Report - ungroudonchan.com/4/4598789?ymid=3f9aMmzgAamojVM2UUYhM7&var=074b5bba-80ab-4a33-86df-edbd736e35eb

Report Overview

Submitted URL
ungroudonchan.com/4/4598789?ymid=3f9aMmzgAamojVM2UUYhM7&var=074b5bba-80ab-4a33-86df-edbd736e35eb
IP
139.45.197.238
ASN
#9002 RETN Limited
Submitted
2022-09-19 05:51:51
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	21 kB	142.250.74.174
35.227.234.222	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	204 B	35.227.234.222
encore.scdn.co	25928	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	485 B	91 kB	151.101.86.248
secure.quantserve.com	973	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	11 kB	91.228.74.166
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.9 kB	23.36.77.32
scripts.mediamathrdrt.com	273493	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	857 B	7.9 kB	104.21.39.149
open.spotifycdn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	349 kB	151.101.86.249
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
i.scdn.co	1162	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	131 kB	151.101.86.248
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
www.megarush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	28 kB	610 kB	172.67.22.147
megalotto-static.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	791 kB	104.18.38.157
rules.quantcount.com	877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	937 B	54.230.111.16
edge.fullstory.com	2769	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	64 kB	35.201.112.186
megalotto-img.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	31 kB	104.18.38.157
graphql.datocms.com	163121	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	475 B	702 B	104.22.3.238
ungroudonchan.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	739 B	2.2 kB	139.45.197.238
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
media.megarushaffiliates.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	1.1 kB	23.36.79.18
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	52 kB	142.250.74.72
megalotto-api.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	88 kB	104.18.38.157
pxl.qccerttest.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	859 B	747 B	143.204.55.93
pixel.quantserve.com	417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	972 B	459 B	91.228.74.166
d3mi6d1ao3fzsg.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	17 kB	54.230.245.231
s2.adform.net	4693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	31 kB	37.157.5.73
track.adform.net	3564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	86 kB	37.157.4.25
apresolve.spotify.com	753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	816 B	832 B	34.98.74.57
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	142.250.74.3
open.spotify.com	3062	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	491 B	26 kB	35.186.224.25
rs.fullstory.com	2455	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	417 B	35.186.194.58
gew4-spclient.spotify.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.3 kB	35.186.224.17
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	7.1 kB	23.36.76.226
eu.can-get-so.me	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	527 B	381 B	157.90.33.78
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	681 B	139.45.195.8
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.218.159.206

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-19	medium	ungroudonchan.com	Sinkholed
2022-09-19	medium	ungroudonchan.com	Sinkholed

JavaScript (25)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-K4GPX49	152 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K4GPX49 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:17:14 Last Seen2023-03-07 18:38:37 Times Seen1 Hash 92aa005aa338fa4195603dd4d0e99bf3 ae5517a747c32642138f4531d63d9a19ca230b08 9f0fbe9d441ec735ff13c25fff1db525a48600facba9c44a6062e4acea0a5e4e Loading...

	d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js	16 kB	2023-03-07	2023-03-17
Pretty URL d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js IP 54.230.245.231 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 9f2263de140cc78c0737d17051307016 0174dfe38c88f9e7043b002fb9131c7a71399d77 17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a Loading...

	www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285	409 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 1975ca962a84729519ec67c01b3b24a6 343814a3878553f938081eaca8e1acd975420b9d 750dd2532ed69312546d95f623a804e030b3d2d2c1e167be87c746a8c6c0cf14 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 16:15:29 Times Seen37066524 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ungroudonchan.com/4/4598789?ymid=3f9aMmzgAamojVM2UUYhM7&var=074b5bba-80ab-4a33-86df-edbd736e35eb	660 B	2023-03-07	2023-03-07
Pretty URL ungroudonchan.com/4/4598789?ymid=3f9aMmzgAamojVM2UUYhM7&var=074b5bba-80ab-4a33-86df-edbd736e35eb IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:38:37 Last Seen2023-03-07 18:38:37 Times Seen1 Hash 9199769957d9ed20b50248fb869b6e03 67fbb0f85f43ba871d5865d9bfa353ca078f7e82 54233bd1067022a63901c09121309ee4479340084fc6dd82f29aca34d3d9352d Loading...

	www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285	373 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e94fe87cb0f9b191e8a2f2c0fa5e267a 3c2deb6b38f8cf76c90e2b6bd12161bccbc8ca9b 51c583bce95c19f63dcd7bc23d3cd1267ad6f710e77f1b946717d231c60dbc5f Loading...

	www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285	72 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 05767ea3358595f1121304133ca91186 9cc28d62d149415bc7708e7d4c65a0a679017c65 6c8e8873e5f00c38cae3d86f5fe172fe8d8192995d2b7180c9801bbf46d29c12 Loading...

	www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285	70 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 29c52dd8b94963ce070a831157ff78e6 e49e51244fd219ff2191d75aadd3be4bbb8adf35 98a9253151b22574fe7f11829de0f8b5de1f2f5985295cdffe7a3d56fa3dc716 Loading...

	www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285	1.2 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 4b845dcbe67dcf2f08884d22e61ca993 d5df2c0e8e2e49aef3881c2331cc8c2a601d6667 8df185c955c3ece045fce2017142562a3d3b8c678176d86faeab2c8f5307c791 Loading...

	scripts.mediamathrdrt.com/scripts/b_megarush.js	805 B	2023-03-07	2024-03-29
Pretty URL scripts.mediamathrdrt.com/scripts/b_megarush.js IP 104.21.39.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2024-03-29 16:08:03 Times Seen301 Hash 515636fd468eb57dafca110b214b3161 2843400ad362c003c84b007091acd45c7ecf813f b89528e21d6f85cc11459c7b6ec733cb9f9775a351f6dda2597aa76eeca5b761 Loading...

	scripts.mediamathrdrt.com/safeframe	3.6 kB	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 104.21.39.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash 94ddf5c543e810ada88812cdb346392a a4414d0d384c7d405d8f23fcaf18ee61d8895cce 513a33d7b370a1a09ffe81463bd0575c9d697b21a4f97ef09d25543ddf3bd1b1 Loading...

	scripts.mediamathrdrt.com/safeframe	173 B	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 104.21.39.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash ed2ee4ac79bc7af5967acee3f32c0b7c ce88dc9a9fb3501823b374291671d5016581a8de 975e4354b54fbad37d4342e331a35b41188179551e25da7bd06bda1d5649fb76 Loading...

	www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285	244 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 251b3c4f175a3557d020af7276e3a62c 78d8f5a1fc8fa63a6b05f87b13beb475f68d065a b681075422c11c3cf1edf3e9aac4a0ac48bbe5f5302eeb45f3f63a82e779fe24 Loading...

	s2.adform.net/banners/scripts/st/trackpoint-async.js	83 kB	2023-03-07	2024-04-11
Pretty URL s2.adform.net/banners/scripts/st/trackpoint-async.js IP 37.157.5.73 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-11 07:25:49 Times Seen5 Hash 552eeb5f0620fb6f56733d625b5e719e 4b82da5898c97f3db9b9311ab0109231f90cd6d8 ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3 Loading...

