Report - ss.redirectsstm.click/go/22d57c99-2f2b-4409-9968-0c68fe2666c7

Report Overview

Submitted URL
ss.redirectsstm.click/go/22d57c99-2f2b-4409-9968-0c68fe2666c7
IP
3.70.16.242
ASN
#16509 AMAZON-02
Submitted
2022-09-20 16:11:04
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	104.18.32.68
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	681 B	139.45.195.8
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	51 kB	142.250.74.72
scripts.mediamathrdrt.com	273493	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	857 B	2.3 kB	172.64.166.38
encore.scdn.co	25928	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	970 B	175 kB	151.101.86.248
ss.redirectsstm.click	378400	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	2.8 kB	3.70.16.242
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	8.0 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
eu.can-get-so.me	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	527 B	338 B	157.90.33.78
pixel.quantserve.com	417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	972 B	459 B	91.228.74.208
eu.gotbstgifts.click	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	870 B	637 B	164.92.232.111
open.spotifycdn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	128 kB	151.101.86.249
apresolve.spotify.com	753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	816 B	831 B	34.98.74.57
i.scdn.co	1162	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	131 kB	151.101.86.248
secure.quantserve.com	973	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	11 kB	91.228.74.208
pxl.qccerttest.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	747 B	143.204.55.81
graphql.datocms.com	163121	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	971 B	2.2 kB	104.22.3.238
gew4-spclient.spotify.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.3 kB	35.186.224.17
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	93.184.220.29
media.megarushaffiliates.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	1.1 kB	23.36.79.9
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.240.207.158
www.megarush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	38 kB	1.5 MB	104.22.31.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	21 kB	142.250.74.174
megalotto-img.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	881 B	116 kB	172.64.149.99
open.spotify.com	3062	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	491 B	827 B	35.186.224.25
ungroudonchan.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	932 B	1.6 kB	139.45.197.238
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.3
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.5 kB	23.36.76.226
megalotto-static.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.5 MB	104.18.38.157
edge.fullstory.com	2769	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	64 kB	35.201.112.186
rs.fullstory.com	2455	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	417 B	35.186.194.58
7ktpj.bemobtrcks.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	885 B	1.2 kB	3.70.16.242
sentry.io	2743	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	556 B	404 B	35.188.42.15
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
d3mi6d1ao3fzsg.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	17 kB	54.230.245.231
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	70 kB	34.120.237.76
s2.adform.net	4693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	425 B	37.157.2.247
35.227.234.222	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	204 B	35.227.234.222
track.adform.net	3564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.3 kB	37.157.6.247

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-20	medium	ungroudonchan.com	Sinkholed
2022-09-20	medium	ungroudonchan.com	Sinkholed

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3	72 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3 IP 104.22.31.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 05767ea3358595f1121304133ca91186 9cc28d62d149415bc7708e7d4c65a0a679017c65 6c8e8873e5f00c38cae3d86f5fe172fe8d8192995d2b7180c9801bbf46d29c12 Loading...

	www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3	1.2 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3 IP 104.22.31.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 4b845dcbe67dcf2f08884d22e61ca993 d5df2c0e8e2e49aef3881c2331cc8c2a601d6667 8df185c955c3ece045fce2017142562a3d3b8c678176d86faeab2c8f5307c791 Loading...

	www.megarush.com/js/index.94a008e8.js	1.4 MB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/index.94a008e8.js IP 104.22.31.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:35:30 Last Seen2023-03-17 12:45:42 Times Seen1 Hash f00870c1f312d6ce57cd7201de92a418 c33eb3a71a78416d53cd8ba09b505e181aacf22a 7a5cb32a27e1b23ef27215c5960ea8364d85fea97b2d5b6dc96d98d7e947040f Loading...

	edge.fullstory.com/s/fs.js	251 kB	2023-03-07	2023-03-17
Pretty URL edge.fullstory.com/s/fs.js IP 35.201.112.186 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:50:46 Times Seen1 Hash f3e4c056a560d0a69450b1bcf8e21b7b 69e4e577d43b77da007f0bb0ca11d305ec907bc6 647c61b085ea098e8b5d6c0498c18e97bd9cc858ec3e6763cd16cb64d61c47f8 Loading...

	open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js	742 kB	2023-03-07	2023-03-17
Pretty URL open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:35:30 Last Seen2023-03-17 12:45:00 Times Seen1 Hash e2c1f7007e3e0736755c5d6a759b2169 276a669ea417934419a460db6babd4efc57ec3c1 adb439745c010da06612603d814f28d530f1563feafeb7900900b7a6341dedeb Loading...

	secure.quantserve.com/quant.js	27 kB	2023-03-07	2023-03-17
Pretty URL secure.quantserve.com/quant.js IP 91.228.74.208 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:49:11 Last Seen2023-03-17 12:55:49 Times Seen1 Hash 78ddecc5281a6afd31e701cbc4607581 91f15c2f3080ddccb4aaddcbaceeb6cfc462771b 34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745 Loading...

	track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=769974502578&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6F000105B5F4064B07D738EA957E8F3	385 B	2023-03-07	2023-03-07
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=769974502578&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6F000105B5F4064B07D738EA957E8F3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:51:25 Last Seen2023-03-07 21:51:25 Times Seen1 Hash 034cfeffb48135141c009e47783b1776 dce57cfc7824a83de4173f859877b2c152d34642 b640fa56e2fa03ff4f57447126f7d967ea9e7df4e48f7a705e72bd0512b55e35 Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1984186405&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D6F000105B5F4064B07D738EA957E8F3	729 B	2023-03-07	2023-03-07
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1984186405&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D6F000105B5F4064B07D738EA957E8F3 IP 37.157.6.247 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:51:25 Last Seen2023-03-07 21:51:25 Times Seen1 Hash f56fbf719b58369ba9d9bc2d54bc4c95 47db9996df19ccb5f6056ce5ddcc43d11b1d3fc0 006220d00afef475af7e8fb58b52bceb96fe59538b2bf06a4274ea3d3d085d6b Loading...

	www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3	373 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3 IP 104.22.31.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e94fe87cb0f9b191e8a2f2c0fa5e267a 3c2deb6b38f8cf76c90e2b6bd12161bccbc8ca9b 51c583bce95c19f63dcd7bc23d3cd1267ad6f710e77f1b946717d231c60dbc5f Loading...

	www.megarush.com/js/chunk-vendors.25e1a372.js	326 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/chunk-vendors.25e1a372.js IP 104.22.31.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 794d5dedcb45f2d9e25097986de4b2d8 a7e6eccff06fea3094cf113b276a0e8ca408eb8a f8063bd1bb6c5549795d3eea5d60aab8e94688fb1b67901a60d4ce921790b4fd Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K4GPX49	152 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K4GPX49 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:45:28 Last Seen2023-03-07 22:04:34 Times Seen1 Hash 1c3ec0187363f000297e10526979edce 608fce435187d3a5f82f529dafae6fa707ee2feb f8aaa16729a50fa7a0251f01c9245c84e9e786afe66bc75be47334b8b5b36664 Loading...

	s2.adform.net/banners/scripts/st/trackpoint-async.js	83 kB	2023-03-07	2024-04-11
Pretty URL s2.adform.net/banners/scripts/st/trackpoint-async.js IP 37.157.2.247 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-11 07:25:49 Times Seen5 Hash 552eeb5f0620fb6f56733d625b5e719e 4b82da5898c97f3db9b9311ab0109231f90cd6d8 ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3 Loading...

	scripts.mediamathrdrt.com/safeframe	173 B	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 172.64.166.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash ed2ee4ac79bc7af5967acee3f32c0b7c ce88dc9a9fb3501823b374291671d5016581a8de 975e4354b54fbad37d4342e331a35b41188179551e25da7bd06bda1d5649fb76 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 00:58:37 Times Seen37106855 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js	271 B	2023-03-07	2023-03-17
Pretty URL rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 34e255255d25312b08a2cc8566b5bf38 56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85 1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23 Loading...

	www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3	244 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3 IP 104.22.31.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 251b3c4f175a3557d020af7276e3a62c 78d8f5a1fc8fa63a6b05f87b13beb475f68d065a b681075422c11c3cf1edf3e9aac4a0ac48bbe5f5302eeb45f3f63a82e779fe24 Loading...

	www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3	70 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3 IP 104.22.31.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 29c52dd8b94963ce070a831157ff78e6 e49e51244fd219ff2191d75aadd3be4bbb8adf35 98a9253151b22574fe7f11829de0f8b5de1f2f5985295cdffe7a3d56fa3dc716 Loading...

