voices-kerence.com/30dd3326-c6c0-4a25-8e0f-3b799f746e3d
302 0 B URL HTTP/1.1 voices-kerence.com/30dd3326-c6c0-4a25-8e0f-3b799f746e3d
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /30dd3326-c6c0-4a25-8e0f-3b799f746e3d HTTP/1.1
Host: voices-kerence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Tue, 07 Feb 2023 12:04:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://rbn-bc-7s.lptrak.com/redirect.aspx?pid=2059239&bid=6641&clickid=w5rcdnn1kk4g54fm24ldvmc2#popup-reg
Pragma: no-cache
Set-Cookie: 30dd3326-c6c0-4a25-8e0f-3b799f746e3d-v4=is7KofoUyc3lApNkhkpBMMxB0mjIOSgR6QN8F8Hm9eg; Max-Age=86400; Expires=Wed, 08-Feb-2023 12:04:31 GMT; Domain=voices-kerence.com; Path=/; HttpOnly
cc-v4=vzttA9GgpI5VisIunT%2F3vhKzFwrfua4QlqFApk4ijjMO1pOEEbJ9izqh%2Bu%2FdcR4MM5XjSyKc7w5hvPVDouc%2BYKouq96WaNhaSTfXO6JkEwGaOL5KGA1Z575wG73Lrn342o4A4rrApq1yklFFBUTlEA%3D%3D; Max-Age=31536000; Expires=Wed, 07-Feb-2024 12:04:31 GMT; Domain=voices-kerence.com; Path=/; HttpOnly
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5218
Expires: Tue, 07 Feb 2023 13:31:29 GMT
Date: Tue, 07 Feb 2023 12:04:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12700
Expires: Tue, 07 Feb 2023 15:36:11 GMT
Date: Tue, 07 Feb 2023 12:04:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 11:34:08 GMT
content-type: application/json
age: 1823
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20420
Expires: Tue, 07 Feb 2023 17:44:51 GMT
Date: Tue, 07 Feb 2023 12:04:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hXxDWF/N3ruKygKOZOS6d4zy1YhspAu8W2zucOHVhpOCSm2hk7MMr9TgBqFzXqOLejqr7lcJRJJG6u2R9Dd98w==
x-amz-request-id: HWDVFDW2BEFXK0Z3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 11:35:30 GMT
age: 1741
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 12:04:31 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rbn-bc-7s.lptrak.com/redirect.aspx?pid=2059239&bid=6641&clickid=w5rcdnn1kk4g54fm24ldvmc2
307 Temporary Redirect 0 B URL HTTP/2 rbn-bc-7s.lptrak.com/redirect.aspx?pid=2059239&bid=6641&clickid=w5rcdnn1kk4g54fm24ldvmc2
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=2059239&bid=6641&clickid=w5rcdnn1kk4g54fm24ldvmc2 HTTP/1.1
Host: rbn-bc-7s.lptrak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://rabona100.com/it/?btag=664926_E14B9769E0AF437E8D6BEEC65996A43E&clickid=w5rcdnn1kk4g54fm24ldvmc2&MSID=2059239&BID=6641
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Tue, 07 Feb 2023 12:04:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 07 Feb 2023 12:04:32 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a2059239%2c%22BID%22%3a6641%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675771472018)%5c%2f%22%2c%22CookieTag%22%3a%2266412059239451240919C202327124%22%7d%5d; SameSite=None;; domain=.lptrak.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22581665676%7c1%22%7d%5d; domain=.lptrak.com; expires=Thu, 07-Feb-3022 12:04:32 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=62
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 11:14:52 GMT
age: 2980
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3479
Expires: Tue, 07 Feb 2023 13:02:31 GMT
Date: Tue, 07 Feb 2023 12:04:32 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash 1eaf5d4ffacaea378cf47060bd0e00c0
85f5461e5528df6d6e5ab3c07618a21aa562da03
55789ccf6ab5a072d1aa908159d3531f62aedbcaf2f6814f83af4e56eb18df07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100236
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:32 GMT
Etag: "63e122dc-116"
Expires: Wed, 08 Feb 2023 15:55:08 GMT
Last-Modified: Mon, 06 Feb 2023 15:55:08 GMT
Server: nginx
Content-Length: 278
rabona100.com/it/?btag=664926_E14B9769E0AF437E8D6BEEC65996A43E&clickid=w5rcdnn1kk4g54fm24ldvmc2&MSID=2059239&BID=6641
301 Moved Permanently 0 B URL HTTP/2 rabona100.com/it/?btag=664926_E14B9769E0AF437E8D6BEEC65996A43E&clickid=w5rcdnn1kk4g54fm24ldvmc2&MSID=2059239&BID=6641
IP
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /it/?btag=664926_E14B9769E0AF437E8D6BEEC65996A43E&clickid=w5rcdnn1kk4g54fm24ldvmc2&MSID=2059239&BID=6641 HTTP/1.1
Host: rabona100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Tue, 07 Feb 2023 12:04:32 GMT
content-length: 0
location: https://rabona.com/it/?btag=664926_E14B9769E0AF437E8D6BEEC65996A43E&clickid=w5rcdnn1kk4g54fm24ldvmc2&MSID=2059239&BID=6641
vary: Accept-Encoding
server: cloudflare
cf-ray: 795bfd168e290b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 1eaf5d4ffacaea378cf47060bd0e00c0
85f5461e5528df6d6e5ab3c07618a21aa562da03
55789ccf6ab5a072d1aa908159d3531f62aedbcaf2f6814f83af4e56eb18df07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=100236
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:32 GMT
Etag: "63e122dc-116"
Expires: Wed, 08 Feb 2023 15:55:08 GMT
Last-Modified: Mon, 06 Feb 2023 15:55:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nhEDO6kch5X0/uPyhfd7Bg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0XN/XwXd0pRrjzbt+9fMETBOUxQ=
ocsp.digicert.com/
200 OK 278 B IP
Hash bee484218eecc6877c5461829f3fcd27
0de136372b9ee791375e5f60e4037ca8b76aa968
0820eae08513543650e16ce1d8c236bcebaaffdf3145b78447ee7dc04a6ed1c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121118
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:32 GMT
Etag: "63e1746e-116"
Expires: Wed, 08 Feb 2023 21:43:10 GMT
Last-Modified: Mon, 06 Feb 2023 21:43:10 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash bee484218eecc6877c5461829f3fcd27
0de136372b9ee791375e5f60e4037ca8b76aa968
0820eae08513543650e16ce1d8c236bcebaaffdf3145b78447ee7dc04a6ed1c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=121118
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:33 GMT
Etag: "63e1746e-116"
Expires: Wed, 08 Feb 2023 21:43:11 GMT
Last-Modified: Mon, 06 Feb 2023 21:43:10 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
200 OK 38 kB URL HTTP/2 cdn.jsdelivr.net/npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0880c171f6c1061e1a2de7c892645c86
39b9c3eedf84507430791a2f17e03a4bc4b891be
e02180112a0dee98478682fa68ebef088ef1ca2cd3052ca783212478833151a3
GET /npm/libphonenumber-js@1.9.38/bundle/libphonenumber-min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.9.38
x-jsd-version-type: version
etag: W/"23e2d-8Ljb58fTcif9uN6WX1ki2pXIRm0"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Feb 2023 12:04:33 GMT
age: 1129774
x-served-by: cache-fra-eddf8230084-FRA, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 38325
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/dVi66-kaLJo
200 OK 12 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/dVi66-kaLJo
IP
Hash e67c32428db48c1f2b1dc61a8ce422d2
75e838ad47172e67f11c7f25488b35a3fae3c7c5
118cc7054a8634b5318a041a8bab0346d944131e601ac9a913ff7d5148a99ff7
POST /s/gts1p5/dVi66-kaLJo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
200 OK 2.8 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
Hash 183e4706b19fcc36e5f775db770dd753
0ea6372a5487334fddeb5551e6571b0d05aed3ad
a9dcf7ca9d4b89c4e4e9fbdc2a80bc7823725e8ced8c64d06395967acbbffbab
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:04:33 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8F11A4EC332F0A77FE9D05EC7EC68AC40DDA9B6E"
Expires: Tue, 07 Feb 2023 23:00:00 GMT
Last-Modified: Tue, 07 Feb 2023 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3154
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bfd1b68020b06-OSL
www.googleoptimize.com/optimize.js?id=OPT-5GMTG8G
200 OK 45 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-5GMTG8G
IP
File type ASCII text, with very long lines (1812)
Hash f275a55c1057213b29ab886d0c133c09
23c1fb1bdbf64f07092e9834401af012a69fa57f
4c3909f50b23971572c1d821a6206e163646272d9ac466de1dce32fdcfeb0d9b
GET /optimize.js?id=OPT-5GMTG8G HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 12:04:33 GMT
expires: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45094
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/dVi66-kaLJo
200 OK 51 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/dVi66-kaLJo
IP
Hash 2735c163a6f8c4a48e5628d73cd6e334
260398ab256615e819b04501a77809f71c0fadce