	track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=909290564317&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_159B48BAB3484B7EBBDF8895D25E7285	385 B	2023-03-07	2023-03-07
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=909290564317&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_159B48BAB3484B7EBBDF8895D25E7285 IP 37.157.4.25 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:38:37 Last Seen2023-03-07 18:38:37 Times Seen1 Hash 5449c386e87a1e855c2e4002f6e35b66 39d7d6a364ab680f57729164fb469c5c6682bd12 1c567042fef042cd2d476a7a179f4b3bdc46bc4150c1b5602c751b1302c7cf5b Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1980090150&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_159B48BAB3484B7EBBDF8895D25E7285	729 B	2023-03-07	2023-03-07
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1980090150&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_159B48BAB3484B7EBBDF8895D25E7285 IP 37.157.4.25 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:38:37 Last Seen2023-03-07 18:38:37 Times Seen1 Hash 3d003230152bc0f7f189f6a27b78fa41 6b40f5213015ab15d8c2d80e0a78fd6b000650d8 26a97c8d23ef3272fcb00e62bd71df4d3f137b00303ab81761adc009c07d6370 Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1980090150&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_159B48BAB3484B7EBBDF8895D25E7285	542 B	2023-03-07	2023-03-17
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1980090150&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_159B48BAB3484B7EBBDF8895D25E7285 IP 37.157.4.25 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 2ccd12d03fad8f3e6cecde40cdd802ba 28d041241344c759642b1788adcf27b0582c7e04 56430687824251353e667ff24b449b626c78df2e3b7da8d829dd1a49b5a2708c Loading...

	www.megarush.com/js/chunk-vendors.25e1a372.js	326 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/chunk-vendors.25e1a372.js IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 794d5dedcb45f2d9e25097986de4b2d8 a7e6eccff06fea3094cf113b276a0e8ca408eb8a f8063bd1bb6c5549795d3eea5d60aab8e94688fb1b67901a60d4ce921790b4fd Loading...

	www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285	68 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e239a24babf5dcada90d18e249730189 a03c92a556330ca1c9611eb6d488aacc7889df2e a1e90c45f22ab45026fe49d18aa82a55e295ec4efa4aaf16e3f04365567bc0e2 Loading...

	www.megarush.com/js/index.94a008e8.js	1.4 MB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/index.94a008e8.js IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:35:30 Last Seen2023-03-17 12:45:42 Times Seen1 Hash f00870c1f312d6ce57cd7201de92a418 c33eb3a71a78416d53cd8ba09b505e181aacf22a 7a5cb32a27e1b23ef27215c5960ea8364d85fea97b2d5b6dc96d98d7e947040f Loading...

	www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285	1.1 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 8d23e75026216948f6f5480cfec43614 19f79c45ee1364682a41bf32d9ed60000977c5e8 82cd2ac7e097cd8a40b29aacebcbdb07b414cf167a11c9c88af7e6733b712efc Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 21:14:10 Times Seen840 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	edge.fullstory.com/s/fs.js	251 kB	2023-03-07	2023-03-17
Pretty URL edge.fullstory.com/s/fs.js IP 35.201.112.186 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:50:46 Times Seen1 Hash f3e4c056a560d0a69450b1bcf8e21b7b 69e4e577d43b77da007f0bb0ca11d305ec907bc6 647c61b085ea098e8b5d6c0498c18e97bd9cc858ec3e6763cd16cb64d61c47f8 Loading...

	open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js	742 kB	2023-03-07	2023-03-17
Pretty URL open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js IP 151.101.86.249 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:35:30 Last Seen2023-03-17 12:45:00 Times Seen1 Hash e2c1f7007e3e0736755c5d6a759b2169 276a669ea417934419a460db6babd4efc57ec3c1 adb439745c010da06612603d814f28d530f1563feafeb7900900b7a6341dedeb Loading...

	rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js	271 B	2023-03-07	2023-03-17
Pretty URL rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js IP 54.230.111.16 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 34e255255d25312b08a2cc8566b5bf38 56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85 1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23 Loading...

HTTP Transactions (116)

URL IP Response Size

ungroudonchan.com/4/4598789?ymid=3f9aMmzgAamojVM2UUYhM7&var=074b5bba-80ab-4a33-86df-edbd736e35eb

139.45.197.238

200 OK

679 B

URL HTTP/1.1
ungroudonchan.com/4/4598789?ymid=3f9aMmzgAamojVM2UUYhM7&var=074b5bba-80ab-4a33-86df-edbd736e35eb
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
679 B (679 bytes)
Hash
00257a4e380fb1aae298c6bb9710d439
95f0e777ebf73f82fc0f0126e553d19ee3e085a5
55713e4a9dbb07869237f90f154e8bc67d447032d5a30a5d7153c29827facd07

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/4598789?ymid=3f9aMmzgAamojVM2UUYhM7&var=074b5bba-80ab-4a33-86df-edbd736e35eb HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 05:51:39 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 841d108162afd1783df13f61c9c663b6
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=0d2a3cd5b3804be68fbdf474b6b2fbc4; expires=Tue, 19 Sep 2023 05:51:39 GMT; path=/
oaidts=1663566699; expires=Tue, 19 Sep 2023 05:51:39 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 05:12:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tseUVqGcmeKfbAuNhTOULlzkp0eW-a-Sbp3dg3l_hhEHHvCzXjjYqQ==
Age: 2342

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4210
Expires: Mon, 19 Sep 2022 07:01:50 GMT
Date: Mon, 19 Sep 2022 05:51:40 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Jxw_4CkrI3DN5yMWEhIo_HPmFrfNGeM_U435IZvNmXXQp9wwmrgFYQ==
age: 4587
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e4af8f904bd872ebfcf16bd59c85c11
e78ad51acb90d2ed0c6e05f926722f2b8e8c6426
7c0df159e6a36a1b297cbc46dc0fcc37a7dacad17f923ff4d7be1582d707576b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C0DF159E6A36A1B297CBC46DC0FCC37A7DACAD17F923FF4D7BE1582D707576B"
Last-Modified: Fri, 16 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14197
Expires: Mon, 19 Sep 2022 09:48:17 GMT
Date: Mon, 19 Sep 2022 05:51:40 GMT
Connection: keep-alive

ungroudonchan.com/favicon.ico

139.45.197.238

204 No Content

0 B

URL HTTP/1.1
ungroudonchan.com/favicon.ico
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=0d2a3cd5b3804be68fbdf474b6b2fbc4; oaidts=1663566699

HTTP/1.1 204 No Content
Server: nginx
Date: Mon, 19 Sep 2022 05:51:40 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595604506339975805&subid1=4598789&cost=0.000276&rdk=rk1