	d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js	16 kB	2023-03-07	2023-03-17
Pretty URL d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js IP 54.230.245.231 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 9f2263de140cc78c0737d17051307016 0174dfe38c88f9e7043b002fb9131c7a71399d77 17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:24:16 Times Seen842 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	scripts.mediamathrdrt.com/scripts/b_megarush.js	805 B	2023-03-07	2024-03-29
Pretty URL scripts.mediamathrdrt.com/scripts/b_megarush.js IP 172.64.166.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2024-03-29 16:08:03 Times Seen301 Hash 515636fd468eb57dafca110b214b3161 2843400ad362c003c84b007091acd45c7ecf813f b89528e21d6f85cc11459c7b6ec733cb9f9775a351f6dda2597aa76eeca5b761 Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1984186405&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D6F000105B5F4064B07D738EA957E8F3	542 B	2023-03-07	2023-03-17
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1984186405&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D6F000105B5F4064B07D738EA957E8F3 IP 37.157.6.247 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 2ccd12d03fad8f3e6cecde40cdd802ba 28d041241344c759642b1788adcf27b0582c7e04 56430687824251353e667ff24b449b626c78df2e3b7da8d829dd1a49b5a2708c Loading...

	ungroudonchan.com/4/4598789?ymid=SHtSTKPVjpPNRjLbp9xKiH&var=074b5bba-80ab-4a33-86df-edbd736e35eb	660 B	2023-03-07	2023-03-07
Pretty URL ungroudonchan.com/4/4598789?ymid=SHtSTKPVjpPNRjLbp9xKiH&var=074b5bba-80ab-4a33-86df-edbd736e35eb IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:51:25 Last Seen2023-03-07 21:51:25 Times Seen1 Hash 7829bce249f7359c004bf6df3cb56aee 341f1940c567f8278c85a225c988f3f91ff19307 39cb8817fe27066bc3864ec749423d1fc44d8f06c7fb7e612df6738a33828ac4 Loading...

	www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3	68 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3 IP 104.22.31.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e239a24babf5dcada90d18e249730189 a03c92a556330ca1c9611eb6d488aacc7889df2e a1e90c45f22ab45026fe49d18aa82a55e295ec4efa4aaf16e3f04365567bc0e2 Loading...

	www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3	1.1 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3 IP 104.22.31.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 8d23e75026216948f6f5480cfec43614 19f79c45ee1364682a41bf32d9ed60000977c5e8 82cd2ac7e097cd8a40b29aacebcbdb07b414cf167a11c9c88af7e6733b712efc Loading...

	www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3	409 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3 IP 104.22.31.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 1975ca962a84729519ec67c01b3b24a6 343814a3878553f938081eaca8e1acd975420b9d 750dd2532ed69312546d95f623a804e030b3d2d2c1e167be87c746a8c6c0cf14 Loading...

	scripts.mediamathrdrt.com/safeframe	3.6 kB	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 172.64.166.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash 94ddf5c543e810ada88812cdb346392a a4414d0d384c7d405d8f23fcaf18ee61d8895cce 513a33d7b370a1a09ffe81463bd0575c9d697b21a4f97ef09d25543ddf3bd1b1 Loading...

HTTP Transactions (127)

URL IP Response Size

ss.redirectsstm.click/go/22d57c99-2f2b-4409-9968-0c68fe2666c7

3.70.16.242

302 Found

1.0 kB

URL HTTP/1.1
ss.redirectsstm.click/go/22d57c99-2f2b-4409-9968-0c68fe2666c7
IP
3.70.16.242:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (1038), with no line terminators
Size
1.0 kB (1038 bytes)
Hash
0eaf7da7e42f219ea5b21fbac6b61591
9b925c1a6ace55737fab016039d69d95afccfeee
350221f2fb5b6b10f2f91b2a1b4b0d0d637eabe52a6c78a9f95e231d675042a0

HTTP Headers

GET /go/22d57c99-2f2b-4409-9968-0c68fe2666c7 HTTP/1.1
Host: ss.redirectsstm.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: openresty
Date: Tue, 20 Sep 2022 16:10:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1038
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: https://eu.gotbstgifts.click/rs/i13s22/brand/limundo/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=7fb0c531-5e02-498d-b6a0-8ca04e87b078&osv=&isp=Blix%20Solutions&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYzNjkwMjUyIiwiaGFzaCI6IjhiMTZjNGM0NWQxMjU0ODVlZGI5NTFkMzM4ODdjMzBjM2JkMmIxZmYifQ%3D%3D&td=ss.redirectsstm.click&bemobdata=c%3D22d57c99-2f2b-4409-9968-0c68fe2666c7..l%3D7fb0c531-5e02-498d-b6a0-8ca04e87b078..a%3D0..b%3D1
Set-Cookie: bemob-uniq-visit:22d57c99-2f2b-4409-9968-0c68fe2666c7=1; Domain=ss.redirectsstm.click; Path=/; Expires=Wed, 21 Sep 2022 16:10:52 GMT; HttpOnly
bemob-rotation:22d57c99-2f2b-4409-9968-0c68fe2666c7:random:f96fd228a44dd61955d0e75e2fa2d9b8=0-2-1; Domain=ss.redirectsstm.click; Path=/; Expires=Wed, 21 Sep 2022 16:10:52 GMT; HttpOnly
bemob-track-url=https%3A%2F%2Feu.gotbstgifts.click%2Frs%2Fi13s22%2Fbrand%2Flimundo%2F%3Fts%3D08e29a07-b84a-41cf-a9c0-1cb114072fbc%26camp%3D%26zone%3D%26landid%3D7fb0c531-5e02-498d-b6a0-8ca04e87b078%26osv%3D%26isp%3DBlix%2520Solutions%26tid%3D08e29a07-b84a-41cf-a9c0-1cb114072fbc%26key%3DeyJ0aW1lc3RhbXAiOiIxNjYzNjkwMjUyIiwiaGFzaCI6IjhiMTZjNGM0NWQxMjU0ODVlZGI5NTFkMzM4ODdjMzBjM2JkMmIxZmYifQ%253D%253D%26td%3Dss.redirectsstm.click%26bemobdata%3Dc%253D22d57c99-2f2b-4409-9968-0c68fe2666c7..l%253D7fb0c531-5e02-498d-b6a0-8ca04e87b078..a%253D0..b%253D1; Domain=ss.redirectsstm.click; Path=/; Expires=Wed, 21 Sep 2022 16:10:52 GMT; HttpOnly
Vary: Accept
X-Response-Time: 14.682ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 15:13:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 20sfOtxGeygQFrsWX3QcpInYl41hLfIXlt8042ZOMT0PwB1iJPk3iQ==
Age: 3462

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3889
Expires: Tue, 20 Sep 2022 17:15:41 GMT
Date: Tue, 20 Sep 2022 16:10:52 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ob0IfpXJ_wdoEQmzVQACrnun-Nrjdel_j2A5eaTdVL5N29CRSVafGQ==
age: 41739
X-Firefox-Spdy: h2

eu.gotbstgifts.click/rs/i13s22/brand/limundo/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=7fb0c531-5e02-498d-b6a0-8ca04e87b078&osv=&isp=Blix%20Solutions&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYzNjkwMjUyIiwiaGFzaCI6IjhiMTZjNGM0NWQxMjU0ODVlZGI5NTFkMzM4ODdjMzBjM2JkMmIxZmYifQ%3D%3D&td=ss.redirectsstm.click&bemobdata=c%3D22d57c99-2f2b-4409-9968-0c68fe2666c7..l%3D7fb0c531-5e02-498d-b6a0-8ca04e87b078..a%3D0..b%3D1