f2cb91836f46e4a3f705baf332ddde7b4387b9c578f1350c1c4c004cff20fc14
POST /s/gts1p5/dVi66-kaLJo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
200 OK 73 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T9SGLPZ
IP
File type ASCII text, with very long lines (9374)
Hash ba60f15b482f2ed8618e614ca18f2ad1
aee84eaceba8342c3049cc3c184d9a5842edab20
0923702ebbd1c23f552f80bcfbb5b0f8a20961b78353836b15b87ff13e62da21
GET /gtm.js?id=GTM-T9SGLPZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 12:04:33 GMT
expires: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73036
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
IP
Hash 30b6edcc3409f1646f32ed267e85b8e6
e6b21fd23d7e681c752308fc8f3183b880339e30
a54cab15f818a90781b3e95de5ad8bacc5e636e3cc27cf1f383116cf55b7e53a
GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 12:04:33 GMT
date: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
Hash 707db8794daf5cd8fc277833a2d62bc6
03b63ed7d3da73630814c2989ae03786fcb65918
dd4bfe669e1caa555b04d0ae8092b446ef6d4ca16a03ed95c7c4a7ba414a73db
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rabona.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 01:03:45 GMT
expires: Fri, 02 Feb 2024 01:03:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
age: 471648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,700;0,900;1,700;1,900&display=swap
200 OK 2.4 kB URL HTTP/2 fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,700;0,900;1,700;1,900&display=swap
IP
Hash 2044ff3be0298820ef80241e706c389f
66ff793e33d25eff276fdeb18a6d368ff26a7e86
1d7d81365f893273c01ff87d2555b6248b0bb9e6f11f04d1605ef5b80f4fb0fe
GET /css2?family=Noto+Sans:ital,wght@0,700;0,900;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 12:04:33 GMT
date: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 31 kB IP
Hash 9cf76030269f4dfa7d1d7e8c0ada379a
7f5ba1dab9a896e721a843e1d1eab96147170748
6362585fa7068091ae604be27fc9d5093c27c9efa365821182483d58b0fb573a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2248
Cache-Control: max-age=105015
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:33 GMT
Etag: "63e12cc0-116"
Expires: Wed, 08 Feb 2023 17:14:48 GMT
Last-Modified: Mon, 06 Feb 2023 16:37:20 GMT
Server: ECS (amb/6BB9)
X-Cache: HIT
Content-Length: 278
sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1675754763331
200 OK 116 kB URL HTTP/2 sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js?build=1675754763331
IP
File type ASCII text, with very long lines (64976)
Size 116 kB (116003 bytes)
Hash c1efaff0654c314aaf8f8ab532b601e6
76811fe9efe5fb2e698e2d072f102c9fd3f54754
171e90eb96175452ec9ac2c48afcbd2ced846f6c131d70e01638e0355a101900
GET /altenarWSDK.js?build=1675754763331 HTTP/1.1
Host: sb2widgetsstatic-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdulNb9jekia0qAxiePPLEAPg3Lc6mbokjpt8RkVBV1HANyBlCnR6usqUs850WzGVCN-zauASX7NAf7B5WlMFGvycv8rUPh_
x-goog-generation: 1675752416572078
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 116003
x-goog-meta-goog-reserved-file-mtime: 1675752398
content-encoding: gzip
x-goog-hash: crc32c=MWrQiw==, md5=we+v8GVMMUqvj4q1MrYB5g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 116003
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Tue, 07 Feb 2023 12:04:33 GMT
expires: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: no-cache,max-age=0
last-modified: Tue, 07 Feb 2023 06:46:56 GMT
etag: "c1efaff0654c314aaf8f8ab532b601e6"
content-type: application/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
200 OK 99 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_ibhcSa3J8o
IP
Hash 61e28f88017c044b9330de53e2ccbf93
06a026eeb043ce968217532027c26388e9abbcc8
0e0bf14527c2139ca2977d3b6c9e9803ea725b960dc5e213e5662beffa7a1669
POST /s/gts1d4/_ibhcSa3J8o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,500;0,600;0,700;1,600;1,700&display=swap
200 OK 94 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,500;0,600;0,700;1,600;1,700&display=swap
IP
Hash a24ec25dca64f05d0e44099f3407f5fd
3b0e189531eebc5cdb3eae0809027c06e625c81c
e2e32f090c77aa131fdfaa566204017c8bf77b0c8126f429c36337bd32cde884
GET /css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,500;0,600;0,700;1,600;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 12:04:33 GMT
date: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4511
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 12:04:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d057038cd3164c40413a88f9b5c2af92
afbcb6617c7277ea42068c2aa1c8dcba02549873
ae03b42f1a5c3774e3ea569a886707a8a31da05a45bd971b829cf579be0ea6c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6787
x-amzn-requestid: 15924d6a-68a3-414b-9e23-68d37291d4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvyxSEjXIAMFT3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc9808-22daff920f5fe1201328ccee;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 05:13:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AOnXbzTBcVZ3quJx3NoNQC08Gk5_phyp8UiWCm6Dk4GPxl8FCaIC4w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 04:57:41 GMT
age: 25612
etag: "afbcb6617c7277ea42068c2aa1c8dcba02549873"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V_4NzIAVBOZMjf_YIM3bowFdlP1y4peI5JI-jO105s3NVjmyYnC0Tg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:48 GMT
age: 51345
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4dd67c975f1c1f91ca92f37c9e098231
b9096efb56b6e196b13722e767a9d2762737cbb9
39f21e5db4089d6cf94646b76cd9032e9831ed03f7c2f0d980fac09c893a52db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8110
x-amzn-requestid: fdfa4af0-a6e4-4664-a86b-48fd6f374d96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77JCFyzoAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17239-205cdd9d70f23cb358c65222;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zHo_IPM2j3t4prd4ZuLR7c-GPrWHxSxqSUprBxrT9n_DG8ySpkpb8g==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:46:30 GMT
age: 51483
etag: "b9096efb56b6e196b13722e767a9d2762737cbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d29e7077f69b88a0108efeb7a2efe7e9
1958f83edeb8c6b68f17cead3fb5714f44e619eb
371f02a5b36ac3e52cc6c4e78f0980107a0f92105e79ee53278089ae5ff6de93
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10788
x-amzn-requestid: 8e1c8026-1eea-4eb0-810e-7ea43ed11f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyymWEsSoAMFykg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddcaf5-20fc23b535fa86f56a34fbae;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 03:03:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -OEG4deGxPaXCxA16sr4s2uAcDTWyzDoXgCkUdwluUiYL-z55VQKwA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 06:11:48 GMT
age: 21165
etag: "1958f83edeb8c6b68f17cead3fb5714f44e619eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: 0664e077-13a4-4a97-afc2-3969cee56958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2pu6Fb7oAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df565f-057ee8fa26aa83d21f875d73;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:10:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cAwOWu-_JYTMa0l-1A07FxgOGtG7P59D7XlovXByRA9dQxfsS2An7w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 18:44:40 GMT
age: 62393
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:15:46 GMT
age: 17327
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6f5ab3bdbb5ebcebf9a163e0c85ab467
43f1c3de55e528c5be75895eb08b64840a0c8b95
d7c6e6ba9986867972fbc47f35dc823e3c78db46acf5292b6933e0f5760e47be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7C6E6BA9986867972FBC47F35DC823E3C78DB46ACF5292B6933E0F5760E47BE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10916
Expires: Tue, 07 Feb 2023 15:06:29 GMT
Date: Tue, 07 Feb 2023 12:04:33 GMT
Connection: keep-alive
zz.connextra.com/dcs/tagController/tag/a63e00208e85/landingpage
200 OK 17 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/a63e00208e85/landingpage
IP
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2769)
Hash 3427d22659808d56e41cf082dfe587b0
69945deb59e261d1b224561537d3de96aa0bdf66