157.90.33.78

302 Found

0 B

URL HTTP/2
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595604506339975805&subid1=4598789&cost=0.000276&rdk=rk1
IP
157.90.33.78:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595604506339975805&subid1=4598789&cost=0.000276&rdk=rk1 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Mon, 19 Sep 2022 05:51:40 GMT
content-length: 0
x-trace: 63809dd4f9a9184010e4493599cc32a4
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop
set-cookie: rauid=vKrO9MNkRySiEEmBEhs9Lg; expires=Tue, 19 Sep 2023 05:51:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
c5f23f94270a39081bb9d749a97d5704
97e18938c56b7d7c43bddac19abc7dbd2eccc952
dfefc859840a50bfc0eaa8e38dadae38a65514f0060af98cad8c1ab0892b1330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 05:51:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=303818,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d00d05cb81fabc-OSL

my.rtmark.net/img.gif?f=merge&userId=0d2a3cd5b3804be68fbdf474b6b2fbc4

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=0d2a3cd5b3804be68fbdf474b6b2fbc4
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /img.gif?f=merge&userId=0d2a3cd5b3804be68fbdf474b6b2fbc4 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0d2a3cd5b3804be68fbdf474b6b2fbc4; expires=Tue, 19 Sep 2023 05:51:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop

35.227.234.222

302 Found

0 B

URL HTTP/1.1
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop
IP
35.227.234.222:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 19 Sep 2022 05:51:40 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google

media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575

23.36.79.18

301 Moved Permanently

0 B

URL HTTP/2
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP
23.36.79.18:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Mon, 19 Sep 2022 05:51:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 19 Sep 2022 05:51:40 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663566700643)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C2022919551%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224755130%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Wed, 19-Sep-3021 05:51:40 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=47
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a7fa280164f7b3c1d57e372556a8bd86
9cda2758eb1bc8657ac63d9fe7336c72637aad7f
570486fd34d10de57391e5ca0710cd6ef9985eb7d9067af4fc9bb2f3e6dffaa0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3698
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 05:51:40 GMT
Last-Modified: Mon, 19 Sep 2022 04:50:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 05:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 06:00:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lwM_ERpMZPTpcc2GD3ZFbJOJeb7Dr-buNyUvFJQQjlF2hCi0AfpKgw==
Age: 2898

www.megarush.com/fonts/Inter-ExtraBold.woff2

172.67.22.147

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-ExtraBold.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Size
10 kB (10484 bytes)
Hash
d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c

HTTP Headers

GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: font/woff2
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 317
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d08cc61b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Regular.woff2

172.67.22.147

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Regular.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Size
10 kB (10108 bytes)
Hash
5ec57a5a91c67095e4a7e91ac375ffb1
23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5

HTTP Headers

GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: font/woff2
content-length: 10108
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 317
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d08cc65b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Bold.woff2

172.67.22.147

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Bold.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Size
10 kB (10508 bytes)
Hash
a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37

HTTP Headers

GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: font/woff2
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 317
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d08cc62b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/DS-Digital.woff2

172.67.22.147

200 OK

776 B

URL HTTP/2
www.megarush.com/fonts/DS-Digital.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Size
776 B (776 bytes)
Hash
789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248

HTTP Headers

GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: font/woff2
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 317
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d08cc67b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/js/chunk-vendors.25e1a372.js

172.67.22.147

200 OK

106 kB

URL HTTP/2
www.megarush.com/js/chunk-vendors.25e1a372.js
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
106 kB (106053 bytes)
Hash
4fdf75128d4e41ed590081f561e36c6f
cc97c25dcdb1cd03545445cc529119877caa8b53
876b14a822b25b961bf4f7107908bfb1f8d369a96372b18de2dfa163fb1e2ec0

HTTP Headers

GET /js/chunk-vendors.25e1a372.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Wed, 14 Sep 2022 14:55:10 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 545
server: cloudflare
cf-ray: 74d00d08ec7eb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5091
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 05:51:41 GMT
Last-Modified: Mon, 19 Sep 2022 04:26:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtm.js?id=GTM-K4GPX49

142.250.74.72

200 OK

51 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (23513)
Size
51 kB (50745 bytes)
Hash
a60c3667d82ba146b5bb809ea884be22
b130ed18c8599028f0eaa8786dbf4fbb311d480f
377a647c0b825ee2cb6da8371a2cdf8d120c198c6ac67fb6ca241aa5418969f3

HTTP Headers

GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 05:51:41 GMT
expires: Mon, 19 Sep 2022 05:51:41 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50745
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 05:51:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.megarush.com/favicons/favicon-194x194.png

172.67.22.147

200 OK

12 kB

URL HTTP/2
www.megarush.com/favicons/favicon-194x194.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11668 bytes)
Hash
3bc9ecb2b8d9e78d83d49da52c0292fc
b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c

HTTP Headers

GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33776844
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0b7f62b506-OSL
X-Firefox-Spdy: h2

d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js

54.230.245.231

200 OK

16 kB

URL HTTP/1.1
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP
54.230.245.231:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (16536)
Size
16 kB (16537 bytes)
Hash
9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a

HTTP Headers

GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 20:01:01 GMT
ETag: "9f2263de140cc78c0737d17051307016"
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Mnc2Q1DWttBzG695uBVkD_V0U--7T1xskrskj2W35UYntZDyGIlLgQ==
Age: 35441

www.megarush.com/favicons/favicon-16x16.png

172.67.22.147

200 OK

437 B

URL HTTP/2
www.megarush.com/favicons/favicon-16x16.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
437 B (437 bytes)
Hash
914b291e561aafc860f86bc23c4065f1
b47bda2b8d530bbaead0fbcba219ac18247d1410
08f8a35ac0dda8a81618b381bfc0747ac80e022c0ff44dcb4d8d153dad724b45

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 437
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-1b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6610285
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0b7f64b506-OSL
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.218.159.206

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.159.206:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QU0oGkx6azUt4H5UxZUfoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ld36SRFApfPx69OPV/y9B4KcMmA=

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
172e6df78fa7441e7da500bb9a5b23b3
3a2956f971f71a8aa8a2820ddab723269a497eee
798229c01f011a42689b326d7d0c21771371319edb48e58466190e54126e25e6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "798229C01F011A42689B326D7D0C21771371319EDB48E58466190E54126E25E6"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8690
Expires: Mon, 19 Sep 2022 08:16:31 GMT
Date: Mon, 19 Sep 2022 05:51:41 GMT
Connection: keep-alive

megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6328035a16817b889dac36d2

104.18.38.157

101 Switching Protocols

0 B

URL HTTP/1.1
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6328035a16817b889dac36d2
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6328035a16817b889dac36d2 HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EY03FnUba0UOJKnrNLrlwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Mon, 19 Sep 2022 05:51:41 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: vqFNaglwteOY+R4vmUBdgzh3BKc=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=85a547835eae4c636738facab771bd81; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d00d0bb8eeb51b-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
172e6df78fa7441e7da500bb9a5b23b3
3a2956f971f71a8aa8a2820ddab723269a497eee
798229c01f011a42689b326d7d0c21771371319edb48e58466190e54126e25e6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "798229C01F011A42689B326D7D0C21771371319EDB48E58466190E54126E25E6"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8690
Expires: Mon, 19 Sep 2022 08:16:31 GMT
Date: Mon, 19 Sep 2022 05:51:41 GMT
Connection: keep-alive

megalotto-static.gigmagic.io/translations/no.json

104.18.38.157

200 OK

75 kB

URL HTTP/2
megalotto-static.gigmagic.io/translations/no.json
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Size
75 kB (75078 bytes)
Hash
c65c57dc0700025bf90a1adde1aff75b
32292b13109ae3c175acc85eb5c042e3433f2cbb
4063d90c64b9268398cff98e82b3b3b825d7dede0f4572000134d9d163feda84