164.92.232.111

302 Found

0 B

URL HTTP/2
eu.gotbstgifts.click/rs/i13s22/brand/limundo/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=7fb0c531-5e02-498d-b6a0-8ca04e87b078&osv=&isp=Blix%20Solutions&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYzNjkwMjUyIiwiaGFzaCI6IjhiMTZjNGM0NWQxMjU0ODVlZGI5NTFkMzM4ODdjMzBjM2JkMmIxZmYifQ%3D%3D&td=ss.redirectsstm.click&bemobdata=c%3D22d57c99-2f2b-4409-9968-0c68fe2666c7..l%3D7fb0c531-5e02-498d-b6a0-8ca04e87b078..a%3D0..b%3D1
IP
164.92.232.111:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rs/i13s22/brand/limundo/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=7fb0c531-5e02-498d-b6a0-8ca04e87b078&osv=&isp=Blix%20Solutions&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYzNjkwMjUyIiwiaGFzaCI6IjhiMTZjNGM0NWQxMjU0ODVlZGI5NTFkMzM4ODdjMzBjM2JkMmIxZmYifQ%3D%3D&td=ss.redirectsstm.click&bemobdata=c%3D22d57c99-2f2b-4409-9968-0c68fe2666c7..l%3D7fb0c531-5e02-498d-b6a0-8ca04e87b078..a%3D0..b%3D1 HTTP/1.1
Host: eu.gotbstgifts.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 16:10:52 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://7ktpj.bemobtrcks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=7fb0c531-5e02-498d-b6a0-8ca04e87b078&osv=&isp=Blix%20Solutions&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYzNjkwMjUyIiwiaGFzaCI6IjhiMTZjNGM0NWQxMjU0ODVlZGI5NTFkMzM4ODdjMzBjM2JkMmIxZmYifQ%3D%3D&td=ss.redirectsstm.click&bemobdata=c%3D22d57c99-2f2b-4409-9968-0c68fe2666c7..l%3D7fb0c531-5e02-498d-b6a0-8ca04e87b078..a%3D0..b%3D1
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 16:10:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
219ec149d1dc4bbd909a3306221fd384
192b8a2efcdc885499b53c7c8371c9868718a8f0
ad6e3b2a7a5ea11ceed1b20c9e65b1e7c38f1552dc586cdc3d85d951730d84a6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD6E3B2A7A5EA11CEED1B20C9E65B1E7C38F1552DC586CDC3D85D951730D84A6"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7486
Expires: Tue, 20 Sep 2022 18:15:38 GMT
Date: Tue, 20 Sep 2022 16:10:52 GMT
Connection: keep-alive

7ktpj.bemobtrcks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=7fb0c531-5e02-498d-b6a0-8ca04e87b078&osv=&isp=Blix%20Solutions&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYzNjkwMjUyIiwiaGFzaCI6IjhiMTZjNGM0NWQxMjU0ODVlZGI5NTFkMzM4ODdjMzBjM2JkMmIxZmYifQ%3D%3D&td=ss.redirectsstm.click&bemobdata=c%3D22d57c99-2f2b-4409-9968-0c68fe2666c7..l%3D7fb0c531-5e02-498d-b6a0-8ca04e87b078..a%3D0..b%3D1

3.70.16.242

302 Found

260 B

URL HTTP/2
7ktpj.bemobtrcks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=7fb0c531-5e02-498d-b6a0-8ca04e87b078&osv=&isp=Blix%20Solutions&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYzNjkwMjUyIiwiaGFzaCI6IjhiMTZjNGM0NWQxMjU0ODVlZGI5NTFkMzM4ODdjMzBjM2JkMmIxZmYifQ%3D%3D&td=ss.redirectsstm.click&bemobdata=c%3D22d57c99-2f2b-4409-9968-0c68fe2666c7..l%3D7fb0c531-5e02-498d-b6a0-8ca04e87b078..a%3D0..b%3D1
IP
3.70.16.242:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with no line terminators
Size
260 B (260 bytes)
Hash
c505f39bd4d16517a08974335058d8ef
11a524eefe71ba6e61cb01d35a6980ce0b1589e2
87033801970c5951a36517accb9dc5cd3e0f33e66cbdc7942ee0dacfa1e59cab

HTTP Headers

GET /go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=7fb0c531-5e02-498d-b6a0-8ca04e87b078&osv=&isp=Blix%20Solutions&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYzNjkwMjUyIiwiaGFzaCI6IjhiMTZjNGM0NWQxMjU0ODVlZGI5NTFkMzM4ODdjMzBjM2JkMmIxZmYifQ%3D%3D&td=ss.redirectsstm.click&bemobdata=c%3D22d57c99-2f2b-4409-9968-0c68fe2666c7..l%3D7fb0c531-5e02-498d-b6a0-8ca04e87b078..a%3D0..b%3D1 HTTP/1.1
Host: 7ktpj.bemobtrcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: openresty
date: Tue, 20 Sep 2022 16:10:52 GMT
content-type: text/html; charset=utf-8
content-length: 260
access-control-allow-origin: *
location: https://ungroudonchan.com/4/4598789?ymid=SHtSTKPVjpPNRjLbp9xKiH&var=074b5bba-80ab-4a33-86df-edbd736e35eb
set-cookie: bemob-uniq-visit:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3=1; Domain=7ktpj.bemobtrcks.com; Path=/; Expires=Wed, 21 Sep 2022 16:10:52 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3:random:bcad9fbed5d562e339b2ddf45707a26c=0-0-10; Domain=7ktpj.bemobtrcks.com; Path=/; Expires=Wed, 21 Sep 2022 16:10:52 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=SHtSTKPVjpPNRjLbp9xKiH; Domain=7ktpj.bemobtrcks.com; Path=/; Expires=Wed, 21 Sep 2022 16:10:52 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 8.286ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc365d921a76ed3be6f48054931a93c4
381cf175c24ec34ae897f11f1207e59d593f5bc0
6acb68eb87b59ad36b12e0b7f8d4ce54b01111b57358d30cd6a93e67fa949e91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6ACB68EB87B59AD36B12E0B7F8D4CE54B01111B57358D30CD6A93E67FA949E91"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7093
Expires: Tue, 20 Sep 2022 18:09:05 GMT
Date: Tue, 20 Sep 2022 16:10:52 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 20 Sep 2022 16:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 20 Sep 2022 16:29:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: J1Needt66U044Dpqbom-16mE-16Btnp3eSWLfXDfxeWID8RZQ-VUZw==
Age: 451

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5214
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 16:10:53 GMT
Last-Modified: Tue, 20 Sep 2022 14:43:59 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ungroudonchan.com/favicon.ico

139.45.197.238

204 No Content

0 B

URL HTTP/2
ungroudonchan.com/favicon.ico
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=234e89e1810848f982fffdf0bcccb40e; oaidts=1663690252
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 20 Sep 2022 16:10:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d191160fbc17ad2deaef549c74fbfd98
e21da011487bdfdb971836047a092efb24a077d3
7bc10277625b27e9c9a696d1bab2035411989636307cfd8396184de06b66c3ee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BC10277625B27E9C9A696D1BAB2035411989636307CFD8396184DE06B66C3EE"
Last-Modified: Mon, 19 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2479
Expires: Tue, 20 Sep 2022 16:52:12 GMT
Date: Tue, 20 Sep 2022 16:10:53 GMT
Connection: keep-alive

eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=596122729850347538&subid1=4598789&cost=0.000278&rdk=rk1

157.90.33.78

302 Found

0 B

URL HTTP/2
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=596122729850347538&subid1=4598789&cost=0.000278&rdk=rk1
IP
157.90.33.78:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=596122729850347538&subid1=4598789&cost=0.000278&rdk=rk1 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 16:10:53 GMT
content-length: 0
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop
set-cookie: rauid=CvHaovmfQn-8zLKIWoc38A; expires=Wed, 20 Sep 2023 16:10:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop

35.227.234.222

302 Found

0 B

URL HTTP/1.1
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop
IP
35.227.234.222:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 20 Sep 2022 16:10:53 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
75925b52065e8c40d078aee85c947946
72219bfe4412de462135af38de924431a60cd5f5
e4931e694c717412c066464f1c206f1049ebe3fa70270dd550c84129e49b68bb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 16:10:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 06:25:21 GMT
Expires: Mon, 26 Sep 2022 06:25:20 GMT
Etag: "72219bfe4412de462135af38de924431a60cd5f5"
Cache-Control: max-age=482666,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dbd5733d0c1c16-OSL

media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575

23.36.79.9

301 Moved Permanently

0 B

URL HTTP/2
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP
23.36.79.9:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Tue, 20 Sep 2022 16:10:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 20 Sep 2022 16:10:53 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663690253557)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C20229201610%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224832818%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Thu, 20-Sep-3021 16:10:53 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=52
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=merge&userId=234e89e1810848f982fffdf0bcccb40e

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=234e89e1810848f982fffdf0bcccb40e
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /img.gif?f=merge&userId=234e89e1810848f982fffdf0bcccb40e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 16:10:53 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=234e89e1810848f982fffdf0bcccb40e; expires=Wed, 20 Sep 2023 16:10:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.240.207.158

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.240.207.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eN35G8iZ2L82ZIGuVcKi6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gdGWK1s2neWJZRZdCkiGcJbqhek=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2b4b4878f67f3d21ac07f8cd2ed5ff92
9e7227225787c9fcad71d21435e1bc970528bc3a
bbcd6251dde60d3c39c27fb018eca4c2514791717772908b257773326f0bbcd3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4030
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 16:10:53 GMT
Last-Modified: Tue, 20 Sep 2022 15:03:44 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

www.megarush.com/fonts/Inter-ExtraBold.woff2

104.22.31.168

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-ExtraBold.woff2
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Size
10 kB (10484 bytes)
Hash
d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c

HTTP Headers

GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:53 GMT
content-type: font/woff2
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 5670
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd575dc04b4f9-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Regular.woff2

104.22.31.168

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Regular.woff2
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Size
10 kB (10108 bytes)
Hash
5ec57a5a91c67095e4a7e91ac375ffb1
23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5

HTTP Headers

GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:53 GMT
content-type: font/woff2
content-length: 10108
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 5670
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd575dc0ab4f9-OSL
X-Firefox-Spdy: h2

www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3

104.22.31.168

200 OK

13 kB

URL HTTP/2
www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
13 kB (13244 bytes)
Hash
e11c928e6c33ced1b0755979d58d6d61
2c18a2cadb60fd7d1a253de1f36120667c520bd0
6e706d7f527d9eb7bd90ba2c0e6c6a6ba4d5a0166e803ba8cbb9f9aad450f4c7

HTTP Headers

GET /nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:53 GMT
content-type: text/html
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-k8xcf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74dbd5753b47b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/fonts/DS-Digital.woff2

104.22.31.168

200 OK

776 B

URL HTTP/2
www.megarush.com/fonts/DS-Digital.woff2
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Size
776 B (776 bytes)
Hash
789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248

HTTP Headers

GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:53 GMT
content-type: font/woff2
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 5670
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd575ec0cb4f9-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 16:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-K4GPX49

142.250.74.72

200 OK

51 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (23513)
Size
51 kB (50607 bytes)
Hash
862ee90124fa5a2b35c0fdd33e6c8ae4
f5c3109a3c6b4ff5a44f4c6dc1f9c5da04bd4b74
23238e76e051a9c131f4b064615578d87ba3d87705f6b1d86d24c450a565e94b

HTTP Headers

GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 16:10:53 GMT
expires: Tue, 20 Sep 2022 16:10:53 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50607
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 16:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.megarush.com/favicons/favicon-16x16.png

104.22.31.168

200 OK

437 B

URL HTTP/2
www.megarush.com/favicons/favicon-16x16.png
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
437 B (437 bytes)
Hash
914b291e561aafc860f86bc23c4065f1
b47bda2b8d530bbaead0fbcba219ac18247d1410
08f8a35ac0dda8a81618b381bfc0747ac80e022c0ff44dcb4d8d153dad724b45

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:54 GMT
content-type: image/png
content-length: 437
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-1b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6733838
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd578efdeb4f9-OSL
X-Firefox-Spdy: h2

d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js

54.230.245.231

200 OK

16 kB

URL HTTP/1.1
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP
54.230.245.231:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (16536)
Size
16 kB (16537 bytes)
Hash
9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a

HTTP Headers

GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Date: Mon, 19 Sep 2022 19:01:49 GMT
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
ETag: "9f2263de140cc78c0737d17051307016"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R6pQzehieJ5X6HSSnJfwI9wk6P8BfRH6CQCi0cAAD-bB5aTH0R0L3A==
Age: 76146

www.megarush.com/favicons/favicon-194x194.png

104.22.31.168

200 OK

12 kB

URL HTTP/2
www.megarush.com/favicons/favicon-194x194.png
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11668 bytes)
Hash
3bc9ecb2b8d9e78d83d49da52c0292fc
b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c

HTTP Headers

GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:54 GMT
content-type: image/png
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33900397
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd578efdab4f9-OSL
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 20 Sep 2022 14:41:12 GMT
expires: Tue, 20 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 5382
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.megarush.com/index.3e5fca25e481a764411c.css

104.22.31.168

200 OK

33 kB

URL HTTP/2
www.megarush.com/index.3e5fca25e481a764411c.css
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (33232 bytes)
Hash
cd06f292f1154ff04400b0b5a460d7d7
d9ee6bfc8a8d316f821a7b68c268eaf181236ef2
6c4bddef99f32028153fa43cdfff4880c37ac7d9d83273d6352f6418f3f54104

HTTP Headers

GET /index.3e5fca25e481a764411c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:53 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1526
server: cloudflare
cf-ray: 74dbd575ec11b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
635e35d7bd4a15a6496f0f8a4d046e24
7e09bf39f8d07d195acf0c94583a8a5c80945342
dbb1caffab0d78f12e5d85280c90cdfbb0e8cfe6b441dc3979c6ac88df9e2fd9

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "DBB1CAFFAB0D78F12E5D85280C90CDFBB0E8CFE6B441DC3979C6AC88DF9E2FD9"
Last-Modified: Mon, 19 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6688
Expires: Tue, 20 Sep 2022 18:02:22 GMT
Date: Tue, 20 Sep 2022 16:10:54 GMT
Connection: keep-alive

megalotto-static.gigmagic.io/translations/no.json

104.18.38.157

200 OK

75 kB

URL HTTP/2
megalotto-static.gigmagic.io/translations/no.json
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Size
75 kB (75076 bytes)
Hash
c2bbcc94bb88bd8501e783cb5309f53a
0866706258d25179ff9f25f1185d54e8a9222eec
dc6d64b029ac273b3bfb1434db5f41e784532e7896343388fc5635fdbbd91cd2

HTTP Headers

GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:54 GMT
content-type: application/json; charset=utf-8
content-length: 75076
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 20 Sep 2022 12:59:05 GMT
etag: "c2bbcc94bb88bd8501e783cb5309f53a"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74dbd57a1a3e0afa-OSL
X-Firefox-Spdy: h2

scripts.mediamathrdrt.com/scripts/b_megarush.js

172.64.166.38

200 OK

598 B

URL HTTP/2
scripts.mediamathrdrt.com/scripts/b_megarush.js
IP
172.64.166.38:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
598 B (598 bytes)
Hash
93128e89212e307bcf28ea4f030b743e
518d25ea4adf1b8ab94bc9d15323cabd6ac9baf4
110ce7769d7ff0e9b8dc1423e8ae9bdf9f5386804e42b22c5495a83b0d6670ad

HTTP Headers

GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:54 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 060c161d-301b-4382-b5e4-7cf1da811493
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.003598
expires: 2022-08-21 16:10:54 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgTmBZiiAEOgPNAlyenpgx8KTn4YWmGuR4Qvmdv55urdZijk3ZYrUW%2BATV9ZHCrTMtYCacbL7zAvw5uRaMIJKGhs5RZpByuz5cHUucpSaTjZ%2B8Kph7XuYCfa4c5A4ZgCwPv2VSfl9d%2F5t7wx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dbd57a085c7599-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.megarush.com/chunk-vendors.76e8e4d0.css

104.22.31.168

200 OK

606 B

URL HTTP/2
www.megarush.com/chunk-vendors.76e8e4d0.css
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
606 B (606 bytes)
Hash
500e5567664626d71bc4f4647840de6e
cd32e5c96ccd8449132a5b92d29f5d7055d437e1
baa21838fb45f438a4559b87e6760164b3a7c57f28983cb7255fbc9c3d921640

HTTP Headers

GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:53 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1525
server: cloudflare
cf-ray: 74dbd575ec0eb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
01a12f78265282ec8a99b15f3bbee77e
07c69a8d40f8d0e74b289d41cb612571b697fa9e
0a34577fb4cb0eff3fae4a41f6e4916f95ca593cb5872e091d4e6eb5b49769d0

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 16:10:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f55f7bf08663464750fa98c53c33761f
cf3d3533b618f73af617ecc0a17bc108a2bd63f2
a4ead3891db45bb821ad08fd4801a13aef82db9b0fc1ba50df4b95c3775b1ab8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2301
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 16:10:54 GMT
Last-Modified: Tue, 20 Sep 2022 15:32:33 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

edge.fullstory.com/s/fs.js

35.201.112.186

200 OK

63 kB

URL HTTP/2
edge.fullstory.com/s/fs.js
IP
35.201.112.186:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65410)
Size
63 kB (62929 bytes)
Hash
d720d9c7a26941dcca38a469673b2863
4c985e903ece1d84cca14d3dd12166b8e7b6925b
7ed116dc750bcbf3290fbf478332c0208ee4b914b64b44b6e49bccfa417f3014

HTTP Headers

GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdv7gRv0zsx9kdTU6wmWS59QNKyvsTVMykrlmn7eXb8AThTVPmfoFrVgLZmpaOqJKDjqdv8zxCL5TGlC8yQgYJ-yqg
x-goog-generation: 1663163967982920
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 62929
content-encoding: br
x-goog-hash: crc32c=S62c9A==, md5=1yDZx6JpQdzKOKRpZzsoYw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 62929
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 20 Sep 2022 15:55:34 GMT
expires: Tue, 20 Sep 2022 16:55:34 GMT
cache-control: public, max-age=3600,no-transform
age: 920
last-modified: Wed, 14 Sep 2022 13:59:28 GMT
etag: "d720d9c7a26941dcca38a469673b2863"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
01a12f78265282ec8a99b15f3bbee77e
07c69a8d40f8d0e74b289d41cb612571b697fa9e
0a34577fb4cb0eff3fae4a41f6e4916f95ca593cb5872e091d4e6eb5b49769d0

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 16:10:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8e346d3f5679a16305951ea2029392f7
138aa4154cdc41529f6fcdc971a464767ce54508
0806319816726321f9319605930ab587ab050e7de8e8e8c65f41776b27d0e298

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3274
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 16:10:54 GMT
Last-Modified: Tue, 20 Sep 2022 15:16:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8e346d3f5679a16305951ea2029392f7
138aa4154cdc41529f6fcdc971a464767ce54508
0806319816726321f9319605930ab587ab050e7de8e8e8c65f41776b27d0e298

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3274
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 16:10:54 GMT
Last-Modified: Tue, 20 Sep 2022 15:16:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19395
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 16:10:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19395
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 16:10:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19395
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 16:10:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19395
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 16:10:54 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9865 bytes)
Hash
1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2kU9PLuzusMR04mNUdwbU6-120ESVhYJtNaIixERO68Vo9jEfP3JWg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:04:47 GMT
age: 65168
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11832 bytes)
Hash
2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:43 GMT
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
age: 64872
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9543 bytes)
Hash
30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -VBFetQNkmIiWeJtW5IOheaPLdDHM9iKhiGPzVcA3_KQk7Qha5VrXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:14:25 GMT
age: 64590
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10894 bytes)
Hash
d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 10:06:02 GMT
age: 21893
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11145 bytes)
Hash
c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oJyChyEdTbGx6oQCRy6IVMS8qU22LupFYn6FOii3p4BUVFyKnssQ7Q==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:05:54 GMT
age: 65101
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9873 bytes)
Hash
7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:44 GMT
age: 64871
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-4.png

104.22.31.168

200 OK

786 B

URL HTTP/2
www.megarush.com/img/home-page/coin-2-4.png
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Size
786 B (786 bytes)
Hash
dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09

HTTP Headers

GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30675651
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd58078fcb4f9-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/trustly--white.svg

104.22.31.168

200 OK

3.0 kB

URL HTTP/2
www.megarush.com/img/icons/trustly--white.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.0 kB (2970 bytes)
Hash
2eea8daa65b02f4e230cbb4084b9ba56
5fea38c6cd00826cdd55873727a02314c98d6799
59a1118ee25558d9a6462b9908619bbdbf077388a30b0d99674fa8004ef4a582

HTTP Headers

GET /img/icons/trustly--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9137921
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f7ffeb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gamcare.svg

104.22.31.168

200 OK

4.8 kB

URL HTTP/2
www.megarush.com/img/icons/gamcare.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.8 kB (4777 bytes)
Hash
692ab46f30f1dc7ab141fbef263f21ef
ccdd543b7c0fa8b8429b7bf6d640ca888f73e887
68ad514aa0d7581b27d9fe39291965a94df5f1497d1a540cd3ba0a0d4b0687e7

HTTP Headers

GET /img/icons/gamcare.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-dd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901078
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f982bb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-phone-badge-new.svg

104.22.31.168

200 OK

2.5 kB

URL HTTP/2
www.megarush.com/img/icons/mega-phone-badge-new.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.5 kB (2517 bytes)
Hash
b2acb0094c0a211d948140f7c219ecd5
ed48fb9aafafb40bb267fff4c714a734f1e8c97f
c4d02c39a689a1db3014599fb200b0b960fdbf5eadae7c87532b2e386c9f5456

HTTP Headers

GET /img/icons/mega-phone-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29138497
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f880fb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-checked-badge-new.svg

104.22.31.168

200 OK

64 kB

URL HTTP/2
www.megarush.com/img/icons/mega-checked-badge-new.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
64 kB (64416 bytes)
Hash
83b839aab1552bc17ecae07f28ef18d5
69a03085b08a9cb2662988463e652110dff5bdfe
f4a390f3d189a170c645e9e46067e4099e735a5430443e30377392e54f5d30d7

HTTP Headers

GET /img/icons/mega-checked-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-66f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29138497
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f8813b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-clock-badge-new.svg

104.22.31.168

200 OK

4.9 kB

URL HTTP/2
www.megarush.com/img/icons/mega-clock-badge-new.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.9 kB (4937 bytes)
Hash
63b7eb98a2fbf054a93521b0d9c5ad93
8fe48949a01a4e33b55d18630f731a682158ed77
7255c683a5fb14b847a1e45e24acec324cbfd5f368e7f30c3ba093df06f966bb

HTTP Headers

GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9125964
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f8815b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-bolt-badge-new.svg

104.22.31.168

200 OK

3.3 kB

URL HTTP/2
www.megarush.com/img/icons/mega-bolt-badge-new.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.3 kB (3322 bytes)
Hash
8a5b0d5290e76df359923f335d9d8925
9b70564c75e27e99d0e95180ea014bc321dae3d9
7f9b2e6b1222f94c1e839ab3c7013c2dfd8519fe93c27580f94e45cf252480af

HTTP Headers

GET /img/icons/mega-bolt-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-655"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2399955
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f880cb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/jeton--white.svg

104.22.31.168

200 OK

7.1 kB

URL HTTP/2
www.megarush.com/img/icons/jeton--white.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
7.1 kB (7134 bytes)
Hash
2c56a63e605a114e83bf8a9800fb614c
ec41a1e1879ad3846b06e6e2b0ea63bb1c7aefce
ae34ffd344e8f31be67e1849836a5bb99d2f732680e3aa69841566508a78efe8

HTTP Headers

GET /img/icons/jeton--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9136640
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f7803b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mga.svg

104.22.31.168

200 OK

22 kB

URL HTTP/2
www.megarush.com/img/icons/mga.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
22 kB (21916 bytes)
Hash
f35cc7c96b6edbada702dbf2423c5781
810c8eac62ca140c2bbd63ae71bc6d065fbfdb73
ce1e52106523a221819066cff28b02333b718a643de3d725bb3a9ee54fe1d376

HTTP Headers

GET /img/icons/mga.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-74d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9136639
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f881cb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/help-round.svg

104.22.31.168

200 OK

11 kB

URL HTTP/2
www.megarush.com/img/icons/help-round.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
11 kB (11281 bytes)
Hash
b58251c3c2e4edf1f801c3759df74b80
521af9c8a5528f354070026a1c2c62d78b43ec32
a57184a312b77d62e63eb86e9e805b88f8af26bd495e4578e156f3241a53aadd

HTTP Headers

GET /img/icons/help-round.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901078
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f4f84b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/astropaycard--white.svg

104.22.31.168

200 OK

11 kB

URL HTTP/2
www.megarush.com/img/icons/astropaycard--white.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
11 kB (11358 bytes)
Hash
30b195b57a4e54fec9c97a60d2c11c54
04db7be7557452de0a39e9ab73ae82aeeaf84e3a
6aee6021b31282b4554764d56b8021b4a5fd423c957fbbb3dba4db00cd7c1e8f

HTTP Headers

GET /img/icons/astropaycard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6733452
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f7ff9b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/feel-the-rush.png

104.22.31.168

200 OK

49 kB

URL HTTP/2
www.megarush.com/img/home-page/feel-the-rush.png
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data
Size
49 kB (48691 bytes)
Hash
141c6d0e374b086cf1d604173cb607c8
9e5531e6e26ad4cb621dd35d9521b167ce99ca53
c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2

HTTP Headers

GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/png
content-length: 48691
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30675651
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580b96cb4f9-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/affiliates/online-gamblers.png

104.22.31.168

200 OK

14 kB

URL HTTP/2
www.megarush.com/img/affiliates/online-gamblers.png
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14178 bytes)
Hash
9c612bb3dbe37436b86ec881eecb90c4
45722b1f16d3b61f2803fa3bb78403414bd3a442
e92c2f751a6eddbd489bf745193c6af18af7d1f270396f0a0d40efc778c5672c

HTTP Headers

GET /img/affiliates/online-gamblers.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/png
content-length: 14178
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-3762"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901079
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580c978b4f9-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/affiliates/norges-casino.png

104.22.31.168

200 OK

12 kB

URL HTTP/2
www.megarush.com/img/affiliates/norges-casino.png
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data
Size
12 kB (12111 bytes)
Hash
453efb7650d4c514229ddc7cb4b5d04f
f00e51876a720516521db90908019e5ccebe0397
d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e

HTTP Headers

GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/png
content-length: 12111
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901079
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580c97db4f9-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/smoke-2-small.png

104.22.31.168

200 OK

4.2 kB

URL HTTP/2
www.megarush.com/img/home-page/smoke-2-small.png
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 316 x 126, 4-bit colormap, non-interlaced\012- data
Size
4.2 kB (4245 bytes)
Hash
8361a76edf079ca44cd5c81d537c4ba0
b653ecb4ecaef4df2658c460be005f762ae203fb
e57046600ea12b7c2803f5d01c02595de1e29dca15981a2a278b916a9f62a5b0

HTTP Headers

GET /img/home-page/smoke-2-small.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/png
content-length: 4245
last-modified: Mon, 11 Jul 2022 12:54:28 GMT
etag: "62cc1d84-1095"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6029176
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580c981b4f9-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/smoke-2.png

104.22.31.168

200 OK

75 kB

URL HTTP/2
www.megarush.com/img/home-page/smoke-2.png
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1187 x 471, 8-bit/color RGBA, non-interlaced\012- data
Size
75 kB (74825 bytes)
Hash
b52d54230805a82ccdbc1484c6bde4aa
73fcb683ec6b5598a0b89138843c479d5f479fe0
97b1cfcdf70c6c432984de8f4c9350281c61d6503bd8cd1add15e46ea359eade

HTTP Headers

GET /img/home-page/smoke-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/png
content-length: 74825
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-12449"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9136640
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580d98db4f9-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/smoke-1-medium.png

104.22.31.168

200 OK

35 kB

URL HTTP/2
www.megarush.com/img/home-page/smoke-1-medium.png
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 317, 8-bit gray+alpha, non-interlaced\012- data
Size
35 kB (35333 bytes)
Hash
109f267221e2cee94514a7efaebd29a9
a2e8d66e2f36d10fbdb7e78e42aefaffdfdbf7f2
72d4591ac99f7e8c9d7bbd20af81a880c6b66a6632772d6f0f085656afb3b801

HTTP Headers

GET /img/home-page/smoke-1-medium.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/png
content-length: 35333
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: "61656602-8a05"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29654658
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580d989b4f9-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/flag-nb-no.svg

104.22.31.168

200 OK

4.1 kB

URL HTTP/2
www.megarush.com/img/icons/flag-nb-no.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (23516)
Size
4.1 kB (4085 bytes)
Hash
09e1e505a1a518e0752bc9b54a638fb8
00a4482dbed9eb35251ac6bc7c0c043646d167c0
7e19846133baad1d000579c0f17e2717957cc09559122a06feaedbb3dc61c31c

HTTP Headers

GET /img/icons/flag-nb-no.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901078
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f8817b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/playAndGo.svg

104.22.31.168

200 OK

57 kB

URL HTTP/2
www.megarush.com/img/icons/playAndGo.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
57 kB (56893 bytes)
Hash
bde747630e2229891bde216d3b99585f
4eb76f32eadbe7bdf5ca99b2fc2906fd81371a99
f6dc26e397414651185bff94405e8b9ce8c730d30ffadc6567acac39c2b60619

HTTP Headers

GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30675482
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f0f4eb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mastercard--white.svg

104.22.31.168

200 OK

961 B

URL HTTP/2
www.megarush.com/img/icons/mastercard--white.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
961 B (961 bytes)
Hash
bd56b3c70d0df98ddc26a4af90fb3444
550ee2fda7d818b8c2329090b254f2dc88212355
30ef3c5f3bb5059201f4b0e241d75534f1e2838394b5b0e02a582ce7701636a1

HTTP Headers

GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901078
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f7ff7b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-img.gigmagic.io/promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png

172.64.149.99

200 OK

84 kB

URL HTTP/2
megalotto-img.gigmagic.io/promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, AVIF Image\012- data
Size
84 kB (83745 bytes)
Hash
bedc100c06fb83e57bdb6d2f42747b20
833f812570395944549808e657831b895ef6409e
b78a93d52e444df6bcee282606786244c12597d8483004fb48d5af83672781d1

HTTP Headers

GET /promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/avif
content-length: 83745
last-modified: Mon, 12 Sep 2022 22:56:53 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 5600ea53cb2bd76c49069c9948d9eafca3a48e23
x-imgix-render-farm: 01.560
age: 666842
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10061-SJC, cache-ams12769-AMS
x-cache: HIT, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74dbd580caa41c12-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/netent.svg

104.22.31.168

200 OK

893 B

URL HTTP/2
www.megarush.com/img/icons/netent.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
893 B (893 bytes)
Hash
056776c11f792bf78bfaa63120be979a
d95845ef52d129b503feab7be84b07c01b1ff0fa
11886e0457e29985449e6f0f68144712ace46d5d4f06a04c303afecb6ca9fa25

HTTP Headers

GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9137921
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f2f67b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/begambleaware.svg

104.22.31.168

200 OK

219 kB

URL HTTP/2
www.megarush.com/img/icons/begambleaware.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (59169)
Size
219 kB (219050 bytes)
Hash
564b4f2896d57a20ed0cb1492d64fecc
8b22e538d0e0371e0899d66e5b06676967512704
65b8d853389e72e6cb5732e68831c60c2c67e8141460d19b25c75035ebf41505

HTTP Headers

GET /img/icons/begambleaware.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-18df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901078
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f9827b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png

172.64.149.99

200 OK

31 kB

URL HTTP/2
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, AVIF Image\012- data
Size
31 kB (30644 bytes)
Hash
a120f99e6d07b9526d8720e520942423
57edcb554c28a5787dd54c7f64b12ce9b7007d9b
c006a30b946ca1a403a8eaca8cdf20fa22b9ea6912b59023689f6aa65c83b137

HTTP Headers

GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 06 Sep 2022 09:45:02 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 66cd5b3423986c504740641be9f0a18ddd2feace
x-imgix-render-farm: 01.1072
age: 1232753
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-ams12753-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74dbd580caa81c12-OSL
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.2ac66c93.js

151.101.86.249

200 OK

128 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.2ac66c93.js
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
128 kB (127480 bytes)
Hash
a80c0cded398b91aac5215a3d7a3fe78
dd4f4e078c893469a18ae53f68e1eb28ab7bcd85
f26f1731304c72f2331c8eb0f1a5bc7e3a0a97b8c9d5cf941ebb9b4a11f047bf

HTTP Headers

GET /cdn/build/embed-legacy/embed-legacy.2ac66c93.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 127480
Last-Modified: Tue, 20 Sep 2022 15:37:21 GMT
ETag: "a80c0cded398b91aac5215a3d7a3fe78"
x-goog-generation: 1663688241723729
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 127480
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 20 Sep 2022 16:10:55 GMT
Age: 1738
X-Served-By: cache-chi-klot8100065-CHI, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 71
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

www.megarush.com/video/arcade-game.webm

104.22.31.168

206 Partial Content

61 kB

URL HTTP/2
www.megarush.com/video/arcade-game.webm
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
61 kB (61172 bytes)
Hash
9aaef915ba1a5046a92ef8dfcc58cdba
c25acbf957571a53c4ca7cc5a910757e4cfffd66
565d4805821948f9740cd260a8da41b19189a2f3658867815af960a5a31f035a

HTTP Headers

GET /video/arcade-game.webm HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Range: bytes=0-
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 206 Partial Content
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: video/webm
content-length: 61172
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-eef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-range: bytes 0-61171/61172
cf-cache-status: BYPASS
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-k8xcf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
app_uid=CoMD12Mp5g+6jAAqBOY/Ag==; expires=Thu, 20-Oct-22 16:10:55 GMT; domain=$host; path=/
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd58139f1b4f9-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/menu.svg

104.22.31.168

200 OK

714 kB

URL HTTP/2
www.megarush.com/img/icons/menu.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (64977)
Size
714 kB (714240 bytes)
Hash
7ce45e84119e0492662713ce1e2a0d9e
01078b41775770301735733472f4e7db94ece57a
da28643b37153ab1e18217d9bff37cfd5794af35e59965fbe674164cd8f8b7a3

HTTP Headers

GET /img/icons/menu.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Mar 2022 09:55:04 GMT
etag: W/"62330578-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 15907837
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f5fb7b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/purple.svg

104.22.31.168

200 OK

901 B

URL HTTP/2
www.megarush.com/img/home-page/glows/purple.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
901 B (901 bytes)
Hash
6a1490b81aeaa8847ac90bf65fea5cb4
ee5677e66863c6dfbdfea9a40c58c2eeaf05a09e
37b42439e095d6bf455f890601c9abda61dade68ee9fb642906fe18fe14423ae

HTTP Headers

GET /img/home-page/glows/purple.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-261"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6732876
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580c987b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2

151.101.86.248

200 OK

84 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
data
Size
84 kB (84088 bytes)
Hash
4eaffdf96f4c6f984686e93d5d9cb325
8c576f620ae00a66282d8eb10dc2eb580888aaf1
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6

HTTP Headers

GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 84088
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: W/"f7b12903dd7a2d536ceb2b7cd1dba2c1"
x-goog-generation: 1652441931211351
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 84027
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Tue, 20 Sep 2022 16:10:55 GMT
Age: 57026
X-Served-By: cache-chi-klot8100099-CHI, cache-bma1647-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 4, 18
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

rs.fullstory.com/rec/page

35.186.194.58

202 Accepted

76 B

URL HTTP/2
rs.fullstory.com/rec/page
IP
35.186.194.58:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
76 B (76 bytes)
Hash
483ffa09cea154d304956a80f8b6b0cc
8c4675aeda7de53c381d4027ac239f0ea83a82ca
39cd29318acd06252db1fc7edf14ce35ebbd083cf672cd371bb0e40340370f08

HTTP Headers

POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 376
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive

HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Tue, 20 Sep 2022 16:10:55 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0eb3da8294852f82addc9ec33b3d9666
a9dfc4c55c8534f7867a688c14b010405d817ef8
d4d476ecf6847aab5fb3cf5e66d212df3ba11f2b349cdc69ba30d22ad62c1247

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4D476ECF6847AAB5FB3CF5E66D212DF3BA11F2B349CDC69BA30D22AD62C1247"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5539
Expires: Tue, 20 Sep 2022 17:43:15 GMT
Date: Tue, 20 Sep 2022 16:10:56 GMT
Connection: keep-alive

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

112 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
6ae2aa296e0ae18c28699d0907b30d0c
d487463b1f3f8fae97b32e7361c50b9714ebc3bd
a14ab98b6bbeb0550fbb12749ba4f26aa89c6578e3f4a1097dc6d6751fb187c7

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 112
date: Tue, 20 Sep 2022 16:10:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2

151.101.86.248

200 OK

90 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
data
Size
90 kB (89536 bytes)
Hash
fe1cfc14b7498b187c78fa72fb72d148
6bec8ce832951162e0ebc4b257e3ee850fe7aade
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879

HTTP Headers

GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Tue, 20 Sep 2022 16:10:56 GMT
Age: 768277
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1647-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 23
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
741ddfcca1eaa1ddceef83e325be8ff1
02d528d638009f5b3c8e5041696ff9e65be0f429
9863a02db06f739dbb0287f487c6a53f1fefb1bd2f04f90b116bea376bcbfb10

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9863A02DB06F739DBB0287F487C6A53F1FEFB1BD2F04F90B116BEA376BCBFB10"
Last-Modified: Sun, 18 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6742
Expires: Tue, 20 Sep 2022 18:03:18 GMT
Date: Tue, 20 Sep 2022 16:10:56 GMT
Connection: keep-alive

i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8

151.101.86.248

200 OK

131 kB

URL HTTP/1.1
i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Size
131 kB (130780 bytes)
Hash
ccb11204819dd6617e4e1fba9eeb5a84
3f5233f01c8ce71ffddde8694d269ee834964b93
f3fa391ba021ceb98c27ff44f743db4d6a4073c0faf83ebf9f030d82bf4e6111

HTTP Headers

GET /image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 130780
Last-Modified: Fri, 30 Apr 2021 15:10:01 GMT
ETag: "ccb11204819dd6617e4e1fba9eeb5a84"
x-goog-generation: 1619795401707780
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 130780
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Tue, 20 Sep 2022 16:10:56 GMT
Age: 629559
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100027-CHI, cache-bma1643-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 103, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000

megalotto-static.gigmagic.io/video/header-video-720p-av1.mp4

104.18.38.157

206 Partial Content

82 kB

URL HTTP/2
megalotto-static.gigmagic.io/video/header-video-720p-av1.mp4
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
82 kB (81582 bytes)
Hash
7ee5e53d73442dcfa121568dccc2f985
7056cd0d7293c549dd593a1a4b8e2bfcb0a4b0f2
6fb28c33ee36e8fe65165855b410398d287f9f10a0e5071d17ff4c7948bd0cbd

HTTP Headers

GET /video/header-video-720p-av1.mp4 HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=0-
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 206 Partial Content
date: Tue, 20 Sep 2022 16:10:56 GMT
content-type: video/mp4
content-length: 981973
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 27 Oct 2021 09:33:08 GMT
etag: "2afd3c14d9a3bb96572c32fd6858f451"
cf-cache-status: HIT
age: 309
expires: Tue, 20 Sep 2022 20:10:56 GMT
cache-control: public, max-age=14400
content-range: bytes 0-981972/981973
server: cloudflare
cf-ray: 74dbd587b83e0afa-OSL
X-Firefox-Spdy: h2

graphql.datocms.com/

104.22.3.238

200 OK

0 B

URL HTTP/2
graphql.datocms.com/
IP
104.22.3.238:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:56 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.megarush.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74dbd587eb69b4e8-OSL
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Tue, 20 Sep 2022 16:10:56 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Tue, 20 Sep 2022 16:10:56 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Tue, 20 Sep 2022 16:10:56 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=769974502578&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6F000105B5F4064B07D738EA957E8F3

37.157.6.247

200 OK

387 B

URL HTTP/2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=769974502578&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6F000105B5F4064B07D738EA957E8F3
IP
37.157.6.247:0
ASN
#198622 Adform A/S

File type
ASCII text, with CRLF line terminators
Size
387 B (387 bytes)
Hash
fa2c254a3bc22afdbc92b9acb06bdb60
ad4d9d1de7146cb3f5aad77095a5197214694915
08cf83cd103f49cbaf040af654cffb7b8854b894b13b7fbfebd7adfc89434970

HTTP Headers

GET /Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=769974502578&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6F000105B5F4064B07D738EA957E8F3 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 16:10:56 GMT
content-type: text/javascript; charset=utf-8
content-length: 387
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Tue, 20 Sep 2022 16:10:56 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/video/header-video-720p.webm

104.18.38.157

206 Partial Content

1.3 MB

URL HTTP/2
megalotto-static.gigmagic.io/video/header-video-720p.webm
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.3 MB (1336865 bytes)
Hash
63177b286fe4cb8a5431377710ad3715
e762daea246c011e634a226f6062a9a27a344f80
ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817

HTTP Headers

GET /video/header-video-720p.webm HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=0-
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 206 Partial Content
date: Tue, 20 Sep 2022 16:10:56 GMT
content-type: video/webm
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Tue, 20 Sep 2022 20:10:56 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 74dbd587e8750afa-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
33468eb2632c1c57c025c475785f3889
9d2b5d4dcce21542290262c42ea09fb6c0d8ad3a
ce07d1c50fa0a5560e83c910eff64f46f6097c3b98209268581fc9ad14078098

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4952
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 16:10:56 GMT
Last-Modified: Tue, 20 Sep 2022 14:48:24 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1

35.188.42.15

200 OK

2 B

URL HTTP/1.1
sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1
IP
35.188.42.15:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 16:10:56 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

secure.quantserve.com/quant.js

91.228.74.208

200 OK

11 kB

URL HTTP/2
secure.quantserve.com/quant.js
IP
91.228.74.208:0
ASN
#16509 AMAZON-02

File type
data
Size
11 kB (10573 bytes)
Hash
f4e832b489bda0f084fea294af38969f
5ff51bb074fc29ddd5a8ee7bdeda12640c13d95d
75601b4c336b7b57e2df412730e491d95f21bf3a4556f1c976af4e9f41891917

HTTP Headers

GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:57 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Tue, 27 Sep 2022 16:10:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

pxl.qccerttest.com/pixel?r=608896187;fpan=1;fpa=P0-1761890812-1663690257070;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663690257070;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1984186405%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6F000105B5F4064B07D738EA957E8F3;ogl=

143.204.55.81

200 OK

35 B

URL HTTP/2
pxl.qccerttest.com/pixel?r=608896187;fpan=1;fpa=P0-1761890812-1663690257070;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663690257070;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1984186405%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6F000105B5F4064B07D738EA957E8F3;ogl=
IP
143.204.55.81:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel?r=608896187;fpan=1;fpa=P0-1761890812-1663690257070;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663690257070;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1984186405%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6F000105B5F4064B07D738EA957E8F3;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 02:11:32 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5t-aM6qkh_bKYUw-IKYQGLQ62-FNlIp5pqncnKxnEOaYwnbHtdF3rw==
age: 51729
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

pixel.quantserve.com/pixel;r=647770934;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1984186405%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6F000105B5F4064B07D738EA957E8F3;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1761890812-1663690257070;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663690257072;tzo=0;ogl=;ses=1116dd33-aac6-4dac-b1e4-5a19ac2889fd

91.228.74.208

200 OK

35 B

URL HTTP/2
pixel.quantserve.com/pixel;r=647770934;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1984186405%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6F000105B5F4064B07D738EA957E8F3;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1761890812-1663690257070;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663690257072;tzo=0;ogl=;ses=1116dd33-aac6-4dac-b1e4-5a19ac2889fd
IP
91.228.74.208:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel;r=647770934;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1984186405%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6F000105B5F4064B07D738EA957E8F3;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1761890812-1663690257070;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663690257072;tzo=0;ogl=;ses=1116dd33-aac6-4dac-b1e4-5a19ac2889fd HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:57 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=6329e611-19512-4f5fe-067db; expires=Sat, 21-Oct-2023 16:10:57 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

109 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
109 B (109 bytes)
Hash
4487b57a1653999824ea086a1b8d3266
795dd7da0dc88e9f0feb3a582b55822ba1170040
6898c5f58651864c28ca851286d98a1ef474e2796b01b12b1a41a0d1155cd324

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 109
date: Tue, 20 Sep 2022 16:11:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/js/chunk-vendors.25e1a372.js

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/js/chunk-vendors.25e1a372.js
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/chunk-vendors.25e1a372.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:53 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1525
server: cloudflare
cf-ray: 74dbd575ec1bb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/megaclub--updated.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/megaclub--updated.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9138229
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f2f72b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1984186405&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D6F000105B5F4064B07D738EA957E8F3

37.157.6.247

200 OK

0 B

URL HTTP/2
track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1984186405&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D6F000105B5F4064B07D738EA957E8F3
IP
37.157.6.247:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1984186405&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D6F000105B5F4064B07D738EA957E8F3 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 16:10:56 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

ungroudonchan.com/4/4598789?ymid=SHtSTKPVjpPNRjLbp9xKiH&var=074b5bba-80ab-4a33-86df-edbd736e35eb

139.45.197.238

200 OK

0 B

URL HTTP/2
ungroudonchan.com/4/4598789?ymid=SHtSTKPVjpPNRjLbp9xKiH&var=074b5bba-80ab-4a33-86df-edbd736e35eb
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/4598789?ymid=SHtSTKPVjpPNRjLbp9xKiH&var=074b5bba-80ab-4a33-86df-edbd736e35eb HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 16:10:52 GMT
content-type: text/html; charset=utf8
x-trace-id: 7e4d51be0c989ef7e31801eb8fbf7f9d
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-credentials: true
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=234e89e1810848f982fffdf0bcccb40e; expires=Wed, 20 Sep 2023 16:10:52 GMT; path=/; secure; SameSite=None
oaidts=1663690252; expires=Wed, 20 Sep 2023 16:10:52 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/grid-new-1.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/home-page/grid-new-1.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/home-page/grid-new-1.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-31bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9136640
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580d98ab4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/onlinedisputeresolution.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/onlinedisputeresolution.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/onlinedisputeresolution.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1a7e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8382850
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f8821b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi

35.186.224.25

302 Found

0 B

URL HTTP/2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP
35.186.224.25:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Tue, 20 Sep 2022 16:10:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=9df7e7a754f05aa52a9628c3fad8fb56; path=/; expires=Wed, 20 Sep 2023 16:10:54 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D9df7e7a754f05aa52a9628c3fad8fb56%26device%3Ddesktop; path=/; expires=Wed, 21 Sep 2022 16:10:54 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: 8ecc22a2149edb27
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/img/icons/promotions--flat.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/promotions--flat.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17625950
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f5fa1b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/palms.1f322dbc.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/palms.1f322dbc.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/palms.1f322dbc.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-33a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6733451
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580f9b9b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

s2.adform.net/banners/scripts/st/trackpoint-async.js

37.157.2.247

200 OK

0 B

URL HTTP/2
s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
37.157.2.247:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 16:10:54 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 May 2022 11:34:23 GMT
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-amz-request-id: tx00000000000010078d572-006329e555-3233e7e3-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/visa--white.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/visa--white.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/visa--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-279"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901078
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f5fbeb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--yellow.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/live-casino--yellow.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17625950
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f2f6db4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/purple-jackpot.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/home-page/glows/purple-jackpot.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/home-page/glows/purple-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9109778
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580e9a4b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/js/index.94a008e8.js

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/js/index.94a008e8.js
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/index.94a008e8.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:53 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Wed, 14 Sep 2022 14:55:10 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1537
server: cloudflare
cf-ray: 74dbd575ec29b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/games--flat.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/games--flat.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901078
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f4f88b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/ibas.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/ibas.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/ibas.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f8e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901078
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f9825b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/blue-jackpot.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/home-page/glows/blue-jackpot.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/home-page/glows/blue-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29654685
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580e9a7b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/half-blue.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/home-page/glows/half-blue.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/home-page/glows/half-blue.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-2a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29654685
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580c982b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/base.css

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/base.css
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:53 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1526
server: cloudflare
cf-ray: 74dbd575ec0db4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

graphql.datocms.com/

104.22.3.238

200 OK

0 B

URL HTTP/2
graphql.datocms.com/
IP
104.22.3.238:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 151
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
authorization: Bearer 35d777e787abbc619166a62135c433
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:56 GMT
content-type: application/json; charset=utf-8
cf-ray: 74dbd5880b85b4e8-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 1253464
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 248
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4336-DUB, cache-bma1646-BMA
x-timer: S1663690257.663521,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2

www.megarush.com/img/icons/casino--side-nav.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/casino--side-nav.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17648676
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f2f6bb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/search.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/search.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/search.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-212"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33901078
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f5fadb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/logo.113ce962.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/logo.113ce962.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/logo.113ce962.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-cf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9132483
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd580c97fb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

scripts.mediamathrdrt.com/safeframe

172.64.166.38

200 OK

0 B

URL HTTP/2
scripts.mediamathrdrt.com/safeframe
IP
172.64.166.38:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /safeframe HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:54 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 391b63c8-14d8-4f00-b927-d6ad6f83a458
x-download-options: noopen
x-runtime: 0.001934
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quEA3M8fuMCO6%2Ffr0itflfc06GoLLtaB9qnw8X7fQz%2Fb2RnYqSkJcF1ozHs0yLE8RhtGTvZLvPeV791QapopoHCS14Pyo0N8sCmgijgMNyqiHQwW5FCYoaogTxfys6hoRAc%2FWXkRhI8G77Ja"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dbd57ae9dd7599-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.megarush.com/img/icons/pragmaticPlay.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/pragmaticPlay.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8969274
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f2f69b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/payments.svg

104.22.31.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/payments.svg
IP
104.22.31.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6F000105B5F4064B07D738EA957E8F3
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1710515225.1663690254; _gid=GA1.2.534214221.1663690254; _gat_UA-143790984-2=1; btag=656126_D6F000105B5F4064B07D738EA957E8F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 16:10:55 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9136640
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dbd57f3f7eb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations