 26 Jan 2023 06:49:11 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 79a37f7f6738bc5c494ee4cafddeb902
3e628b2e257884de41bea326c29ac7461e271d1c
91aef1336480f5d943a78d9de2ffd76a65cbbbb18ffb1e61c1da717328841e4b
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "91AEF1336480F5D943A78D9DE2FFD76A65CBBBB18FFB1E61C1DA717328841E4B"
Last-Modified: Thu, 26 Jan 2023 06:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2441
Expires: Thu, 26 Jan 2023 11:30:30 GMT
Date: Thu, 26 Jan 2023 10:49:49 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 79a37f7f6738bc5c494ee4cafddeb902
3e628b2e257884de41bea326c29ac7461e271d1c
91aef1336480f5d943a78d9de2ffd76a65cbbbb18ffb1e61c1da717328841e4b
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "91AEF1336480F5D943A78D9DE2FFD76A65CBBBB18FFB1E61C1DA717328841E4B"
Last-Modified: Thu, 26 Jan 2023 06:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2443
Expires: Thu, 26 Jan 2023 11:30:32 GMT
Date: Thu, 26 Jan 2023 10:49:49 GMT
Connection: keep-alive
a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
18.184.12.110302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 18.184.12.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 26 Jan 2023 10:49:49 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=6ff1b168-4733-4ddb-82ef-9b29532f5132; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
c=1674730189; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1674730189; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
c.bannerflow.net/scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.13.64200 OK 1.4 kB URL HTTP/2 c.bannerflow.net/scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.13.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 73075848ecab5ffca3ceb50a48c8261f
707ad9380d20c2da39702643ae938527e05ac7b3
f13459ccea7e602528916e81becb9f8f89c2bce01c544b20ba30ba2763f074ce
GET /scripts/targeting/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: c.bannerflow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: text/html
cache-control: public,max-age=3600
content-md5: ECKsFMGYt00AJi96pRIpJw==
last-modified: Mon, 28 Mar 2022 11:38:52 GMT
x-ms-request-id: 892675fa-901e-0070-5c0b-e554d1000000
x-ms-version: 2011-08-18
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 3511
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f8af1ede79b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8127133a6d1c10ce4e3cbf6028b3e555
ce62fc282eee1a28e8bff5bd677cb0a63edea598
a411d44ecbe5c57bc81fca6c3c80a8de98cf82594bdb84dbef6e541e4df8d347
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5021
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:49 GMT
Last-Modified: Thu, 26 Jan 2023 09:26:08 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
18.184.12.110302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 18.184.12.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Cookie: zuuid=81e3bed3-7050-4140-9110-1e81092fd924; c=1674730189; zuuid_lu=1674730189
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 26 Jan 2023 10:49:49 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=81e3bed3-7050-4140-9110-1e81092fd924&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D81e3bed3-7050-4140-9110-1e81092fd924
Set-Cookie: zuuid=81e3bed3-7050-4140-9110-1e81092fd924; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1674730189; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1674730189; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
18.184.12.110200 OK 1.5 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
IP 18.184.12.110:0
File type ASCII text, with very long lines (1527), with no line terminators
Hash 808ad6b22ce60bccdcd7df77ef924f2e
a0130248b9e1c45fc30812ff2de4da8fd654e4d1
a071c135ccb51dc37ef84ce43fb91bf4d3914955340f08d472ece941b625f299
GET /ul_cb/pixel?type=js&aid=1263&id=3422 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Cookie: zuuid=81e3bed3-7050-4140-9110-1e81092fd924; c=1674730189; zuuid_lu=1674730189
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Thu, 26 Jan 2023 10:49:49 GMT
Set-Cookie: zuuid=81e3bed3-7050-4140-9110-1e81092fd924; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1674730189; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1674730189; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,444059389; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,443987389; path=/; expires=Fri, 26-Jan-2024 10:49:49 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1527
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
acdn.adnxs.com/dmp/up/pixie.js
151.101.65.108200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 151.101.65.108:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3340