HTTP Headers

GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: application/json; charset=utf-8
content-length: 75078
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Thu, 08 Sep 2022 13:34:10 GMT
etag: "c65c57dc0700025bf90a1adde1aff75b"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d00d0c58910af6-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9aa2e2ad348c576d17b320261fdd5002
2c552d0f7bc6ef9c4df4b9abdc1e2dbcd23a06a8
9688bc5095efa1456db60656310f626888cc8552d6cb0f40876e13ac71aeec51

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 05:51:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 04:41:12 GMT
expires: Mon, 19 Sep 2022 06:41:12 GMT
cache-control: public, max-age=7200
age: 4229
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
896bff52d8e6754a724da99230caabd6
bb053af2fcbeae7045f94d66baedc852abd3d663
7e0302d513ca6a7b370cc58c86c9a39a85578a9def775c20e3ede5b3402bc7cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 05:51:41 GMT
Last-Modified: Mon, 19 Sep 2022 04:06:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

edge.fullstory.com/s/fs.js

35.201.112.186

200 OK

63 kB

URL HTTP/2
edge.fullstory.com/s/fs.js
IP
35.201.112.186:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65410)
Size
63 kB (62929 bytes)
Hash
d720d9c7a26941dcca38a469673b2863
4c985e903ece1d84cca14d3dd12166b8e7b6925b
7ed116dc750bcbf3290fbf478332c0208ee4b914b64b44b6e49bccfa417f3014

HTTP Headers

GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdusPm2jdyIAUT0ECrollm2xAG10QWIz94LXxIfVyOca4i4wxOCEczWDzeXGj987_4bNvTc56Vt7JKbD91j6yR5-sks77Djq
x-goog-generation: 1663163967982920
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 62929
content-encoding: br
x-goog-hash: crc32c=S62c9A==, md5=1yDZx6JpQdzKOKRpZzsoYw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 62929
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 19 Sep 2022 05:40:28 GMT
expires: Mon, 19 Sep 2022 06:40:28 GMT
cache-control: public, max-age=3600,no-transform
age: 673
last-modified: Wed, 14 Sep 2022 13:59:28 GMT
etag: "d720d9c7a26941dcca38a469673b2863"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9aa2e2ad348c576d17b320261fdd5002
2c552d0f7bc6ef9c4df4b9abdc1e2dbcd23a06a8
9688bc5095efa1456db60656310f626888cc8552d6cb0f40876e13ac71aeec51

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 05:51:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.megarush.com/img/home-page/coin-3-2.png

172.67.22.147

200 OK

2.2 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-2.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Size
2.2 kB (2192 bytes)
Hash
c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca

HTTP Headers

GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6609323
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e4aa2b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-4.png

172.67.22.147

200 OK

786 B

URL HTTP/2
www.megarush.com/img/home-page/coin-2-4.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Size
786 B (786 bytes)
Hash
dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09

HTTP Headers

GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30552097
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e4aa0b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-3.png

172.67.22.147

200 OK

1.8 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-3.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1807 bytes)
Hash
fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680

HTTP Headers

GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9013086
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e5aadb506-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/mega-jackpots.png

172.67.22.147

200 OK

64 kB

URL HTTP/2
www.megarush.com/img/home-page/mega-jackpots.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Size
64 kB (63747 bytes)
Hash
b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d

HTTP Headers

GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9006627
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e6ac8b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-1-1.png

172.67.22.147

200 OK

4.3 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-1-1.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4257 bytes)
Hash
214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0

HTTP Headers

GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30552097
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e6ad1b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-2.png

172.67.22.147

200 OK

2.6 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-2-2.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 61 x 69, 8-bit colormap, non-interlaced\012- data
Size
2.6 kB (2616 bytes)
Hash
bba9175cb7f05129ab03029f757b73ec
3efab582d082e5eb7f9ad9106f564c6f95e1fcc0
5ec2a2d82d3f356dcda627c1858e64278702b9c348f707287c9e72d0cbe05ad7

HTTP Headers

GET /img/home-page/coin-2-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 2616
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-a38"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9008929
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e7ad9b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-1.png

172.67.22.147

200 OK

4.4 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-1.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4434 bytes)
Hash
3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6

HTTP Headers

GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30552097
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e7adab506-OSL
X-Firefox-Spdy: h2

scripts.mediamathrdrt.com/safeframe

104.21.39.149

200 OK

6.2 kB

URL HTTP/2
scripts.mediamathrdrt.com/safeframe
IP
104.21.39.149:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
6.2 kB (6211 bytes)
Hash
f5c4f4e8e1bdef912d55cf5130486dc6
4a5bed41d72e15872ac2c2f069745c6ac5f07cc7
7b389f1f76ce8a31432b5e6c7f160ab814321d57d3c88615c6666c1fd1709fee

HTTP Headers

GET /safeframe HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 05506960-b201-4ed5-aca4-5eeddbad6f4c
x-download-options: noopen
x-runtime: 0.001949
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGTIM1oi8XXHD%2Be13kCwEl2F1K735eTbWqwLsdQ24mcP3juneXkTOAh5ZV8Nf18KxMrXxoSKhKr8jDwoGquw5d5SoWlphQOM0Nm7euBVxisTb0J5KcXyohdlzHNdij4NSIceZQOhmaW1kPHI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d00d0cef191c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.megarush.com/img/benefits/promotions.png

172.67.22.147

200 OK

21 kB

URL HTTP/2
www.megarush.com/img/benefits/promotions.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21005 bytes)
Hash
0d9863db2ba8c87a673de9ea91482d5e
daca14014aeb80e137b6682a8c816cdd92639b2c
131582b1399fc62d9464a553a37bf6938d29fa48852a4d2564a3f6315f366911

HTTP Headers

GET /img/benefits/promotions.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 21005
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-520d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2128384
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e7adbb506-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/relaxGaming.svg

172.67.22.147

200 OK

14 kB

URL HTTP/2
www.megarush.com/img/icons/relaxGaming.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
14 kB (13639 bytes)
Hash
83fc06ee1f19c5a22dc6859d2cce184c
2107656bca13d3c5763216c1da565b1796aeafd3
45964bc789aa395399b9b869d2abc9374c44e8bbe859d8c9b9e843ba676271f1

HTTP Headers

GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6609323
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e6abeb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/benefits/loyalty.png

172.67.22.147

200 OK

9.7 kB

URL HTTP/2
www.megarush.com/img/benefits/loyalty.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Size
9.7 kB (9659 bytes)
Hash
df4d6dc1ebb3bbbace8d15ec77486d46
287e7185a17258c716cbf616aa95287c0db255a9
a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8

HTTP Headers

GET /img/benefits/loyalty.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 9659
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9008929
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e7ae0b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/feel-the-rush.png