e145931a8c8884c933c1143f63fa5b06bfa6603847e570a3b621a46a1f82fe22
GET /dcs/tagController/tag/a63e00208e85/landingpage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-length: 16603
server: istio-envoy
content-encoding: gzip
x-envoy-upstream-service-time: 2
cache-control: must-revalidate, max-age=300
expires: Tue, 07 Feb 2023 12:09:33 GMT
date: Tue, 07 Feb 2023 12:04:33 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 37899150369b4ffd57348d1126a304eb
4ffa0629fc41fd9ff178670cde2779d1668c42f1
752bac354fd9cfc6cb9f1b6938923e8ed1df08c8b7c242c4efbc5782cd439022
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1906
Cache-Control: max-age=116141
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:33 GMT
Etag: "63e1598d-1d7"
Expires: Wed, 08 Feb 2023 20:20:14 GMT
Last-Modified: Mon, 06 Feb 2023 19:48:29 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 37899150369b4ffd57348d1126a304eb
4ffa0629fc41fd9ff178670cde2779d1668c42f1
752bac354fd9cfc6cb9f1b6938923e8ed1df08c8b7c242c4efbc5782cd439022
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1906
Cache-Control: max-age=116141
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:33 GMT
Etag: "63e1598d-1d7"
Expires: Wed, 08 Feb 2023 20:20:14 GMT
Last-Modified: Mon, 06 Feb 2023 19:48:29 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
200 OK 180 B URL HTTP/2 track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
IP
File type ASCII text, with no line terminators
Hash 2255005e68a8880fe8846b0ce53772ad
36ba75259314950e35818b9d871b02b09dab56ce
28df773657a07be0bbc8ab226c401438dacd6a9bc8662f38f0a69252c0089fc5
GET /Serving/Cookie/?adfaction=getjs;adfcookname=uid HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 12:04:33 GMT
content-type: text/javascript; charset=utf-8
content-length: 180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
200 OK 180 B URL HTTP/2 track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
IP
File type ASCII text, with no line terminators
Hash 2255005e68a8880fe8846b0ce53772ad
36ba75259314950e35818b9d871b02b09dab56ce
28df773657a07be0bbc8ab226c401438dacd6a9bc8662f38f0a69252c0089fc5
GET /Serving/Cookie/?adfaction=getjs;adfcookname=uid HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 12:04:34 GMT
content-type: text/javascript; charset=utf-8
content-length: 180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c0c18b789b296a2b3cc9adb04c94e6f7
a0fa241f813c414178f5dffd30d5c2b82d16669b
95ec61ae9d1384fdbcee256ec441d6db4e3243ed3f8e1801b3607ce3c2e1e3f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/p.js?f=sync&lr=1&partner=aeac8351d5c346986dd0a94ccd11ef15059dbfb8ffb50dcca583397eb60b91d1
200 OK 5.2 kB URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=aeac8351d5c346986dd0a94ccd11ef15059dbfb8ffb50dcca583397eb60b91d1
IP
Hash a30fca12ff317a909e9b92e2ca5d5643
38839bb0b7215db251ff9380e775a817a9d29f26
6056146ab0bab7c5d82449e4a5d92045c6bfb1afa5b60c7e6e2278c146763b0b
GET /p.js?f=sync&lr=1&partner=aeac8351d5c346986dd0a94ccd11ef15059dbfb8ffb50dcca583397eb60b91d1 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 12:04:34 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Ld5dhQgAAAAANIx3lMwVJgCICAiwHXHTdQR9gif
200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Ld5dhQgAAAAANIx3lMwVJgCICAiwHXHTdQR9gif
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash 7bdf2364de563ef50d91381e7a66b98c
0799d06f4657573e00d2045d14e8a8248f5a0402
04c767ca0b2e8000884aeb8a3abf3b13625617a10dfcdf111d8653212432742a
GET /recaptcha/api.js?render=6Ld5dhQgAAAAANIx3lMwVJgCICAiwHXHTdQR9gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 07 Feb 2023 12:04:34 GMT
date: Tue, 07 Feb 2023 12:04:34 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 604 B IP
Hash fb1a81596b02612cee6513633d6e0012
b9579ea3fcaf7027924487a476f81b0b100367d4
81593828efdb5685b58da78e32b5d58b603103cdcaebb1c60c46660fef4fe584
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rabona.com
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:53:11 GMT
expires: Wed, 07 Feb 2024 08:53:11 GMT
cache-control: public, max-age=31536000
age: 11483
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2e90fb4abc4adea51d5da8fca3895c90
9ea128cefd8a4e91bc93a306cdafdcf5c0b99a40
6de37bd6d8e446c4e3b2d739ad311f23c403bb59c6adbfade793b274da3b5f28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 56 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
Hash 8788def5cc383e1d568ed247ced189f4
85f6bb2f54321ac9830af0f970508eca5f319d20
8ce29d92268051bafe7154f0374d613e1959090eddae08cd3e1f74d91a90ae9b
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 07 Feb 2023 11:45:20 GMT
expires: Tue, 07 Feb 2023 13:45:20 GMT
cache-control: public, max-age=7200
age: 1154
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XF54YG8FKL&cid=340169107.1675771524>m=45je3210&aip=1&z=660578602
200 OK 736 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XF54YG8FKL&cid=340169107.1675771524>m=45je3210&aip=1&z=660578602
IP
Hash 24a3d12e2fb580dbc40f411fbb050135
82b03d1831c689d1fea9dd6bdabdf717eda9a1b1
793f2d0b501b9fe7908d3541485570d36395df691ea9fb3d1caf4f4b7501e475
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XF54YG8FKL&cid=340169107.1675771524>m=45je3210&aip=1&z=660578602 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 12:04:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2e90fb4abc4adea51d5da8fca3895c90
9ea128cefd8a4e91bc93a306cdafdcf5c0b99a40
6de37bd6d8e446c4e3b2d739ad311f23c403bb59c6adbfade793b274da3b5f28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.2fa327feea603eb929af.js
200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.2fa327feea603eb929af.js
IP
File type Unicode text, UTF-8 text, with very long lines (48770)
Hash 681cdc7ac90e7eb90a7a6b1feaa2a12d
6e17378a5b53ccf900328a200a30b0c364dcf45a
2c3876fd165b115f18f2336626fbc5b9189e59a3ac8914ddc739cfa799e56b2a
GET /modules.2fa327feea603eb929af.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68048
date: Tue, 07 Feb 2023 08:59:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "681cdc7ac90e7eb90a7a6b1feaa2a12d"
last-modified: Tue, 07 Feb 2023 08:58:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VCQL-9ThTfFhDwIjdN-XDzYRKHE-U0m31U6ak9AueVdq9sMmi6pvAg==
age: 11129
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash cc4a5d01682c7760f49fd150f14e29bd
9b6c6527db793fe878f2e5061f0b127762468fbf
10bbc5c32e65bc11e85917a27ac6096e9a4343839f521a82e81433e7f635566e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 12:04:34 GMT
Last-Modified: Tue, 07 Feb 2023 10:39:52 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eLBjXRNO5hhwu-7ar978Gmmujc0OMYI-VT4ADr89zbOb7o_i3r9Vqg==
Age: 5082
manager.eu.smartlook.cloud/rec/setup-recording/website
200 OK 70 B URL HTTP/1.1 manager.eu.smartlook.cloud/rec/setup-recording/website
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 536ea6acc350b7cd088bb192cc72b759
9c01c4c8d9ee1839d8a6f547219baee07a7de63e
ffda52cd15f4fdd13595223661990ed34c1949a66b38d7a2c8fa02a0712a03e9
POST /rec/setup-recording/website HTTP/1.1
Host: manager.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Origin: https://rabona.com
Content-Length: 122
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://rabona.com
Access-Control-Expose-Headers: Retry-After
Content-Encoding: br
Content-Type: application/json; charset=utf-8
Date: Tue, 07 Feb 2023 12:04:34 GMT
Retry-After: 3600
sl-trace-id: qWNLpuB39JRR4ruSA3PAP
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 70
Connection: keep-alive
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
200 OK 25 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
IP
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:18:18 GMT
expires: Tue, 06 Feb 2024 17:18:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/css
age: 67576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:53:11 GMT
expires: Wed, 07 Feb 2024 08:53:11 GMT
cache-control: public, max-age=31536000
age: 11483
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 0b9ad574117ed1ec25281ac21316c080
9a39bd9dd29d7b2b21e43974ed11101e611116e1
2c15b75249430e499a69dc5ad0c314aa7e7d0a137f9a3c5bb6afc7cece8bda01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2603