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: W/"60b79de0-23b3"
Expires: Mon, 31 Oct 2022 05:58:51 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 26 Jan 2023 10:49:49 GMT
Age: 31130
X-Served-By: cache-lga21930-LGA, cache-bma1659-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 13, 4354
X-Timer: S1674730189.263661,VS0,VE0
Vary: Accept-Encoding
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 26 Jan 2023 09:41:08 GMT
expires: Thu, 26 Jan 2023 11:41:08 GMT
cache-control: public, max-age=7200
age: 4121
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d97122742133f124ebe9ec5c50ada96f
bbba8c7969d6523f56dfe7d27aa994c009e1a644
fcc9d9d23c2d229605890553ee7a73ceb33523487f652635f982b6ed14b485e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3273
Cache-Control: max-age=115891
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:49 GMT
Etag: "63d16fb7-1d7"
Expires: Fri, 27 Jan 2023 19:01:20 GMT
Last-Modified: Wed, 25 Jan 2023 18:06:47 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: kU+FBU5SigIPmLjTh7gmUZ8pfSu+x10F7S+Xzaq3edN36uvC7Fr1KBPPx/t1a2f4wQT6YnjTl1cAHc1yDqFCiA==
content-length: 27859
x-fb-trip-id: 1904183273
date: Thu, 26 Jan 2023 10:49:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1296805017.1674730186>m=2oe1p0&aip=1&z=2006223126
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1296805017.1674730186>m=2oe1p0&aip=1&z=2006223126
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WVZ21C8XH&cid=1296805017.1674730186>m=2oe1p0&aip=1&z=2006223126 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 10:49:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1p0&_p=1002253122&_gaz=1&cid=1296805017.1674730186&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674730186&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_language=NO&up.rizk_user_id=logged-out
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1p0&_p=1002253122&_gaz=1&cid=1296805017.1674730186&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674730186&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_language=NO&up.rizk_user_id=logged-out
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0WVZ21C8XH>m=2oe1p0&_p=1002253122&_gaz=1&cid=1296805017.1674730186&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674730186&sct=1&seg=0&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&dt=Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.rizk_country=NO&up.rizk_language=NO&up.rizk_user_id=logged-out HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rizk.com
date: Thu, 26 Jan 2023 10:49:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 810bf2bf9f302d0a65b1e0b447b549ef
d6ddcc1e64a1392f5942c0fc45864a282a93854e
f61096b63e6f62872d6d30aac7671c72403bba82f4f5c555add8e0997675f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
54.230.111.93200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (48015)
Hash e45ceb77c1a47254136f1ef733de65df
7cc640ca25ac5232038a02fbaf6d2677871ebaf0
25e950716f031b1000c0fc674457836b68ad60912f265f7efc190f6a93a71a2d
GET /modules.ea0a6d6a741d5de8308e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68675
date: Fri, 20 Jan 2023 11:10:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e45ceb77c1a47254136f1ef733de65df"
last-modified: Fri, 20 Jan 2023 11:09:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LhkmtI0zgBxw-zrV0yANRyfkd3MKfp3mr2A3hXtJasUVK4C279E33g==
age: 517184
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8127133a6d1c10ce4e3cbf6028b3e555
ce62fc282eee1a28e8bff5bd677cb0a63edea598
a411d44ecbe5c57bc81fca6c3c80a8de98cf82594bdb84dbef6e541e4df8d347
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5021
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:49 GMT
Last-Modified: Thu, 26 Jan 2023 09:26:08 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/g/collect?v=2&tid=G-0WVZ21C8XH&cid=1296805017.1674730186>m=2oe1p0&aip=1
173.194.73.156204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-0WVZ21C8XH&cid=1296805017.1674730186>m=2oe1p0&aip=1
IP 173.194.73.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0WVZ21C8XH&cid=1296805017.1674730186>m=2oe1p0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rizk.com
date: Thu, 26 Jan 2023 10:49:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
54.230.111.94200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
IP 54.230.111.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 730971b89ffa8b99e4157f49a4275594
7041ce872cc30e32c6b04a958b0cf810e5fc5651
da09da5b55ce65cdb58f29842d654aa637580d8c4d5d3cddfa08de6d866dcf65