172.67.22.147

200 OK

49 kB

URL HTTP/2
www.megarush.com/img/home-page/feel-the-rush.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data
Size
49 kB (48691 bytes)
Hash
141c6d0e374b086cf1d604173cb607c8
9e5531e6e26ad4cb621dd35d9521b167ce99ca53
c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2

HTTP Headers

GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 48691
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30552097
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e8aecb506-OSL
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

104.18.38.157

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=7a940f64164fea3dfa16feb3497281e5; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d00d0e19780af6-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/affiliates/online-gamblers.png

172.67.22.147

200 OK

14 kB

URL HTTP/2
www.megarush.com/img/affiliates/online-gamblers.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14178 bytes)
Hash
9c612bb3dbe37436b86ec881eecb90c4
45722b1f16d3b61f2803fa3bb78403414bd3a442
e92c2f751a6eddbd489bf745193c6af18af7d1f270396f0a0d40efc778c5672c

HTTP Headers

GET /img/affiliates/online-gamblers.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 14178
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-3762"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33777525
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e9b03b506-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/affiliates/norges-casino.png

172.67.22.147

200 OK

12 kB

URL HTTP/2
www.megarush.com/img/affiliates/norges-casino.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data
Size
12 kB (12111 bytes)
Hash
453efb7650d4c514229ddc7cb4b5d04f
f00e51876a720516521db90908019e5ccebe0397
d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e

HTTP Headers

GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/png
content-length: 12111
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33777525
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e9b04b506-OSL
X-Firefox-Spdy: h2

s2.adform.net/banners/scripts/st/trackpoint-async.js

37.157.5.73

200 OK

31 kB

URL HTTP/2
s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
37.157.5.73:0
ASN
#198622 Adform A/S

File type
data
Size
31 kB (30633 bytes)
Hash
14d6e116b4b6a74afe5c22c5a6be524f
185eb6213ad183480fa8a02c30867003d315bd17
c2e9bd2d6c07edfd08136c7839683eacb364c257a772efea3dc44b85af01a329

HTTP Headers

GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 May 2022 11:34:23 GMT
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-amz-request-id: tx0000000000000ad9f882d-006327f7f0-32334d62-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/games/no_NO.json

104.18.38.157

200 OK

714 kB

URL HTTP/2
megalotto-static.gigmagic.io/games/no_NO.json
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
714 kB (714008 bytes)
Hash
2b8d7eb8d9f56918e231833888a022c4
38aa421f60d49dc4f204d473c435e34529e2e9e8
b3fe1abb3128d08ba81a2de1ae727dba1fc4fec2f829a44dceeb23a219dfc3f9

HTTP Headers

GET /games/no_NO.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: application/json; charset=utf-8
content-length: 714008
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 06 Sep 2022 08:13:41 GMT
etag: "2b8d7eb8d9f56918e231833888a022c4"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d00d0e09700af6-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/promotions--flat.svg

172.67.22.147

200 OK

986 B

URL HTTP/2
www.megarush.com/img/icons/promotions--flat.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
986 B (986 bytes)
Hash
005f0049326eca8a8992648d19c9d90e
90cccb59b94389203efff18eb1a71573fc84f003
f2f91966e0a3b46e1f16b6f65528f989a316aa0196ce01b82c8b0023051e55e8

HTTP Headers

GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17502396
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0f2bb4b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png

104.18.38.157

200 OK

31 kB

URL HTTP/2
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, AVIF Image\012- data
Size
31 kB (30644 bytes)
Hash
a120f99e6d07b9526d8720e520942423
57edcb554c28a5787dd54c7f64b12ce9b7007d9b
c006a30b946ca1a403a8eaca8cdf20fa22b9ea6912b59023689f6aa65c83b137

HTTP Headers

GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 06 Sep 2022 09:45:02 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 66cd5b3423986c504740641be9f0a18ddd2feace
x-imgix-render-farm: 01.1072
age: 1109199
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-ams12736-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d00d0eb846b518-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-checked-badge-new.svg

172.67.22.147

200 OK

1.1 kB

URL HTTP/2
www.megarush.com/img/icons/mega-checked-badge-new.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.1 kB (1140 bytes)
Hash
71d3738325628cb04e291d2f128d1745
730137b94babbad99d8303f445c83ce9b7a7ca43
9b6df389bd3f5d311ce6b2a5298c64c59072df1699426291c09fdaf9ecaff9d3

HTTP Headers

GET /img/icons/mega-checked-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-66f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29014944
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0fbc4eb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--yellow.svg

172.67.22.147

200 OK

6.6 kB

URL HTTP/2
www.megarush.com/img/icons/live-casino--yellow.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.6 kB (6607 bytes)
Hash
8ef99fb6401d991fde27211c15056748
f1d1444139e906830d1496c5e9ca0db54ca2859c
4ed752c2f845b8548d54e3f2e84ce75ca802cf1d75baee0d9b53f66f14422463

HTTP Headers

GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17502396
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0edb42b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/netent.svg

172.67.22.147

200 OK

79 kB

URL HTTP/2
www.megarush.com/img/icons/netent.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
79 kB (79088 bytes)
Hash
deed1829e05d3dc205c2f7fa992745da
2f1d632fff971f3ed6fd8289b574dd47134b4899
050b687b1e42ef1db1c6537826b94b883ecbc9b97bd1abd5b42f17af350d7a6f

HTTP Headers

GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9014367
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0e6ac1b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gamblersanonymous.svg

172.67.22.147

200 OK

36 kB

URL HTTP/2
www.megarush.com/img/icons/gamblersanonymous.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
36 kB (35589 bytes)
Hash
32b21357d4a27cd2bd1b5cd480634e7f
9f3533d87c3b5f8cd4113545d4663feef04f8889
b295caaac6af888dd0cf42fca52d54d6fe6d0293f60bfe2ee032585403fe43bc

HTTP Headers

GET /img/icons/gamblersanonymous.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6609899
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0fbc5fb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/loader.svg

172.67.22.147

200 OK

56 kB

URL HTTP/2
www.megarush.com/img/icons/loader.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
56 kB (55641 bytes)
Hash
950d23a01c3283566a07bdb7b7e27822
d1ec72df40bc29fd0a9081d0c722f470f7e10fff
9383e55d93b68f5b21b5c42410af39c895fa4977fae4686d67aa9386c5eea9b5

HTTP Headers

GET /img/icons/loader.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33776418
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d103cefb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

104.18.38.157

200 OK

86 kB

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
86 kB (85673 bytes)
Hash
5578420410365e518c2fba6217a05242
43a4b7a78d035a2de7f98b84e55ba336e806d7e5
e40f4dda70f223efbfc56c3f9914d3003ae45419760efed0fe6b18dd4c7b49f3

HTTP Headers

POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 6328035a16817b889dac36d2
Origin: https://www.megarush.com
Content-Length: 18
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=7a940f64164fea3dfa16feb3497281e5; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d00d0e99be0af6-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/games--flat.svg