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Etag: "63e1080e-116"
Last-Modified: Tue, 07 Feb 2023 11:21:11 GMT
Server: ECS (amb/6BA2)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 0b9ad574117ed1ec25281ac21316c080
9a39bd9dd29d7b2b21e43974ed11101e611116e1
2c15b75249430e499a69dc5ad0c314aa7e7d0a137f9a3c5bb6afc7cece8bda01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2603
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Last-Modified: Tue, 07 Feb 2023 11:21:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 0b9ad574117ed1ec25281ac21316c080
9a39bd9dd29d7b2b21e43974ed11101e611116e1
2c15b75249430e499a69dc5ad0c314aa7e7d0a137f9a3c5bb6afc7cece8bda01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2452
Cache-Control: max-age=95824
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Etag: "63e1080e-116"
Expires: Wed, 08 Feb 2023 14:41:38 GMT
Last-Modified: Mon, 06 Feb 2023 14:00:46 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 0b9ad574117ed1ec25281ac21316c080
9a39bd9dd29d7b2b21e43974ed11101e611116e1
2c15b75249430e499a69dc5ad0c314aa7e7d0a137f9a3c5bb6afc7cece8bda01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2452
Cache-Control: max-age=95824
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Etag: "63e1080e-116"
Expires: Wed, 08 Feb 2023 14:41:38 GMT
Last-Modified: Mon, 06 Feb 2023 14:00:46 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
200 OK 28 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/cash-crab-logo.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash caf2e885906d6d25e4bfb3fbd2048463
ea8c3be612ac1b3ee18dae469a4208388ca788b0
d2dec97fc0ea9d58d4426672070c3f09d5a714451fd2bacff2aef9258211aa35
GET /crab/startscreen/cash-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:34 GMT
content-type: image/webp
content-length: 28536
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=29855
content-disposition: inline; filename="cash-crab-logo.webp"
etag: "630f1da0-749f"
expires: Thu, 09 Feb 2023 23:55:26 GMT
last-modified: Wed, 31 Aug 2022 08:36:48 GMT
vary: Accept
cf-cache-status: HIT
age: 423911
accept-ranges: bytes
server: cloudflare
cf-ray: 795bfd24bc78b529-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/promo-text.png
200 OK 20 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/promo-text.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 31f9984a6ea4ab039d1ca2be44c40c51
fb0c9dd75d1362fa410877e485ec85c544516cfc
4ee9e1556bae45b29055f28591dc50d54943144a25377eb9ad73cc4b108ff9f6
GET /crab/startscreen/promo-text.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:34 GMT
content-type: image/webp
content-length: 20300
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=21490
content-disposition: inline; filename="promo-text.webp"
etag: "630f1da0-53f2"
expires: Thu, 09 Feb 2023 23:55:18 GMT
last-modified: Wed, 31 Aug 2022 08:36:48 GMT
vary: Accept
cf-cache-status: HIT
age: 423911
accept-ranges: bytes
server: cloudflare
cf-ray: 795bfd24cc91b529-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
200 OK 152 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__single_ball.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 152 kB (151608 bytes)
Hash dc8b0375858d38a5a251333a48e60709
1cbf60c6695c7fe37e90ec49c4ad50ff6fa744f7
60136a4825a2602ae8862ef79ac8d103bc069c507ea76a5699233e249fce82ea
GET /crab/backgrounds/start-screen-desktop__single_ball.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:34 GMT
content-type: image/jpeg
content-length: 151608
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origSize=154594, status=webp_bigger
etag: "623b0046-25be2"
expires: Thu, 26 Jan 2023 05:04:28 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
cf-cache-status: HIT
age: 335818
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 795bfd24cc90b529-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
200 OK 34 kB URL HTTP/2 joxi.imgsrcdata.com/crab/startscreen/bonus-crab-logo.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash db1d31533283422abf8460024b0fa333
12951c08fcc92366278ce2a006f5f257ed9d6f02
b3894f9a38d87b7cb97a3c72744b34540e2d7d1dce7b65ca0e4281eae643f05d
GET /crab/startscreen/bonus-crab-logo.png HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:34 GMT
content-type: image/webp
content-length: 33602
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35463
content-disposition: inline; filename="bonus-crab-logo.webp"
etag: "630f1d9d-8a87"
expires: Fri, 10 Feb 2023 01:06:10 GMT
last-modified: Wed, 31 Aug 2022 08:36:45 GMT
vary: Accept
cf-cache-status: HIT
age: 423911
accept-ranges: bytes
server: cloudflare
cf-ray: 795bfd24dca0b529-OSL
X-Firefox-Spdy: h2
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
200 OK 125 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__animals.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 125 kB (124920 bytes)
Hash 6d37ce026529f6dbc461f0a9e779ed52
ee72985a64bfbbe9259d251148d3b6636cf7c948
370323d75ec8339ce5c5e7bdc8dce370701bb98adc28c180b176fca76a40afd3
GET /crab/backgrounds/start-screen-desktop__animals.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:34 GMT
content-type: image/webp
content-length: 124920
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=152171
content-disposition: inline; filename="start-screen-desktop__animals.webp"
etag: "623b0046-2526b"
expires: Thu, 26 Jan 2023 03:26:04 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
vary: Accept
cf-cache-status: HIT
age: 1869045
accept-ranges: bytes
server: cloudflare
cf-ray: 795bfd24dc9fb529-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 0b9ad574117ed1ec25281ac21316c080
9a39bd9dd29d7b2b21e43974ed11101e611116e1
2c15b75249430e499a69dc5ad0c314aa7e7d0a137f9a3c5bb6afc7cece8bda01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4600
Cache-Control: max-age=97972
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Etag: "63e1080e-116"
Expires: Wed, 08 Feb 2023 15:17:26 GMT
Last-Modified: Mon, 06 Feb 2023 14:00:46 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 278
region1.analytics.google.com/g/collect?v=2&tid=G-XF54YG8FKL>m=45je3210&_p=157349970&_gaz=1&cid=340169107.1675771524&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675771523&sct=1&seg=0&dl=https%3A%2F%2Frabona.com%2Fit%2F%3Fbtag%3D664926_E14B9769E0AF437E8D6BEEC65996A43E%26clickid%3Dw5rcdnn1kk4g54fm24ldvmc2%26MSID%3D2059239%26BID%3D6641&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-XF54YG8FKL>m=45je3210&_p=157349970&_gaz=1&cid=340169107.1675771524&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675771523&sct=1&seg=0&dl=https%3A%2F%2Frabona.com%2Fit%2F%3Fbtag%3D664926_E14B9769E0AF437E8D6BEEC65996A43E%26clickid%3Dw5rcdnn1kk4g54fm24ldvmc2%26MSID%3D2059239%26BID%3D6641&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-XF54YG8FKL>m=45je3210&_p=157349970&_gaz=1&cid=340169107.1675771524&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675771523&sct=1&seg=0&dl=https%3A%2F%2Frabona.com%2Fit%2F%3Fbtag%3D664926_E14B9769E0AF437E8D6BEEC65996A43E%26clickid%3Dw5rcdnn1kk4g54fm24ldvmc2%26MSID%3D2059239%26BID%3D6641&dt=&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rabona.com
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rabona.com
date: Tue, 07 Feb 2023 12:04:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash afe7db92a730b1a76bed3113f60da924
531e2ba6a5907332e9e77fdcc2d88da9adb5f703
04534a7ebb8a6583102a0a532496c38d09b744572f1d01a5da952ff4a2b9825f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
200 OK 150 kB URL HTTP/2 joxi.imgsrcdata.com/crab/backgrounds/start-screen-desktop__balls.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1080, components 3\012- data
Size 150 kB (150149 bytes)
Hash 1292a0631ae7d8704f8ca13b149fb57c
c98f5a6566a16a6eac69cc24fa12dbe3eb6e9b8f
02c32655984641c0f36fde93be7d8bf9c83ab69211f8ebf5e0ae94c2c7ddca8a
GET /crab/backgrounds/start-screen-desktop__balls.jpg HTTP/1.1
Host: joxi.imgsrcdata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:34 GMT
content-type: image/jpeg
content-length: 150149
cache-control: max-age=1209600
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "623b0046-24a85"
expires: Sun, 05 Feb 2023 04:43:39 GMT
last-modified: Wed, 23 Mar 2022 11:11:02 GMT
cf-cache-status: HIT
age: 589866
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 795bfd250ceeb529-OSL
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-XF54YG8FKL&cid=340169107.1675771524>m=45je3210&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-XF54YG8FKL&cid=340169107.1675771524>m=45je3210&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-XF54YG8FKL&cid=340169107.1675771524>m=45je3210&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rabona.com
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rabona.com
date: Tue, 07 Feb 2023 12:04:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ChnUowLIEvLV3Tt7IVfqG3iORyo4_rv1p-0_XBIOL45VoIOGhCToXA==
age: 341668
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=aeac8351d5c346986dd0a94ccd11ef15059dbfb8ffb50dcca583397eb60b91d1&ttl=&rurl=https%3A%2F%2Frabona.com%2Fit%2F%3Fbtag%3D664926_E14B9769E0AF437E8D6BEEC65996A43E%26clickid%3Dw5rcdnn1kk4g54fm24ldvmc2%26MSID%3D2059239%26BID%3D6641%23popup-reg
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=aeac8351d5c346986dd0a94ccd11ef15059dbfb8ffb50dcca583397eb60b91d1&ttl=&rurl=https%3A%2F%2Frabona.com%2Fit%2F%3Fbtag%3D664926_E14B9769E0AF437E8D6BEEC65996A43E%26clickid%3Dw5rcdnn1kk4g54fm24ldvmc2%26MSID%3D2059239%26BID%3D6641%23popup-reg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=aeac8351d5c346986dd0a94ccd11ef15059dbfb8ffb50dcca583397eb60b91d1&ttl=&rurl=https%3A%2F%2Frabona.com%2Fit%2F%3Fbtag%3D664926_E14B9769E0AF437E8D6BEEC65996A43E%26clickid%3Dw5rcdnn1kk4g54fm24ldvmc2%26MSID%3D2059239%26BID%3D6641%23popup-reg HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 12:04:34 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b3891a3cb7cc4feba4fd06f46d04630c; expires=Wed, 07 Feb 2024 12:04:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash b290b9265cacca740c7a8d31bd00ebc6
fc1b0ddb7d20f33312d0b8eee2f586617dfe19ae
ba8e4070932f96fd81dee29c00d030001d01507074603c6b49cc626e4f6d198b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4248
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Last-Modified: Tue, 07 Feb 2023 10:53:46 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash afe7db92a730b1a76bed3113f60da924
531e2ba6a5907332e9e77fdcc2d88da9adb5f703
04534a7ebb8a6583102a0a532496c38d09b744572f1d01a5da952ff4a2b9825f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.zdassets.com/ekr/snippet.js?key=c54c017f-f217-47f5-a438-508cd2694b71
200 OK 22 kB URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=c54c017f-f217-47f5-a438-508cd2694b71
IP
File type ASCII text, with very long lines (23416), with no line terminators
Hash cff25bc30bbb8a84fef181b8858050e3
3c1d885babad00d2e3cf78fdb545370cd203af54
2875723d36256914ab5ada3cbc8c03fcfe84fd3580a9c73fd47eacbbb02fc92a
GET /ekr/snippet.js?key=c54c017f-f217-47f5-a438-508cd2694b71 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:34 GMT
content-type: application/javascript
x-amz-id-2: VYKORFZEK8ncQjbBiiAK6oiTYdRdkzwPfaxRM/jinB20cI8N0LqXAF6x6uRMZJVhRKA1YH5Ltb2qBhbqYLdq5g==
x-amz-request-id: EBZ4ZRD66V3TGNXR
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 10
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2F%2Fkk4WY8egEpVmOuHwZTVp7pkrn8yYOkfXlddYwQgHQjcBMS7bWXLL4P7grAg7tV1Ar1C%2F7%2FMBIvGWKC9OR9glliAG3HvgKITwmiFhWBG1%2BulT%2BSJ7rhYL1CslH%2F%2BcSwygH498%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 795bfd25ae5eb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed:300,400,400i,700&display=swap
200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed:300,400,400i,700&display=swap
IP
Hash 770f8d8d1ba0c885ab3b988d9a9c47c8
e2b8644acfa9051176cac374aef747ec4a675899
1bd2b83e87005181884b7cd5b2c43418bb2d6a72d5c9cc17ef62b83b87d9280a
GET /css?family=Roboto+Condensed:300,400,400i,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 12:04:33 GMT
date: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
200 OK 1.8 kB IP
Hash e23a75c4927d0f97ccdddded34464ec1
3531c89a3037dd7e05e616e974b13be80c7e1420
ade9e89c2e23e46992c1c876ad2eec6fe8fdbc67810329fca90ac6176c6070be
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 12:04:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 06 Feb 2023 21:40:51 GMT
Expires: Tue, 07 Feb 2023 21:40:51 GMT
ETag: "3531c89a3037dd7e05e616e974b13be80c7e1420"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
Hash 06a99e3245ff2a52dfed85373880f4db
6c7a5e1de7c3e5408bf9586b394ea00e7ad37f27
6accd169bf2e3ac9d934c44180071caf7d12580cadee6d0c96e1f99062455571
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rabona.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 16:02:58 GMT
expires: Mon, 05 Feb 2024 16:02:58 GMT
cache-control: public, max-age=31536000
age: 158496
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
IP
Hash 125501fdf34434f4e71f30a08d957266
bcca0d2cfd9bf824bbb1322719a09a0a2b6c1b1d
65cd536248f66abbe6769d1644ed7c030f4267b764db942e82b1e0acd98c6fb2
GET /s/robotocondensed/v25/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rabona.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 09:39:06 GMT
expires: Sat, 03 Feb 2024 09:39:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:55:05 GMT
content-type: font/woff2
age: 354328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
200 OK 19 B URL HTTP/1.1 logs-01.loggly.com/inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash b5efa112ce475f8bf73086a68521ea2e
4c4e7a9e8feb3e4595b4baf2db4466df001afa61
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
POST /inputs/debbc84e-6972-4a5b-b44d-b1c38acfc61b/tag/crab-sdk-logger HTTP/1.1
Host: logs-01.loggly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 358
Origin: https://rabona.com
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 12:04:35 GMT
Content-Type: text/html
Content-Length: 19
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
zz.connextra.com/Rabona/dcs/tagController/tagData/a63e00208e85
200 OK 6.9 kB URL HTTP/2 zz.connextra.com/Rabona/dcs/tagController/tagData/a63e00208e85
IP
Hash b0d05470a52263413f82a91ec5603ef3
2f3e81554d042493caf72cc54e32803498cabc9d
9906c5577b3cf7f5c19be21d3d6c3f641af56761eeefdfbf07d9b4c44a1dd937
POST /Rabona/dcs/tagController/tagData/a63e00208e85 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 43
Origin: https://rabona.com
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-origin: https://rabona.com
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Tue, 07 Feb 2023 12:04:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 07 Feb 2023 12:04:35 GMT
content-length: 20
set-cookie: CxtId=893073b3-d0fa-447e-ade7-22e2e216dc7b; Domain=.connextra.com; Expires=Thu, 06-Feb-2025 12:04:35 GMT; Path=/; Secure
Rabona=P%7Clandingpage%7C1%7C202302071204; Domain=.connextra.com; Expires=Wed, 07-Feb-2024 12:04:35 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel.mathtag.com/event/js?mt_id=1608151&mt_adid=257132&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
200 OK 1.9 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1608151&mt_adid=257132&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP
Hash 045a2ef6db60a57103538a447e298481
dbde6d123bf2a5ccb941a95e702affd982200c37
7e069babf045af7f5d2c537e557ec63069a3bdab3ae24248ae960ccd067b65c0
GET /event/js?mt_id=1608151&mt_adid=257132&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1439
Access-Control-Allow-Origin: *
Server: MT3 441 9053ffc master ord-pixel-x53 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Tue, 07 Feb 2023 12:04:34 GMT
Date: Tue, 07 Feb 2023 12:04:35 GMT
Connection: keep-alive
Set-Cookie: uuid=e1a463e2-3e54-4f00-b4ec-97e3bc4acb59; domain=.mathtag.com; path=/; expires=Wed, 06-Mar-2024 12:04:36 GMT; SameSite=None; Secure
ocsp.digicert.com/
200 OK 8.6 kB IP
Hash 6103656e222f1ee685aaea60af1167ba
230c5c54552ea95460eef7f640f3550c0d408699
bd694a37575f3d4992b87257d6ab67103e105f9668a0c284d1526f1e18b4574c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6492
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:36 GMT
Last-Modified: Tue, 07 Feb 2023 10:16:24 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Tue, 07 Feb 2023 12:04:36 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 441 9053ffc master cdg-pixel-x27 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=424563e2-3e54-4d00-b9db-a67291a5b121; domain=.mathtag.com; path=/; expires=Wed, 06-Mar-2024 12:04:36 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/424563e2-3e54-4d00-b9db-a67291a5b121
Expires: Tue, 07 Feb 2023 12:04:35 GMT
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 07 Feb 2023 12:04:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 93b1e690-03cb-4d9b-97f6-7dfe88cdfe4e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/seg?add=31192071&t=2
307 Redirection 8.3 kB URL HTTP/1.1 secure.adnxs.com/seg?add=31192071&t=2
IP
Hash a5b97baec464f2668de8add5b10640c1
03bd45ac2e973e7eda2b0289841cae1a1ec587a4
03c0858e4b6d0bf2bdf86b775eec23556355441b080328f56dfcc88b9389f313
GET /seg?add=31192071&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 07 Feb 2023 12:04:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31192071%26t%3D2
AN-X-Request-Uuid: d49e1bca-f598-4bf3-a1bc-16d6294de757
Set-Cookie: uuid2=6766629915062014829; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 08-May-2023 12:04:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 2dc9b41302a3015664d6727009c18e7d
0586ece9a82df5d538fd6c8b1db98fc7890ca720
280e115b1c43b4d24757f25bff49128a2f086e16c0df7a49285d49771b31f845
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 12:04:36 GMT
Last-Modified: Tue, 07 Feb 2023 11:24:53 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XDILXpPo-ZOdO_s2IH7zY9wqA52YZUe4Qfwq5YkiMKgvmoVqvf_2nQ==
Age: 2383
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ec8d5b108e0860127a0e8540a9d5c4be
245d349b091cbea8c3178d95f1be96ca375fa4c3
9e8503368745b817626ea323186bd180981629332007f3349d89ba278b95de38
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 12:04:36 GMT
Last-Modified: Tue, 07 Feb 2023 10:32:03 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: neQEn-3w-zv-EIcZe0U8LkbZb1bnr2DRbjm4NjcXELxkoEAsvOjaEA==
Age: 5553
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1788&value=
303 See Other 909 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1788&value=
IP
File type Applesoft BASIC program data, first line number 92\012- data
Hash 958b9ff4174942d4bf947176a356c344
a7cbf191d2e41df239cf8a8801e2123cd0196b29
ae3d293ac96a86ac874306f73257f70e6e07d3d6226f138bd43af9f976d57fc4
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1788&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 07 Feb 2023 12:04:36 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1788&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 07 Feb 2023 12:14:36 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports
303 See Other 8.9 kB URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP
Hash 48b5a318d5bb594365bd48c39e493f67
269e354c5910e23767b1e9e5cb5f1161aad35789
96153d98ec9372753c0f361a755d27eb463e072ba1b4d47f21860a1c5bc4c794
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 07 Feb 2023 12:04:36 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 07 Feb 2023 12:14:36 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
pixel.mathtag.com/sync/iframe?mt_uuid=e1a463e2-3e54-4f00-b4ec-97e3bc4acb59&no_iframe=1&mt_adid=257132&source=mathtag
200 OK 677 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=e1a463e2-3e54-4f00-b4ec-97e3bc4acb59&no_iframe=1&mt_adid=257132&source=mathtag
IP
File type HTML document text\012- HTML document, ASCII text
Hash d40dcbee218af49abbd15f61f5da0ffd
e3ec85d9073fa1cc0be1fed18344a6d4a2076e9d
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
GET /sync/iframe?mt_uuid=e1a463e2-3e54-4f00-b4ec-97e3bc4acb59&no_iframe=1&mt_adid=257132&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 677
Access-Control-Allow-Origin: *
Server: MT3 441 9053ffc master iad-pixel-x13 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Tue, 07 Feb 2023 12:04:35 GMT
Date: Tue, 07 Feb 2023 12:04:36 GMT
Connection: keep-alive
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31192071%26t%3D2
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31192071%26t%3D2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D31192071%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rabona.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 07 Feb 2023 12:04:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: d5a251c1-fec5-40e5-8d4a-14b7e57cebdc
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVIpNZi5!]tbP6j2F-XstGt!@DZ8$hMd); SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 08-May-2023 12:04:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
vc.hotjar.io/sessions/2145302?s=0.25&r=0.24609623274649373
204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/2145302?s=0.25&r=0.24609623274649373
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/2145302?s=0.25&r=0.24609623274649373 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rabona.com
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Tue, 07 Feb 2023 12:04:36 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TuilV0nJU9bB2xObhaI5_eu526as-xaAbkBSfv0C0-SoZWSWeZDbxQ==
X-Firefox-Spdy: h2
zz.connextra.com/sync/data/uid/6c883bd680/424563e2-3e54-4d00-b9db-a67291a5b121
200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/424563e2-3e54-4d00-b9db-a67291a5b121
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/6c883bd680/424563e2-3e54-4d00-b9db-a67291a5b121 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rabona.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Tue, 07 Feb 2023 12:04:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 07 Feb 2023 12:04:36 GMT
content-length: 64
set-cookie: CxtId=fc750a17-2eb7-4807-af93-a5ac6a882f19; Domain=.connextra.com; Expires=Wed, 07-Feb-2024 12:04:36 GMT; Path=/; Secure
ex_uuid=6c883bd680%2C424563e2-3e54-4d00-b9db-a67291a5b121; Domain=.connextra.com; Expires=Wed, 07-Feb-2024 12:04:36 GMT; Path=/; Secure
X-Firefox-Spdy: h2
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1788&value=&_bee_ppp=1
200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1788&value=&_bee_ppp=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1788&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rabona.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 07 Feb 2023 12:04:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rabona.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 07 Feb 2023 12:04:36 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 441 9053ffc master iad-pixel-x16 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Tue, 07 Feb 2023 12:04:36 GMT
Date: Tue, 07 Feb 2023 12:04:37 GMT
Connection: keep-alive
Set-Cookie: uuid=247c63e2-3e55-4400-9a4f-26c369aa9d7b; domain=.mathtag.com; path=/; expires=Wed, 06-Mar-2024 12:04:37 GMT; SameSite=None; Secure
zz.connextra.com/sync/data/uid/508a5e2dd5/
200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/508a5e2dd5/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rabona.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
expires: Tue, 07 Feb 2023 12:04:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 07 Feb 2023 12:04:37 GMT
content-length: 64
set-cookie: CxtId=cda3938a-872b-4f45-b19b-ac71439b0ce4; Domain=.connextra.com; Expires=Wed, 07-Feb-2024 12:04:37 GMT; Path=/; Secure
X-Firefox-Spdy: h2
rabona.com/socket/?lang=it&EIO=3&transport=websocket
101 Switching Protocols 20 kB URL HTTP/1.1 rabona.com/socket/?lang=it&EIO=3&transport=websocket
IP
ASN #209242 Cloudflare London, LLC
Hash 537300638bc39871fab6549a3bf7f1a6
b63190927686132f594671759fae7ad610c3da89
ceeff9cb9411d27ee7a16b1d61ed293f4f4c0c6496adb6e50c6d8c509dce67ba
GET /socket/?lang=it&EIO=3&transport=websocket HTTP/1.1
Host: rabona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://rabona.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KH2sqV8SqXh0WZ6Mvy78/A==
Connection: keep-alive, Upgrade
Cookie: _cf_reyid=fKj4xWG0Uqy8Pkm4dtqcgcsmVBLX6XFlnPj823bBY0kWwZPCi6jZyHhW+jQP7w1Y; data=69a8299bea2a521aa2d653ac9d85f264; _ga_XF54YG8FKL=GS1.1.1675771523.1.0.1675771524.59.0.0; _ga=GA1.2.340169107.1675771524; _gid=GA1.2.583348112.1675771524; _dc_gtm_UA-151907223-1=1; _hjSessionUser_2145302=eyJpZCI6Ijc2YmMxZjQ1LTA1ZTEtNWI3OC04OWMyLTY0YzY0N2U4M2IwNSIsImNyZWF0ZWQiOjE2NzU3NzE1MjQwNzAsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2145302=eyJpZCI6ImMzZTVkNTk5LThiNzktNDE0ZC05NGExLWI5MmUzYTY0ZGQ1YyIsImNyZWF0ZWQiOjE2NzU3NzE1MjYxMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 07 Feb 2023 12:04:37 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ui6dqQzHchL9UK8VE/o6WOtrZtI=
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795bfd356e6ab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.digicert.com/
200 OK 278 B IP
Hash ffbdc1db4ecd2ae1a2dc5df19c066127
c5348dd2106767c3bbac03cf4e58e55e1506702c
95ce75046b8cfaf397c1be48e84bf8c861884a5ac3b7d72f5ff100252f8d8a2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:04:37 GMT
Etag: "63e0df34-117"
Server: ECS (amb/6BA2)
Content-Length: 278
1112faac-822b-4135-a749-0cd834e376f7.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
200 OK 68 B URL HTTP/2 1112faac-822b-4135-a749-0cd834e376f7.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: 1112faac-822b-4135-a749-0cd834e376f7.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Wed, 11 Jan 2023 19:26:36 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: njwadZkcEsi44Yat77HPgXx_RKA5fGaO94Zt6NQMklmqxepwf_kUlA==
age: 2306282
X-Firefox-Spdy: h2
1112faac-822b-4135-a749-0cd834e376f7.snippet.antillephone.com/sealassets/df8b9dd93c4ac3000ed6796d0e8a8a10-rabona.com-edea40ffba5cac603746bd0143c8e8411d0becc6db4fecc9bfc06c65429f150619be5882a108cd58b459e8371ef4743a-c2VhbC5wbmc%3D?status=valid
200 OK 46 kB URL HTTP/2 1112faac-822b-4135-a749-0cd834e376f7.snippet.antillephone.com/sealassets/df8b9dd93c4ac3000ed6796d0e8a8a10-rabona.com-edea40ffba5cac603746bd0143c8e8411d0becc6db4fecc9bfc06c65429f150619be5882a108cd58b459e8371ef4743a-c2VhbC5wbmc%3D?status=valid
IP
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 375b5b5bcd1d5179f5b789e4c28ca6df
f52bfd097b13f83fa43714f59786efa4082f55a1
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
GET /sealassets/df8b9dd93c4ac3000ed6796d0e8a8a10-rabona.com-edea40ffba5cac603746bd0143c8e8411d0becc6db4fecc9bfc06c65429f150619be5882a108cd58b459e8371ef4743a-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: 1112faac-822b-4135-a749-0cd834e376f7.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 46382
date: Tue, 07 Feb 2023 12:04:37 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795bfd369b0b39e8-FRA
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XP8kdL2vnaQnUI5cE4KUqBemgWEDbQ5Xf9j7crdcOwpjQs8DbdbO9Q==
X-Firefox-Spdy: h2
rabonasupport.zendesk.com/embeddable/config
200 OK 406 B URL HTTP/2 rabonasupport.zendesk.com/embeddable/config
IP
File type JSON data\012- , ASCII text, with very long lines (715), with no line terminators
Hash 91659507bf9e5706c6f14aa78af997e7
df146e316e5683a21a974d2fc1e7324fd33ec661
0ebdd1d719dbcf5bc28603100445df5708fb637cbb1c958eb74143a69f458bce
GET /embeddable/config HTTP/1.1
Host: rabonasupport.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rabona.com/
Origin: https://rabona.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-56d68c947b-6hjst
x-request-id: 795bfd367a41b527-ARN
x-runtime: 0.001808
vary: Origin, Accept-Encoding
x-cached: MISS
last-modified: Tue, 07 Feb 2023 12:00:58 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiShAPcRH9wyRLUKkcPlXtU99OsTZCdZgUrUkq5677UqK08KNPbqVfRjbohbehLIfhEVNl9Ja7n5ezsVjCFFIXchRB6uRitGKq9s%2FxpRPnHF0WyPmYgMxzcx2RmZq97VYSUOoHwTVSBuj4w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=cb1c4ecf7233cc76863b8a523fa1837225c402c5-1675771477; path=/; domain=.rabonasupport.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 795bfd367a41b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-8a6a509.js
200 OK 6.0 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-8a6a509.js
IP
File type Unicode text, UTF-8 text, with very long lines (25838), with no line terminators
Hash 3caab0ad30889892ba6ea5f794712095
6f62e8d82bcf2bd2f0a8db0e58915ce1eb1cbc2a
a2775cd2b8e7c9d25651a8f6d422f8b28775c2b1fb842cc9589195e71156f41b
GET /web_widget/latest/classic/web-widget-locales/classic/en-us-json-8a6a509.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:37 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: JyXQMFAIApPwmax3o9Ie/7KnsTohFErpavYJockVLQQ3LA0xUf3xUBTLCRL9PglxL0wAjOh+WEQ=
x-amz-request-id: WYQB6MYMEHNG1NQX
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Feb 2023 04:40:43 GMT
etag: W/"89b68f56c96d15075b04b0ea633eabf1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 04:40:42 GMT
x-amz-version-id: cqMx6mePo_.KI9mJ_ZskmLWluAmdthB9
cf-cache-status: HIT
age: 105127
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKcwHQu64Yt9Kqx9FsamtgUV5ewAP4yeKwnYdSWNV6PXflHAiotaL2XnlX%2BblQMDVHm3INjisQULqyHtgFeD9AJhkbQWxhCwa99IgkCMTc3aDlTY%2BQ4HBDNdxicPUU%2FYdBxizfs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 795bfd39596cb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-8a6a509.js
200 OK 52 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-8a6a509.js
IP
File type ASCII text, with very long lines (65307)
Hash f63f34d389e52a8fefc27db549cf00c3
77b197c920a8e44681c51fe7e3dd2f5d58a7db4d
ee9ec6646a89ad5993d5e0362ef291a07330a6106e10347a3da77d377eaff76a
GET /web_widget/latest/classic/web-widget-chat-sdk-8a6a509.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: H/SI0O3MCHA2NdumLOJwajxGBQ+AGMtNyE9ZZcrMVjkN9Efp1RF3oszIVSwbTV3+bWaH4IXspVI=
x-amz-request-id: W4FV6JZ749QHQF0F
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Feb 2023 04:40:42 GMT
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 04:40:41 GMT
x-amz-version-id: 8FT3f3PK2d.E1qtgTkMBYvZiIjwdVgHk
cf-cache-status: HIT
age: 105128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8M6ytGrNFOYVH7Eu%2Fgq3CDU5FILLbjxxVzmlYZi0x6VdgLrfU06UXFqhtMPkwwg3DMuqpbHRgL244%2Fyd6S0dUH1qsNyywF1TnKn8arSVQbduNqFAaYSq%2FW2oeq%2BRwiz%2FA4iIJNg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 795bfd39c9e9b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3
206 Partial Content 20 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3
IP
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Hash f11ce9e8f40a392830217253fe75d6de
89ba57fcc360da34756c127acba15a8b23267fc6
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
GET /web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 07 Feb 2023 12:04:39 GMT
content-type: audio/mpeg; charset=utf-8
content-length: 19698
x-amz-id-2: g87hI3qvp6u/eYrvF5ekvnlnd/ZKIURFxO017tHaVZdhHodAb1MX6TjMAHxlaiIHpETLXLY/I+c=
x-amz-request-id: X429XSBWRFS5FTSC
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Mar 2022 06:43:05 GMT
etag: "f11ce9e8f40a392830217253fe75d6de"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 09 Mar 2023 06:43:04 GMT
x-amz-version-id: ngeCnQamEcRo6kgSgz9pTF5J7hCEPwJW
cf-cache-status: HIT
age: 2739048
content-range: bytes 0-19697/19698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=do8uVi%2Fb9n%2FhaXpM43cvaKkoRx27X0G1WJmrtO0Jzz6QZGoPQ9%2BE3I0h7NJXHuD%2BNApJdTqqM2QINDlGoB7eJIyqFxWcvUyoulZ82Y6BVRAJJcry4O%2FiT13mGUkivUf9w1LEh3E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 795bfd451a58b51e-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-8165-8a6a509.js
200 OK 194 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-8165-8a6a509.js
IP
File type ASCII text, with very long lines (65307)
Size 194 kB (194095 bytes)
Hash 79674a810b16d6f2ad77545b99c4b585
670810d89557d4af18ed3a0d47cfc88f1ce5fdba
3e55ad831fb2cad1fc3f758fa15b9ff33ee0e62a9067f28d3d1d2933ade578e7
GET /web_widget/latest/classic/web-widget-8165-8a6a509.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:37 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: lxOrAmvQiKM1F2EiPkzKL4OzRj5uoHkxJNsPMpw3XzL8LftWty26J0GiBffbXzZJ2b6tH9ExJrw=
x-amz-request-id: WYQ4XEV8W8HGCR76
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Feb 2023 04:40:42 GMT
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 04:40:41 GMT
x-amz-version-id: d8_vAjXcrHUlgQmyJ_IKv1tU7fPJQy7c
cf-cache-status: HIT
age: 105128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiSHSigV6uHj4HeB0TmIRwsudscyKqQQroRBAwCzZ1eZW3sEZk0n9icVBoB%2BOfo5EfLqUPOdrRSa6vKdOnrrEquucjbD%2B7fCMjsYU8IzGw19P21CAYIYspPFYVlg8e4MqrjLOU4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 795bfd375e52b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@500;700;800;900&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@500;700;800;900&display=swap
IP
GET /css2?family=Montserrat:wght@500;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 12:04:33 GMT
date: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Jost:wght@800&display=swap
IP
GET /css2?family=Jost:wght@800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 12:04:33 GMT
date: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@500;600;800;900&display=swap
IP
GET /css2?family=Montserrat:wght@500;600;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 12:04:33 GMT
date: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2145302.js?sv=6
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2145302.js?sv=6
IP
GET /c/hotjar-2145302.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 12:03:49 GMT
cache-control: max-age=60
etag: W/3a76463d462c4683c22bbfb0bbdd1079
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IPhks-fNEMI-9K42quCu0_6TBnEraQr-GNtvFs8QXWOl6Z5tJ1d75w==
age: 46
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Skranji:wght@700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Skranji:wght@700&display=swap
IP
GET /css2?family=Skranji:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 12:04:33 GMT
date: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb2integration-altenar2.biahosted.com/api/Integration/rabona?build=1675754763331
200 OK 0 B URL HTTP/2 sb2integration-altenar2.biahosted.com/api/Integration/rabona?build=1675754763331
IP
GET /api/Integration/rabona?build=1675754763331 HTTP/1.1
Host: sb2integration-altenar2.biahosted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:33 GMT
content-type: text/plain; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795bfd1e6ac70b39-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/web-widget-framework-4d3f4cd196c41eafe101.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/web-widget-framework-4d3f4cd196c41eafe101.js
IP
GET /web_widget/latest/web-widget-framework-4d3f4cd196c41eafe101.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:37 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: LZ6W7uflFb12PAk3+SegA3iWKVmuv+Lnqdw1wCnSTyvDyI9ME2pn7Td1aVKGe5wPxgZkpnZBK/8=
x-amz-request-id: WYQ5X79NETTR3Q53
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Feb 2023 04:37:59 GMT
etag: W/"c6e13551db1de5565b0fefbb38353422"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 04:37:58 GMT
x-amz-version-id: aoc92yrT5ZEGLTS2Qgzm.R9bUBtGWfYc
cf-cache-status: HIT
age: 105128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRLoxloNMZyMzgFi0dTDHTY2%2BS9%2FAJCCYira9VG263T2%2FbMhsB4FMVS4Xhr8V5DG%2BaQ2xRrc2ERZLbu1ea1pAjzq8rRLPiUcOAnsiBuzLvI1D5nhrbU36m%2FL8aO9lp5b7IE3%2FGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 795bfd338935b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
rabona.com/it/?btag=664926_E14B9769E0AF437E8D6BEEC65996A43E&clickid=w5rcdnn1kk4g54fm24ldvmc2&MSID=2059239&BID=6641
200 OK 0 B URL HTTP/2 rabona.com/it/?btag=664926_E14B9769E0AF437E8D6BEEC65996A43E&clickid=w5rcdnn1kk4g54fm24ldvmc2&MSID=2059239&BID=6641
IP
ASN #209242 Cloudflare London, LLC
GET /it/?btag=664926_E14B9769E0AF437E8D6BEEC65996A43E&clickid=w5rcdnn1kk4g54fm24ldvmc2&MSID=2059239&BID=6641 HTTP/1.1
Host: rabona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:32 GMT
content-type: text/html
cf-ray: 795bfd1918120b59-OSL
last-modified: Tue, 07 Feb 2023 11:51:23 GMT
set-cookie: _cf_reyid=fKj4xWG0Uqy8Pkm4dtqcgcsmVBLX6XFlnPj823bBY0kWwZPCi6jZyHhW+jQP7w1Y
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: null, Accept-Encoding
cf-cache-status: DYNAMIC
cf-ttl: 1675771532963
content-security-policy: frame-ancestors 'self' rabona.com m.rabona.com
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ekr.zdassets.com/compose/c54c017f-f217-47f5-a438-508cd2694b71
200 OK 0 B URL HTTP/2 ekr.zdassets.com/compose/c54c017f-f217-47f5-a438-508cd2694b71
IP
GET /compose/c54c017f-f217-47f5-a438-508cd2694b71 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rabona.com
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:36 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"4db172c43741bf6cb55e23d37f2d6347"
x-request-id: 795201f15fdad98d-SEA, 795201f15fdad98d-SEA
x-runtime: 0.002106
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9opzWlQ7rDRAYN1IzCB2N5et%2FBWhq%2BXXEgV2IGiA1aJOztTVduk0BjU89F4cnhKrCGhyAImMegN3JI1y28tOATNOAe4NLRA8kQR9SdAK7kxl4kH4ijxh%2Fb3rnNAfzamevC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 795bfd3019f5b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-classic-8a6a509.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-classic-8a6a509.js
IP
GET /web_widget/latest/classic/web-widget-classic-8a6a509.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:37 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 9sgxbFo4s920gUx0lzbv4KbDW2IVU0cLwGh8IFjs7s7L5FPd7PzLieIsHsmH/JHFmsAGuln4RFA=
x-amz-request-id: WYQFMYQF8NSM0X1E
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Feb 2023 04:40:42 GMT
etag: W/"8713cc1ea67a213b3368c62c47f3af36"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 04:40:41 GMT
x-amz-version-id: NnT5jEA2g14n4aK1JcBhR7IHnWIF5WDd
cf-cache-status: HIT
age: 105128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9F3ZSi39N8Lku2qpWn9NMrOdMovMuj6dm8RSVZ1Im1r829XO1g3ojOA1fjh%2FFFeKF82Y%2Fiz1n6Meea1hPmcXbZZ4%2BfncSZWMVyDmts%2FwtU8eKQc5eO%2FC0p%2Bua3dbj9uXi57PFq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 795bfd371df2b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-5324-8a6a509.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-5324-8a6a509.js
IP
GET /web_widget/latest/classic/web-widget-5324-8a6a509.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:37 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: WmtRR1189mXDJMkJjDGUCORgQdiD9PF7D5bFRVs+4FCoO4u+YIN8yee6R45C2mBooS8PicWASwE=
x-amz-request-id: WYQ9XNV1H65RADD0
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Feb 2023 04:40:42 GMT
etag: W/"62b83d1cb2207b5e655a9fb36ca83fef"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 04:40:41 GMT
x-amz-version-id: Y8kjdnuuhMXQULKzbx3ZD_IvpELAImAJ
cf-cache-status: HIT
age: 105128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fagzXqAADptMsc3nndLcxIv6DSzq64Jft%2F4VHeiV5q%2BE0b30jw5Y39r%2FwrdEsasQD10S%2Fh1haSaMaVwDzNNH0MtfqCN2jr0cX8KxFKBIJUrNXwChH4AKdt9VOFscH90be0wpqrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 795bfd375e55b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.seondf.com/js/v4/agent.js
200 OK 0 B URL HTTP/2 cdn.seondf.com/js/v4/agent.js
IP
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seondf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:04:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
cache-control: max-age=14400
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r3vBq8zJ-CY-NYQu_l7H4C5pSplwPeCF8zFIyJyqVW6saqZZag2g2w==
cf-cache-status: HIT
age: 760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5IXiedXtQ1zr5nN7aNXuG%2FqfhZXXnmOp%2FYDd0MlTLtMlegMimRuy8Y%2B4aU8kSZm5SfaFQo%2FbItf7AopTeV5f8hvj6jSBlDNMIJFdZ7qW1pTBb%2BFfunZfS5ImRZPocFG0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795bfd1b6ce21c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Pacifico&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Pacifico&display=swap
IP
GET /css2?family=Pacifico&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rabona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 12:04:33 GMT
date: Tue, 07 Feb 2023 12:04:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
18.193.209.105
93.184.220.29
216.58.211.4
23.36.77.32
45.8.106.46
104.18.72.113
52.48.182.47
188.114.96.1
37.157.3.28