GET /box-ff00c703c3bbdf54ae44ee858d64f69e.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 18 Jan 2023 10:13:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _JTV1Z9ECJsmrZmYa7Hr-s2tjB1xa_VuIzP2h5fUAzmedP6_7tK2yA==
age: 693403
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/signals/config/1268401316549097?v=2.9.94&r=stable
31.13.72.12200 OK 110 kB URL HTTP/2 connect.facebook.net/signals/config/1268401316549097?v=2.9.94&r=stable
IP 31.13.72.12:0
File type ASCII text, with very long lines (64471)
Size 110 kB (110248 bytes)
Hash c06427e936425cb691ace545e372fc77
e231a7f178ddfc1c9279e9d3f8de72f7d2d2a9fe
a1bca407bf12cab16bb9800c10f888539365c05111866b358fa33aec338ccfc3
GET /signals/config/1268401316549097?v=2.9.94&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 6bR8rRbYecHqScNUSLzIjAVY1deoDzeeRwgfYEyCwxReEZRqSkHih2sMLF3Zs/ml4T6s3HZG4ROa4Twq7rcDGw==
content-length: 110248
x-fb-trip-id: 1904183273
date: Thu, 26 Jan 2023 10:49:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 810bf2bf9f302d0a65b1e0b447b549ef
d6ddcc1e64a1392f5942c0fc45864a282a93854e
f61096b63e6f62872d6d30aac7671c72403bba82f4f5c555add8e0997675f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 10:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/heatmap-dynamic-view.2361f5d42a90f8118dc1.js
54.230.111.93200 OK 2.8 kB URL HTTP/2 script.hotjar.com/heatmap-dynamic-view.2361f5d42a90f8118dc1.js
IP 54.230.111.93:0
File type ASCII text, with very long lines (9695)
Hash 4ca41baf053850f76b124f54633cf41d
9e327265aa1963d7477f6fd7c3b890a735368f6c
835b97d7071cd8f9d289241409cac03e67b1957116113cc3a848265a850f8aaf
GET /heatmap-dynamic-view.2361f5d42a90f8118dc1.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2828
date: Tue, 15 Nov 2022 10:42:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4ca41baf053850f76b124f54633cf41d"
last-modified: Tue, 15 Nov 2022 10:41:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cXJY8zCEz3iFOr9wRBFtq0fE2YHjpJP6c5Mc9ouF1LB_yw2AnwX0Yg==
age: 6221262
X-Firefox-Spdy: h2
ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1674730187190&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&st=1674730187189&et=1674730187190&if=0
185.89.210.244200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1674730187190&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&st=1674730187189&et=1674730187190&if=0
IP 185.89.210.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1674730187190&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&st=1674730187189&et=1674730187190&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 26 Jan 2023 10:49:49 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
54.230.111.4200 OK 222 B URL HTTP/2 rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
IP 54.230.111.4:0
Hash 40537b1abe9505bb799edac2255a8470
3b26d888b1d5f92da2d20c58863690c5587fa9c7
7f99464c6925fc098677d29ef278b73b2c0160dea8cce855eac94ab703477e78
GET /rules-p-qX80KJDWUUAcD.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 222
last-modified: Thu, 13 Oct 2022 22:18:39 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Thu, 26 Jan 2023 10:26:28 GMT
cache-control: max-age=3600
etag: "40537b1abe9505bb799edac2255a8470"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8OclYjtKQz9l2jAkrqTXeNLemJZiJxwYyg71tpMEFr7_XtW_os1AMQ==
age: 1402
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=&if=false&ts=1674730187361&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674730187359.1037972820&it=1674730187198&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=&if=false&ts=1674730187361&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674730187359.1037972820&it=1674730187198&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=&if=false&ts=1674730187361&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674730187359.1037972820&it=1674730187198&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Jan 2023 10:49:49 GMT
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1887572684;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-1137701334-1674730187279;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;ref=;d=rizk.com;dst=0;et=1674730187390;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=81171d32-5828-4c64-8357-d5270c562c62
91.228.74.244200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1887572684;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-1137701334-1674730187279;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;ref=;d=rizk.com;dst=0;et=1674730187390;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=81171d32-5828-4c64-8357-d5270c562c62
IP 91.228.74.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1887572684;labels=_fp.event.PageView;rf=0;a=p-qX80KJDWUUAcD;url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;uh=c01e09f08ededbc45b9ad672bcedbc187c138998ce6769347ba2885b0ac08fc2;uht=2;fpan=1;fpa=P0-1137701334-1674730187279;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;ref=;d=rizk.com;dst=0;et=1674730187390;tzo=0;ogl=title.Velkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino%2Cimage.https%3A%2F%2Finsider%252Erizk%252Ecom%2Fno%2Fwp-content%2Fuploads%2Fsites%2F5%2F2018%2F06%2F06-05-2019-Casino%2Cdescription.Hos%20Rizk%20f%C3%A5r%20alle%20nye%20kunder%20velge%20mellom%20to%20fantastiske%20velkomstbonuser%3A%20Sett%20i%2Clocale.no%2Ctype.website%2Curl.https%3A%2F%2Frizk%252Ecom%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644;ses=81171d32-5828-4c64-8357-d5270c562c62 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:49 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EJwBBgGSKAISAenPpw2e6bRu; expires=Wed, 26-Apr-2023 10:49:49 GMT; path=/; domain=.quantserve.com
mc=63d25acd-8b5bc-01e79-855ba; expires=Mon, 26-Feb-2024 10:49:49 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=314440762420&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.6.241200 OK 532 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=314440762420&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.6.241:0
File type ASCII text, with very long lines (375), with CRLF line terminators
Hash 6e704859d8324b1425ad95a8e85af2fe
f7741adfb1ba750dcc21f244c1f725661bc09d46
b6df70acf1bb652134f3e7f0f6e3cf69c53ba1d6488c5f8d0cb9d853c06e3271
GET /Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=314440762420&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 10:49:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 532
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Sun, 26-Feb-2023 10:49:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=314440762420&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2218795936491731008
37.157.6.241200 OK 201 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=314440762420&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2218795936491731008
IP 37.157.6.241:0
File type ASCII text, with CRLF line terminators
Hash 58843f6e7478fcbc58ce3f06ebc8a766
38be284fc6f347414e9c4e62966c738f1303a06a
00d40fbf21940008fde10ef8f27648b7a840b379ea469d72008afa81501c74da
GET /Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=314440762420&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=2218795936491731008 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 10:49:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 201
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
37.157.3.20200 OK 506 B URL HTTP/2 c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
IP 37.157.3.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c13d4f5f3e67751491d0fae71f97df8a
0361c880460756be558d47e47168f04a594ed84b
e287e28d6d0b57812f50298ca7b265d7cd4cd2ac00ba80ae70221c19ec4434f6
GET /serving/cookie/match?CC=1&party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 10:49:49 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/661774/visit-data?sv=7
52.18.92.22200 OK 95 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/661774/visit-data?sv=7
IP 52.18.92.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 039d32f7359c34eee13f02bae640eff7
7550a24e404da6c533fa8597113eec17a6d55f4c
1874a3ed03bfe4289ca3a8cc3c495a498033ddb248a6fbdcdce02e70065eca54
POST /api/v2/client/sites/661774/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 130
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:49 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44369a627241523e4c1072642d968ce1
bbc608ce23c6fca27865967858b9a28438ab8b69
69e91b1c46a29147ba3c3dde85e011b5f9834599a98488e47c9b86db8abc8877
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:49:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 13:56:49 GMT
Expires: Tue, 31 Jan 2023 13:56:48 GMT
Etag: "bbc608ce23c6fca27865967858b9a28438ab8b69"
Cache-Control: max-age=442617,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f8af2a1c61b4f3-OSL
secure.quantserve.com/quant.js
91.228.74.244200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.244:0
Hash e5989cf746c5e02b44214594d65b2bb8
e41d06bb1189f0da3c03f9e1e44e97b9fff30f2a
8257b8a7153d723907f75ca76282fd8b160fa6f85247376d49518cb2881204ca
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:49 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "OVi4z6W4qM+KoQEZlRgh5w=="
expires: Thu, 02 Feb 2023 10:49:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44369a627241523e4c1072642d968ce1
bbc608ce23c6fca27865967858b9a28438ab8b69
69e91b1c46a29147ba3c3dde85e011b5f9834599a98488e47c9b86db8abc8877
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:49:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 13:56:49 GMT
Expires: Tue, 31 Jan 2023 13:56:48 GMT
Etag: "bbc608ce23c6fca27865967858b9a28438ab8b69"
Cache-Control: max-age=442617,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f8af2a1f9db51d-OSL
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=fdc9aaa3-b461-429b-9ccf-5c7c5a0a95e5
18.196.140.228302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=fdc9aaa3-b461-429b-9ccf-5c7c5a0a95e5
IP 18.196.140.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=fdc9aaa3-b461-429b-9ccf-5c7c5a0a95e5 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 10:49:50 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=fdc9aaa3-b461-429b-9ccf-5c7c5a0a95e5
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=61ae42cb-8b7d-42cb-92a4-3a14be55c37f; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=81e3bed3-7050-4140-9110-1e81092fd924&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D81e3bed3-7050-4140-9110-1e81092fd924
18.196.140.228302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=81e3bed3-7050-4140-9110-1e81092fd924&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D81e3bed3-7050-4140-9110-1e81092fd924
IP 18.196.140.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_group=1&user_id=81e3bed3-7050-4140-9110-1e81092fd924&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D81e3bed3-7050-4140-9110-1e81092fd924 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 10:49:50 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=81e3bed3-7050-4140-9110-1e81092fd924&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D81e3bed3-7050-4140-9110-1e81092fd924
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=cfebee48-1ae4-4749-9fb2-a9db21e88ea2; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=cbf1935b-2437-47d6-beb4-8203ffbcfe55
18.196.140.228302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=cbf1935b-2437-47d6-beb4-8203ffbcfe55
IP 18.196.140.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=cbf1935b-2437-47d6-beb4-8203ffbcfe55 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 10:49:50 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=cbf1935b-2437-47d6-beb4-8203ffbcfe55
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=ec472bf2-084b-4fd9-a453-8bcba3c806c0; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=fdc9aaa3-b461-429b-9ccf-5c7c5a0a95e5
18.196.140.228302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=fdc9aaa3-b461-429b-9ccf-5c7c5a0a95e5
IP 18.196.140.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=fdc9aaa3-b461-429b-9ccf-5c7c5a0a95e5 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 26 Jan 2023 10:49:50 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=81e3bed3-7050-4140-9110-1e81092fd924&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D81e3bed3-7050-4140-9110-1e81092fd924
18.196.140.228200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=81e3bed3-7050-4140-9110-1e81092fd924&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D81e3bed3-7050-4140-9110-1e81092fd924
IP 18.196.140.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_group=1&user_id=81e3bed3-7050-4140-9110-1e81092fd924&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D81e3bed3-7050-4140-9110-1e81092fd924 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:50 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=cbf1935b-2437-47d6-beb4-8203ffbcfe55
18.196.140.228302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=cbf1935b-2437-47d6-beb4-8203ffbcfe55
IP 18.196.140.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=cbf1935b-2437-47d6-beb4-8203ffbcfe55 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 26 Jan 2023 10:49:50 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.170.188200 OK 1.1 kB URL HTTP/2 cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.170.188:0
File type ASCII text, with very long lines (551)
Hash 8a8826c83e4a81f71a4189e1618dd561
f15b7f59cdd3078cc273b4bfa39e172d2eaa6166
e5e01d87eb2520999be28b0baf4e88ae0d52ecdba5fcbe11bde2ce1bbf1fce39
GET /resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=3650
content-md5: 9U0JZZEfvIjj+rfzna0fNA==
etag: W/"0x8D7A4C7B64A6317"
last-modified: Wed, 29 Jan 2020 14:29:55 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 1b1234c4-701e-0091-595e-a55502000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 516
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f8af1e480db4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 44369a627241523e4c1072642d968ce1
bbc608ce23c6fca27865967858b9a28438ab8b69
69e91b1c46a29147ba3c3dde85e011b5f9834599a98488e47c9b86db8abc8877
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 10:49:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 13:56:49 GMT
Expires: Tue, 31 Jan 2023 13:56:48 GMT
Etag: "bbc608ce23c6fca27865967858b9a28438ab8b69"
Cache-Control: max-age=442617,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f8af2a1892b50c-OSL
x.bidswitch.net/syncd?dsp_id=409&user_id=81e3bed3-7050-4140-9110-1e81092fd924&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
18.196.140.228302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_id=81e3bed3-7050-4140-9110-1e81092fd924&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 18.196.140.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_id=81e3bed3-7050-4140-9110-1e81092fd924&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 10:49:50 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=81e3bed3-7050-4140-9110-1e81092fd924&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=29055105-30a9-42d3-b45c-57fe59754ae5; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674730190; path=/; expires=Fri, 26-Jan-2024 10:49:50 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=83d63efd-a648-430d-abd7-ba251b0eef00
18.196.140.228302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=83d63efd-a648-430d-abd7-ba251b0eef00
IP 18.196.140.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=81e3bed3-7050-4140-9110-1e81092fd924&cb=83d63efd-a648-430d-abd7-ba251b0eef00 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 10:49:50 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=81e3bed3-7050-4140-9110-1e81092fd924&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
18.196.140.228200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=81e3bed3-7050-4140-9110-1e81092fd924&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 18.196.140.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_id=81e3bed3-7050-4140-9110-1e81092fd924&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:50 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 3e023abb96478bac24867312ee9da943
00a35b1d6f21d4871fdb50c5109f250e608a6586
fd7c69a9a21a5d849cf7d9d8cafb291120ea37e935a3ce172ccf2871494bd314
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155965
Date: Thu, 26 Jan 2023 10:49:50 GMT
Etag: "63d208fb-1d7"
Expires: Sat, 28 Jan 2023 06:09:15 GMT
Last-Modified: Thu, 26 Jan 2023 05:00:43 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mfheHFcev608Q39WdbYP5ypgfORfE30giuXts6ppr5-xXoP1zVYqng==
Age: 4112
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 3e023abb96478bac24867312ee9da943
00a35b1d6f21d4871fdb50c5109f250e608a6586
fd7c69a9a21a5d849cf7d9d8cafb291120ea37e935a3ce172ccf2871494bd314
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 10:49:50 GMT
Last-Modified: Thu, 26 Jan 2023 09:42:10 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IvF4bqhN_t4_Y0B-u3jiGRudSmfELL4gyZC-FuNWEmtyOBxm0QD-Eg==
Age: 4060
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
52.29.44.9204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 52.29.44.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 26 Jan 2023 10:49:50 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
52.29.44.9204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 52.29.44.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 26 Jan 2023 10:49:50 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
52.29.44.9204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 52.29.44.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=81e3bed3-7050-4140-9110-1e81092fd924&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 26 Jan 2023 10:49:50 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 3e023abb96478bac24867312ee9da943
00a35b1d6f21d4871fdb50c5109f250e608a6586
fd7c69a9a21a5d849cf7d9d8cafb291120ea37e935a3ce172ccf2871494bd314
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 10:49:50 GMT
Last-Modified: Thu, 26 Jan 2023 09:41:20 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: C0u3G26U49uI6dMmwOmLtRJxw0lhU8iYIPpG3Fo9-NiDrC8qljVeGg==
Age: 4110
rizk.com/assets/img/rizk-logo-no-tm.svg
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/rizk-logo-no-tm.svg
IP 104.18.20.91:0
GET /assets/img/rizk-logo-no-tm.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 10:59:52 GMT
etag: W/"63761428-5db"
expires: Tue, 17 Jan 2023 07:13:47 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 4624410
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14be82b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.clickcease.com/monitor/stat.js
54.230.111.123200 OK 0 B URL HTTP/2 www.clickcease.com/monitor/stat.js
IP 54.230.111.123:0
GET /monitor/stat.js HTTP/1.1
Host: www.clickcease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 10:49:47 GMT
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -glUTtKqTtCM17r3zVPelFdiKhiDE0jBiVyfaCN7jcj5EUaOxKRW1A==
age: 10
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: microphone 'none'; camera 'none';
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logo-odr.svg
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/footer/footer-logo-odr.svg
IP 104.18.20.91:0
GET /assets/img/footer/footer-logo-odr.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674730186
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/svg+xml
last-modified: Thu, 15 Dec 2022 11:19:37 GMT
etag: W/"639b02c9-1c73"
expires: Sat, 18 Feb 2023 04:38:06 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 633586
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af186b8ab518-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-661774.js?sv=7
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-661774.js?sv=7
IP 54.230.111.113:0
GET /c/hotjar-661774.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Thu, 26 Jan 2023 10:49:05 GMT
cache-control: max-age=60
etag: W/27f49e73aeaa9722fb057d75f11b591a
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ujge9sP5QiHiwOknQU4i-BRw7mwCBm1Xe_rAxOSOGFVB3OVCExYmVA==
age: 44
X-Firefox-Spdy: h2
unpkg.com/yett/dist/yett.min.modern.js
104.16.124.175302 Found 0 B URL HTTP/2 unpkg.com/yett/dist/yett.min.modern.js
IP 104.16.124.175:0
GET /yett/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /yett@0.2.3/dist/yett.min.modern.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GQPTVYB6YQTG70F9YZAJ6JV9-ams
cf-cache-status: HIT
age: 307
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f8af1678ccb518-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/MGA.svg
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/footer/MGA.svg
IP 104.18.20.91:0
GET /assets/img/footer/MGA.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1674730186
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Jan 2023 10:35:49 GMT
etag: W/"63b6a805-49ef"
expires: Mon, 13 Mar 2023 05:08:21 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 626465
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af186ba5b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/js/mustache.b0b33cad.js
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/mustache.b0b33cad.js
IP 104.18.20.91:0
GET /assets/js/mustache.b0b33cad.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jan+26+2023+10%3A49%3A45+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 18:14:52 GMT
etag: W/"63c9889c-186c"
cf-cache-status: HIT
age: 5482
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af1ba839b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
104.18.20.91200 OK 0 B URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
IP 104.18.20.91:0
GET /no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/webp
content-length: 174360
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=384172
content-disposition: inline; filename="rizk_progressive_jackpot_no.webp"
etag: "579ef777-5dcac"
expires: Sat, 31 Dec 2022 16:27:47 GMT
last-modified: Mon, 01 Aug 2016 07:17:11 GMT
vary: Accept
cf-cache-status: HIT
age: 3597757
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14feffb518-OSL
X-Firefox-Spdy: h2
rizk.com/assets/js/base.b2f20677.js
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/base.b2f20677.js
IP 104.18.20.91:0
GET /assets/js/base.b2f20677.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 18:14:52 GMT
etag: W/"63c9889c-7b9bb"
cf-cache-status: HIT
age: 2745
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14eee8b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
104.16.149.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
IP 104.16.149.64:0
GET /scripttemplates/6.39.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: text/css
content-md5: B55i3ZY9miZIaUrwjufy0w==
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
x-ms-request-id: b3ac1c65-001e-0030-378a-b982cc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 29522
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f8af1b5df3b505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1500
expires: Sun, 29 Jan 2023 10:49:48 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 78f8af1c9d1eb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.27.85200 OK 0 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.27.85:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78f8af1769adb50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
rizk.com/assets/img/jewel_reward.svg
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/jewel_reward.svg
IP 104.18.20.91:0
GET /assets/img/jewel_reward.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 10:59:52 GMT
etag: W/"63761428-cdb"
expires: Tue, 17 Jan 2023 07:13:49 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 4622131
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14be85b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/no/translations/selection
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/no/translations/selection
IP 104.18.20.91:0
POST /no/translations/selection HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 3581
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: max-age=0, must-revalidate, private
set-cookie: Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644; expires=Sat, 25-Feb-2023 10:49:47 GMT; Max-Age=2592000; path=/; secure; httponly
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af187bacb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-footer.svg
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/rizk-logo-footer.svg
IP 104.18.20.91:0
GET /assets/img/rizk-logo-footer.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Oct 2022 08:50:04 GMT
etag: W/"633e96bc-789"
expires: Tue, 06 Dec 2022 01:38:03 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 4619001
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14eee2b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/js/runtime.ab229b8c.js
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/runtime.ab229b8c.js
IP 104.18.20.91:0
GET /assets/js/runtime.ab229b8c.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 18:14:52 GMT
etag: W/"63c9889c-8fc"
cf-cache-status: HIT
age: 3196
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af14eee5b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
matomo.rizk-dev.com/matomo.js
104.18.14.144200 OK 0 B URL HTTP/2 matomo.rizk-dev.com/matomo.js
IP 104.18.14.144:0
GET /matomo.js HTTP/1.1
Host: matomo.rizk-dev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 08:56:29 GMT
etag: W/"6286063d-faed"
expires: Thu, 26 Jan 2023 14:49:48 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 1378
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af1e2bc8b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:49 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1501
expires: Sun, 29 Jan 2023 10:49:49 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 78f8af260c71b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
tr.snapchat.com/config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js
IP 35.190.43.134:0
GET /config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
access-control-allow-origin: https://rizk.com
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rizk.com/no/user/setOBtag
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/no/user/setOBtag
IP 104.18.20.91:0
POST /no/user/setOBtag HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jan+26+2023+10%3A49%3A45+GMT%2B0000+(Coordinated+Universal+Time)&version=6.39.0&hosts=&landingPath=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A1%2CC0004%3A0; _gcl_au=1.1.2084217200.1674730186
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: application/json
x-powered-by: PHP/7.1.33
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af1e8ba9b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/css/base.css?1674730186
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/assets/css/base.css?1674730186
IP 104.18.20.91:0
GET /assets/css/base.css?1674730186 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:47 GMT
content-type: text/css
last-modified: Thu, 19 Jan 2023 18:14:51 GMT
etag: W/"63c9889b-50186"
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af149e60b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/OneSignalSDKWorker.js
104.18.20.91200 OK 0 B URL HTTP/2 rizk.com/OneSignalSDKWorker.js
IP 104.18.20.91:0
GET /OneSignalSDKWorker.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ZBan=SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk; marketingproduct=Casino; PHPSESSID=lef0piogbjm2mlho5tt8cf423k; btag=a_10689784b_c_SRcmxYvJsi3UAb1ScDhOn2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; RizkLocale=no; Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 10:49:48 GMT
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 18:14:06 GMT
etag: W/"63c9886e-56"
cf-cache-status: HIT
age: 4896
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78f8af1b2f8db518-OSL
content-encoding: br
X-Firefox-Spdy: h2