172.67.22.147

200 OK

63 kB

URL HTTP/2
www.megarush.com/img/icons/games--flat.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
63 kB (63220 bytes)
Hash
f95099bb263eed289f5b0aed723fef2d
c9c283c661a2bc18792f79414c3cdd3ecbe8cbfa
7a7e4842c83e533ba5600cdd4729010288a4805e97e3e820bf4b072035fcacbd

HTTP Headers

GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33777524
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0f2badb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi

35.186.224.25

302 Found

25 kB

URL HTTP/2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP
35.186.224.25:0
ASN
#15169 GOOGLE

File type
data
Size
25 kB (24895 bytes)
Hash
9e209159e1fdb200418ec5801699a022
a769b58196bb2658072976443e63b226ef3e5da4
df6d5fd174f4fd3da285c3f4ede325200f487ec93f2ac1d07277ea724d488605

HTTP Headers

GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=7cc2095779f14156bd10dc3769aeac69; path=/; expires=Tue, 19 Sep 2023 05:51:42 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D7cc2095779f14156bd10dc3769aeac69%26device%3Ddesktop; path=/; expires=Tue, 20 Sep 2022 05:51:42 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: 99d2585cce4c8b0b
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/half-blue.svg

172.67.22.147

200 OK

464 B

URL HTTP/2
www.megarush.com/img/home-page/glows/half-blue.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
464 B (464 bytes)
Hash
4721a0b8da1bfea8b98c742274843584
2697621cbe27368b7fdb93f36c156f6e90ee5795
529ea89eaa07712af400eff2f2c8dedb56d22a38c0e135de442f1ac7b14a25d5

HTTP Headers

GET /img/home-page/glows/half-blue.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-2a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29531132
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d109d58b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a28fab6062c0fae84f84b957fd23fa6c
231b9878bd1ea0984ec4106ecfb7ecb0bd486d25
e0155887947b255a256c70c8209dce7348a59c876c8485361272cc104b21437a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0155887947B255A256C70C8209DCE7348A59C876C8485361272CC104B21437A"
Last-Modified: Sat, 17 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5550
Expires: Mon, 19 Sep 2022 07:24:12 GMT
Date: Mon, 19 Sep 2022 05:51:42 GMT
Connection: keep-alive

open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css

151.101.86.249

200 OK

3.5 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (23516), with no line terminators
Size
3.5 kB (3509 bytes)
Hash
9d04a5c053836e9cdaaed792e0e6a744
95a0d88c66706407a87daf0b82296ef68ea01444
7977dfdb15f2ab9ea2d9c3822a180b63428e43b5d199617d7a4d3e5fa741341c

HTTP Headers

GET /cdn/build/embed-legacy/embed-legacy.831fa035.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3509
Last-Modified: Mon, 25 Jul 2022 10:32:22 GMT
ETag: "9d04a5c053836e9cdaaed792e0e6a744"
x-goog-generation: 1658745142507438
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3509
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 19 Sep 2022 05:51:42 GMT
Age: 4821347
X-Served-By: cache-chi-kigq8000063-CHI, cache-bma1646-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 28385
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.a00b968f.js

151.101.86.249

200 OK

127 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.a00b968f.js
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
127 kB (127446 bytes)
Hash
43f080e112739f3efe45e144f5e55f78
3506fa1fd9d294bb8b639480885b989b34c15e9d
e86ed9ef1f49f7dd08c8b2ee3faf3e44dcce4fdb10d1a6775e807c6de5ab0fad

HTTP Headers

GET /cdn/build/embed-legacy/embed-legacy.a00b968f.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 127446
Last-Modified: Sat, 17 Sep 2022 06:53:13 GMT
ETag: "43f080e112739f3efe45e144f5e55f78"
x-goog-generation: 1663397593658803
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 127446
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 19 Sep 2022 05:51:42 GMT
Age: 168931
X-Served-By: cache-chi-kigq8000160-CHI, cache-bma1666-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 3927
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js

151.101.86.249

200 OK

216 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
216 kB (216461 bytes)
Hash
7e2514e9bc34d8a3de8cad16b3583170
49e70f24621b8939352c100f2ab2285c25e0413f
8507f3301310702977f9f1a095b99cbf0d6f5c0d47f5a56514fe579e72cb16e1

HTTP Headers

GET /cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 216461
Last-Modified: Wed, 14 Sep 2022 19:13:16 GMT
ETag: "7e2514e9bc34d8a3de8cad16b3583170"
x-goog-generation: 1663182795945010
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 216461
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 19 Sep 2022 05:51:42 GMT
Age: 383710
X-Served-By: cache-chi-klot8100084-CHI, cache-bma1637-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 20
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

rs.fullstory.com/rec/page

35.186.194.58

202 Accepted

76 B

URL HTTP/2
rs.fullstory.com/rec/page
IP
35.186.194.58:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
76 B (76 bytes)
Hash
483ffa09cea154d304956a80f8b6b0cc
8c4675aeda7de53c381d4027ac239f0ea83a82ca
39cd29318acd06252db1fc7edf14ce35ebbd083cf672cd371bb0e40340370f08

HTTP Headers

POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 376
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 05:51:42 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a28fab6062c0fae84f84b957fd23fa6c
231b9878bd1ea0984ec4106ecfb7ecb0bd486d25
e0155887947b255a256c70c8209dce7348a59c876c8485361272cc104b21437a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0155887947B255A256C70C8209DCE7348A59C876C8485361272CC104B21437A"
Last-Modified: Sat, 17 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5550
Expires: Mon, 19 Sep 2022 07:24:12 GMT
Date: Mon, 19 Sep 2022 05:51:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6927
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 05:51:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6927
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 05:51:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6927
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 05:51:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6927
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 05:51:42 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
3d9fd171b51b27aa84e06e7d5a40116e
a81660dcace8f232018ce9a6d027b271d1f8a863
2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: bee7087d-6431-457a-8fdc-a9eff7b14afd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOAZHcCIAMFTSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279068-4a7d282e1860a131491a4f2d;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EClCCFFn_OCwRqXC7W0g-msDSm1WsTRB5kDJsAQyxIPmIwSQBSbJ9g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:01 GMT
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
content-type: image/jpeg
age: 28481
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13049 bytes)
Hash
04257e82bf07e6a862ce2d4bbdfc068f
7a462e8d05cd56531957436470a1814d982e282b
bbc0f0dd6244934098a0e8bfa34b8e07e8a424e309030c2f07d9e441b6f481ee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: bf50bd3a-704b-46ae-901a-4a85fee855b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRHG2fIAMF7tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-5c3b5ab117226b5e50f4e46d;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d5tbg_Q1-142faHRRlYbkQrsFhloxm9eU7vZG9gQVFv7zcycC-hpVA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 08:01:34 GMT
age: 78608
etag: "7a462e8d05cd56531957436470a1814d982e282b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c4bd4cc-8de2-4b7d-a032-51bb3bb2b62b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5382 bytes)
Hash
675954666fb740ffa9ac63de5b6ec7a2
372d71d42ba1e17f23f581bd5bba446b642ff194
220d4ec963e30345d7a9ed4a8bc8e0d7583ea030ed56a55b8279c30e0be9b6d4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c4bd4cc-8de2-4b7d-a032-51bb3bb2b62b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5382
x-amzn-requestid: c8b36b66-6e3d-496a-93b8-af1d74884a34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAF2moAMF5iQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-3b00fd0a1d25e6032153099b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TJ-CRmIAS2E_JIXDmnbqeIzihWP5TuHDy7dtML6ekQVPbrfVJ74Hbw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:38 GMT
etag: "372d71d42ba1e17f23f581bd5bba446b642ff194"
content-type: image/jpeg
age: 28684
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4878 bytes)
Hash
672ffe8377dcaf5bad2d7e4534441984
e1b634652b4112c30f80745059523cbfce09365a
a4b6bcfb246be2d02b5d04b49f9d8c13fef8661abc7d9f146d5cc9c766fc96f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4878
x-amzn-requestid: 2d39705a-e054-428a-a3c8-fc0b12e70724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeH-EGvAoAMFZSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322538d-6ca748d854879c6b0d6194cd;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:19:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f_oUXd6cq-KWQHisWISSBu2cMNK706Zy8EhLTx1Ij8YVkKYJNpwPjA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 04:20:07 GMT
age: 5495
etag: "e1b634652b4112c30f80745059523cbfce09365a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6428 bytes)
Hash
893f3495f1f575e946a57c8e8411b2a5
480182fd29c7edd369339847b85e4e2580cef0f6
097d868881231eae089ac8b97d5dc290583477f63dc35b7458ed4898e0db3e0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nD62kVNMZRvoZaM85m1kNlgU-KOj2X7tqhy9cPxGJFaBHCMVEsvWXQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:45 GMT
age: 28677
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10894 bytes)
Hash
d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 12:42:49 GMT
age: 61733
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b1afdd4d60e0919725b3e0df36c8f33d
e80d25ca0567d785386cf234be184fc5a0dc30fd
066b60f53acf2e0c7122dbf097586de4017567ab7b206a48701aa366d73f211f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "066B60F53ACF2E0C7122DBF097586DE4017567AB7B206A48701AA366D73F211F"
Last-Modified: Sun, 18 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5062
Expires: Mon, 19 Sep 2022 07:16:04 GMT
Date: Mon, 19 Sep 2022 05:51:42 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b1afdd4d60e0919725b3e0df36c8f33d
e80d25ca0567d785386cf234be184fc5a0dc30fd
066b60f53acf2e0c7122dbf097586de4017567ab7b206a48701aa366d73f211f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "066B60F53ACF2E0C7122DBF097586DE4017567AB7B206A48701AA366D73F211F"
Last-Modified: Sun, 18 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5062
Expires: Mon, 19 Sep 2022 07:16:04 GMT
Date: Mon, 19 Sep 2022 05:51:42 GMT
Connection: keep-alive

graphql.datocms.com/

104.22.3.238

200 OK

0 B

URL HTTP/2
graphql.datocms.com/
IP
104.22.3.238:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.megarush.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74d00d14aa0bfabc-OSL
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=909290564317&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_159B48BAB3484B7EBBDF8895D25E7285

37.157.4.25

200 OK

388 B

URL HTTP/2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=909290564317&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_159B48BAB3484B7EBBDF8895D25E7285
IP
37.157.4.25:0
ASN
#198622 Adform A/S

File type
ASCII text, with CRLF line terminators
Size
388 B (388 bytes)
Hash
b97438bc8d9889adedc246a2c65d1e06
72d4b6f4cba4f0b6627226e8ac7dd78dd1b196a9
d5e56c6180a9b5d7a21a4306784a273d096135e560a9834cea98a41d7b9eda77

HTTP Headers

GET /Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=909290564317&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_159B48BAB3484B7EBBDF8895D25E7285 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: text/javascript; charset=utf-8
content-length: 388
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
54ba6c3cd917d108faacdddf3eb30602
fdd1fd761b0d5fa3000200a8bcbee94619b260bd
9e0ec0b95898ccf1ad3403bc3556bd0efe28bf5a649270c613cd9d43c02a92d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1960
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 05:51:43 GMT
Last-Modified: Mon, 19 Sep 2022 05:19:03 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

109 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
109 B (109 bytes)
Hash
0926fc60e839cfffe44efa6e56425309
34511f39a74c28f9e5159f3a83ee4e08bc436fe0
c14fc39402e0c96cb004041fdf6051d19e7f9da369a547eb8b10849e1c323222

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 109
date: Mon, 19 Sep 2022 05:51:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js

54.230.111.16

200 OK

271 B

URL HTTP/2
rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
IP
54.230.111.16:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
271 B (271 bytes)
Hash
34e255255d25312b08a2cc8566b5bf38
56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23

HTTP Headers

GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Mon, 19 Sep 2022 05:45:23 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9pgNvKKHp66Hep6kP45k3X4L3teIVh-kXZ-yzXxxGKe7UV_Ww20PsQ==
age: 394
X-Firefox-Spdy: h2

encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2

151.101.86.248

200 OK

90 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
data
Size
90 kB (90229 bytes)
Hash
b4aadc66b8da3238fb20b3dd8f240c8e
cb36b835f178c859e62ff737a84e2a9fd3657f25
d5dfb35ed7c4010899426b9fe305d7321e2fbc63941f250fb0d380b18982f0eb

HTTP Headers

GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Mon, 19 Sep 2022 05:51:43 GMT
Age: 644724
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1674-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 11
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=909290564317&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_159B48BAB3484B7EBBDF8895D25E7285

37.157.4.25

302 Found

84 kB

URL HTTP/2
track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=909290564317&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_159B48BAB3484B7EBBDF8895D25E7285
IP
37.157.4.25:0
ASN
#198622 Adform A/S

File type
data
Size
84 kB (84461 bytes)
Hash
ab71961e656b041ca6f05685de53e132
b1b715e9d2e2158f2b7fd2fde615e4a57ca7e135
9e712f767b7660e7046ae9b315ca4886710865b49f365c6603722a374ff262fa

HTTP Headers

GET /Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=909290564317&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_159B48BAB3484B7EBBDF8895D25E7285 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=909290564317&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_159B48BAB3484B7EBBDF8895D25E7285
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 19-Oct-2022 05:51:42 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8

151.101.86.248

200 OK

131 kB

URL HTTP/1.1
i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Size
131 kB (130780 bytes)
Hash
ccb11204819dd6617e4e1fba9eeb5a84
3f5233f01c8ce71ffddde8694d269ee834964b93
f3fa391ba021ceb98c27ff44f743db4d6a4073c0faf83ebf9f030d82bf4e6111

HTTP Headers

GET /image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 130780
Last-Modified: Fri, 30 Apr 2021 15:10:01 GMT
ETag: "ccb11204819dd6617e4e1fba9eeb5a84"
x-goog-generation: 1619795401707780
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 130780
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Mon, 19 Sep 2022 05:51:43 GMT
Age: 1111761
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000160-CHI, cache-bma1680-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000

pxl.qccerttest.com/pixel?r=400125834;fpan=1;fpa=P0-640284701-1663566684348;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663566684348;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1980090150%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_159B48BAB3484B7EBBDF8895D25E7285;ogl=

143.204.55.93

200 OK

35 B

URL HTTP/2
pxl.qccerttest.com/pixel?r=400125834;fpan=1;fpa=P0-640284701-1663566684348;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663566684348;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1980090150%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_159B48BAB3484B7EBBDF8895D25E7285;ogl=
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel?r=400125834;fpan=1;fpa=P0-640284701-1663566684348;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663566684348;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1980090150%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_159B48BAB3484B7EBBDF8895D25E7285;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 02:11:33 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZiSW3Vxk7Bbs-W3TlHvURrPBS7I-X1dEgPvc5F7WhoxQ09s5c_TJEw==
age: 13211
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

pixel.quantserve.com/pixel;r=1232676056;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1980090150%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_159B48BAB3484B7EBBDF8895D25E7285;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-640284701-1663566684348;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663566684352;tzo=0;ogl=;ses=390e8f2c-ed30-4fe4-a01b-1e3ad73f0d3d

91.228.74.166

200 OK

35 B

URL HTTP/2
pixel.quantserve.com/pixel;r=1232676056;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1980090150%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_159B48BAB3484B7EBBDF8895D25E7285;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-640284701-1663566684348;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663566684352;tzo=0;ogl=;ses=390e8f2c-ed30-4fe4-a01b-1e3ad73f0d3d
IP
91.228.74.166:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel;r=1232676056;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1980090150%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_159B48BAB3484B7EBBDF8895D25E7285;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-640284701-1663566684348;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663566684352;tzo=0;ogl=;ses=390e8f2c-ed30-4fe4-a01b-1e3ad73f0d3d HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:43 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=6328036f-6b95f-aac35-f7f94; expires=Fri, 20-Oct-2023 05:51:43 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Mon, 19 Sep 2022 05:51:43 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Mon, 19 Sep 2022 05:51:43 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Mon, 19 Sep 2022 05:51:43 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Mon, 19 Sep 2022 05:51:43 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

secure.quantserve.com/quant.js

91.228.74.166

200 OK

10 kB

URL HTTP/2
secure.quantserve.com/quant.js
IP
91.228.74.166:0
ASN
#16509 AMAZON-02

File type
data
Size
10 kB (10304 bytes)
Hash
5402e620f1cc147837df9421b264cb5c
87f9c1d53005364563c49cf8e0b581fa0c533b34
4e5b73652d8d995efa44d48d01f2c7e7022785152407af8a7075dcb069a8e620

HTTP Headers

GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:43 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Mon, 26 Sep 2022 05:51:43 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

113 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
113 B (113 bytes)
Hash
0595d1095dcb3d8c8b2f69d7e24c5a0f
75ead200683c60edde742c48c5a1e4551718e7d7
3f389c66ad4ed11c3ae5cd1831c12fc88c7bf6067d2cc7ed38c19d8f06f835e8

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 113
date: Mon, 19 Sep 2022 05:51:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/js/index.94a008e8.js

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/js/index.94a008e8.js
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/index.94a008e8.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Wed, 14 Sep 2022 14:55:10 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 545
server: cloudflare
cf-ray: 74d00d08ec80b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/casino--side-nav.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/casino--side-nav.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17525122
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0edb35b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/promotions/filter

104.18.38.157

200 OK

0 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 6328035a16817b889dac36d2
Origin: https://www.megarush.com
Content-Length: 47
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=85a547835eae4c636738facab771bd81; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d00d0eb9c90af6-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/ibas.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/ibas.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/ibas.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f8e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33777525
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0fbc59b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/iso.fc5b238b.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/iso.fc5b238b.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/iso.fc5b238b.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-363"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33777525
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d109d71b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

scripts.mediamathrdrt.com/scripts/b_megarush.js

104.21.39.149

200 OK

0 B

URL HTTP/2
scripts.mediamathrdrt.com/scripts/b_megarush.js
IP
104.21.39.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 5a7263d9-6a21-4b32-9bfb-2b0fe3807ca8
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.007984
expires: 2022-08-20 05:51:41 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rB7AGq1ygD4jnDN3sXkCu1vfX9BOtkmurUcq5LFTiS8U8YkI%2F3osYxP2eLeE4JU2%2BDMUpPd9V19BWITVDOGtXLcsBBBwRtqbJVz3dFPXhL0JX3TV5f%2FC8YMMcn%2BuCeJcCbbQ5IA6cO1kDr0%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d00d0c0e6f1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.megarush.com/img/icons/jeton--white.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/jeton--white.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/jeton--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9013086
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0f5be9b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/trustly--white.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/trustly--white.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/trustly--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:41 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9014367
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0f5be7b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/video/header-video-720p.webm

104.18.38.157

206 Partial Content

0 B

URL HTTP/2
megalotto-static.gigmagic.io/video/header-video-720p.webm
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /video/header-video-720p.webm HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Mon, 19 Sep 2022 05:51:43 GMT
content-type: video/webm
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Mon, 19 Sep 2022 09:51:43 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 74d00d157e090af6-OSL
X-Firefox-Spdy: h2

www.megarush.com/service-worker.js

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/service-worker.js
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285; _ga=GA1.2.1978893951.1663566683; _gid=GA1.2.834346790.1663566683; _gat_UA-143790984-2=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:43 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Mon, 19 Sep 2022 05:52:13 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d00d18bf28b506-OSL
X-Firefox-Spdy: h2

track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1980090150&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_159B48BAB3484B7EBBDF8895D25E7285

37.157.4.25

200 OK

0 B

URL HTTP/2
track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1980090150&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_159B48BAB3484B7EBBDF8895D25E7285
IP
37.157.4.25:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1980090150&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_159B48BAB3484B7EBBDF8895D25E7285 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-phone-badge-new.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mega-phone-badge-new.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mega-phone-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29014944
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0fbc4db506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gambleaware18.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/gambleaware18.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/gambleaware18.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9006787
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0fbc60b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/onlinedisputeresolution.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/onlinedisputeresolution.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/onlinedisputeresolution.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1a7e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8259297
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0fbc58b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/askgamblers.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/askgamblers.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/askgamblers.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-126e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9008930
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d0fcc64b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/grid-new-2.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/home-page/grid-new-2.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/home-page/grid-new-2.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:42 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:20:15 GMT
etag: W/"616d4a5f-3194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29014034
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d00d109d6fb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: text/html
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-ht8z4; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d00d077b39b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/chunk-vendors.76e8e4d0.css

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/chunk-vendors.76e8e4d0.css
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Wed, 14 Sep 2022 16:50:19 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 545
server: cloudflare
cf-ray: 74d00d08ec7bb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/index.3e5fca25e481a764411c.css

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/index.3e5fca25e481a764411c.css
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.3e5fca25e481a764411c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_159B48BAB3484B7EBBDF8895D25E7285
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-ht8z4; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=eae23b5a89ac6f8e293aca5447e917bc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:51:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Wed, 14 Sep 2022 14:55:10 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 545
server: cloudflare
cf-ray: 74d00d08ec7db506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP