Overview

URL telemobile.site/uz/env/nl/
IP194.135.87.27
ASNUAB Interneto vizija
Location Lithuania
Report completed2022-09-29 08:01:42 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-29 2 telemobile.site/uz/env/nl/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-29 2 whampamp.com Sinkholed
2022-09-29 2 whampamp.com Sinkholed
2022-09-29 2 whampamp.com Sinkholed


Files

No files detected



Passive DNS (38)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-29 05:03:41 UTC 34.160.144.191
mnemonic passive DNS whampamp.com (3) 30947 2022-03-12 13:52:24 UTC 2022-09-29 06:38:04 UTC 139.45.197.236
mnemonic passive DNS open.spotify.com (1) 3062 2012-06-04 12:41:14 UTC 2022-09-29 07:43:58 UTC 35.186.224.25
mnemonic passive DNS gew4-spclient.spotify.com (1) 0 2022-03-28 13:26:27 UTC 2022-09-29 04:57:26 UTC 35.186.224.17 Domain (spotify.com) ranked at: 187
mnemonic passive DNS pixel.quantserve.com (1) 417 2018-04-06 01:24:19 UTC 2022-09-29 05:07:34 UTC 91.228.74.166
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-29 00:48:38 UTC 172.64.155.188
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-29 04:12:37 UTC 93.184.220.29
mnemonic passive DNS eu.can-get-so.me (1) 0 2022-05-24 05:08:11 UTC 2022-09-29 06:33:34 UTC 157.90.33.71 Unknown ranking
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-28 04:42:17 UTC 142.250.74.72
mnemonic passive DNS apresolve.spotify.com (2) 753 2013-09-30 17:51:11 UTC 2022-09-29 06:54:13 UTC 34.98.74.57
mnemonic passive DNS track.adform.net (3) 3564 2012-05-21 07:01:21 UTC 2022-09-28 21:02:09 UTC 37.157.4.25
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 52.89.255.30
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-09-29 04:56:10 UTC 142.250.74.3
mnemonic passive DNS scripts.mediamathrdrt.com (1) 273493 2021-06-01 09:41:40 UTC 2022-09-28 19:54:46 UTC 172.67.129.58
mnemonic passive DNS telemobile.site (1) 0 2022-09-15 20:51:37 UTC 2022-09-29 04:53:55 UTC 194.135.87.27 Unknown ranking
mnemonic passive DNS megalotto-img.gigmagic.io (1) 0 2020-11-23 07:59:35 UTC 2022-09-28 19:54:46 UTC 104.18.38.157 Unknown ranking
mnemonic passive DNS rules.quantcount.com (1) 877 2019-05-23 13:36:07 UTC 2022-09-29 05:44:20 UTC 143.204.55.20
mnemonic passive DNS graphql.datocms.com (1) 163121 2018-06-26 13:09:32 UTC 2022-09-28 19:54:48 UTC 172.67.11.48
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:36:09 UTC 23.36.77.32
mnemonic passive DNS media.megarushaffiliates.com (1) 0 2020-12-30 14:36:06 UTC 2022-09-28 19:54:45 UTC 23.36.79.9 Unknown ranking
mnemonic passive DNS megalotto-static.gigmagic.io (3) 0 2020-11-23 07:59:35 UTC 2022-09-28 19:54:46 UTC 104.18.38.157 Unknown ranking
mnemonic passive DNS edge.fullstory.com (1) 2769 2019-10-31 13:31:26 UTC 2022-09-29 05:16:39 UTC 35.201.112.186
mnemonic passive DNS open.spotifycdn.com (3) 0 2022-06-13 14:04:22 UTC 2022-09-29 04:57:34 UTC 151.101.86.249 Domain (spotifycdn.com) ranked at: 1791
mnemonic passive DNS encore.scdn.co (1) 25928 2020-07-15 14:12:23 UTC 2022-09-29 04:24:28 UTC 151.101.86.248
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS 35.227.234.222 (1) 0 2019-02-15 12:35:24 UTC 2022-06-15 16:40:06 UTC 35.227.234.222 Unknown ranking
mnemonic passive DNS e1.o.lencr.org (4) 6159 2021-08-20 07:36:30 UTC 2022-09-29 05:54:54 UTC 23.36.77.32
mnemonic passive DNS pxl.qccerttest.com (1) 0 2022-07-13 14:33:38 UTC 2022-09-29 05:29:59 UTC 143.204.55.81 Unknown ranking
mnemonic passive DNS s2.adform.net (1) 4693 2013-04-18 11:49:52 UTC 2022-09-28 21:02:10 UTC 37.157.5.72
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-09-29 04:57:31 UTC 139.45.195.8
mnemonic passive DNS www.megarush.com (63) 0 2020-11-23 07:59:35 UTC 2022-09-28 19:54:45 UTC 172.67.22.147 Unknown ranking
mnemonic passive DNS d3mi6d1ao3fzsg.cloudfront.net (1) 0 2021-09-23 06:47:03 UTC 2022-09-28 20:52:00 UTC 54.230.245.125 Unknown ranking
mnemonic passive DNS megalotto-api.gigmagic.io (1) 0 2020-09-09 18:17:35 UTC 2022-09-28 19:54:46 UTC 104.18.38.157 Unknown ranking
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-29 03:20:00 UTC 142.250.74.174
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-29 04:10:37 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-29 05:05:36 UTC 143.204.55.35
mnemonic passive DNS sentry.io (1) 2743 2016-08-31 05:38:44 UTC 2022-09-29 04:09:24 UTC 35.188.42.15
mnemonic passive DNS secure.quantserve.com (1) 973 2018-05-21 20:36:17 UTC 2022-09-29 05:01:47 UTC 91.228.74.166


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 194.135.87.27

Date UQ / IDS / BL URL IP
2022-09-29 08:36:05 +0000
0 - 0 - 4 telemobile.site/om/env/ooredoo/ 194.135.87.27
2022-09-29 08:01:42 +0000
0 - 0 - 4 telemobile.site/uz/env/nl/ 194.135.87.27
2022-09-29 06:01:21 +0000
0 - 0 - 2 telemobile.site/mx/env/nl/?key=eyJ0aW1lc3RhbX (...) 194.135.87.27
2022-09-28 18:00:50 +0000
0 - 0 - 4 telemobile.site/ph/short/globe/ 194.135.87.27
2022-09-28 08:05:45 +0000
0 - 0 - 4 telemobile.site/bf/env/nl/ 194.135.87.27

Last 5 reports on ASN: UAB Interneto vizija

Date UQ / IDS / BL URL IP
2022-11-26 22:08:19 +0000
0 - 0 - 3 vip1000.site/m/th/s4/ 79.98.29.25
2022-11-26 22:08:06 +0000
0 - 0 - 3 vip1000.site/m/kz/ppt2/ 79.98.29.25
2022-11-26 21:58:58 +0000
0 - 0 - 2 telefonica.site/dz/env/nl/ 79.98.24.35
2022-11-26 21:00:16 +0000
0 - 0 - 3 teletele.website/bd/spin/nl/ 212.237.233.86
2022-11-26 20:57:59 +0000
0 - 0 - 3 televivo.online/mx/arn/1/ 194.135.87.58

Last 5 reports on domain: telemobile.site

Date UQ / IDS / BL URL IP
2022-11-22 18:00:28 +0000
0 - 0 - 1 telemobile.site/uz/bx/nl?key=eyJ0aW1lc3RhbXAi (...) 79.98.28.128
2022-11-22 16:01:00 +0000
0 - 0 - 4 telemobile.site/uz/bx/nl/ 79.98.28.128
2022-11-22 13:18:37 +0000
0 - 0 - 1 telemobile.site/sa/c/b/eg1/mobily/?key=eyJ0aW (...) 79.98.28.128
2022-11-22 02:59:59 +0000
0 - 0 - 5 telemobile.site/sa/prize/mobily/ 79.98.28.128
2022-09-29 08:36:05 +0000
0 - 0 - 4 telemobile.site/om/env/ooredoo/ 194.135.87.27

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-27 04:37:48 +0000
0 - 0 - 5 telemobile.site/mx/bx/telmex 194.135.87.27
2022-09-24 21:00:13 +0000
0 - 0 - 5 safe-guard.site/cl/500/bx/nl 212.237.233.86
2022-09-23 13:10:36 +0000
0 - 0 - 5 telecentrum.site/m/id/ppt1/ 194.135.87.32
2022-09-20 20:58:41 +0000
0 - 0 - 3 telemobile.site/bd/fortune/nl/ 194.135.87.27
2022-09-19 11:42:56 +0000
0 - 0 - 3 telemobile.site/co/bx/nl/ 194.135.87.27


JavaScript

Executed Scripts (24)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (130)


Request Response
                                        
                                            GET /uz/env/nl/ HTTP/1.1 
Host: telemobile.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         194.135.87.27
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Date: Thu, 29 Sep 2022 08:01:31 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ed2
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16274
Expires: Thu, 29 Sep 2022 12:32:45 GMT
Date: Thu, 29 Sep 2022 08:01:31 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 07:15:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ykCj7SYvSN7TbINVf6pxAeTlloXKJtlSrPmrsMqVlPWyWdT7IIFmbQ==
Age: 2739


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11617
Expires: Thu, 29 Sep 2022 11:15:08 GMT
Date: Thu, 29 Sep 2022 08:01:31 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 6hP8yAjgw96PFrak2ekTFaMkM8hOCAriLdn4/8NhVzojOObnbhws4cHa9hcJVjV1MzBWCDtMZfQ=
x-amz-request-id: WVVMX078K3MZDZNG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 07:47:51 GMT
age: 820
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /4/5087048?var=ed2 HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         139.45.197.236
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 08:01:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: feb3b4fb7d99be5924547ed054ec50a8
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=905d64afb60e493a979bb84b8414ca77; expires=Fri, 29 Sep 2023 08:01:31 GMT; path=/ oaidts=1664438491; expires=Fri, 29 Sep 2023 08:01:31 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5402)
Size:   2925
Md5:    93e16d39c40c1c230b3baeb4a9e784d3
Sha1:   9a9ba32bd98d475b11098b040a64535c5d425e47
Sha256: 50acc64793d3ba89fd33b67b282273440b21ebf10715d6b39cb7e1aa700e65d0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 08:01:31 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ed2
Cookie: OAID=905d64afb60e493a979bb84b8414ca77; oaidts=1664438491

                                         
                                         139.45.197.236
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Thu, 29 Sep 2022 08:01:31 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 07:29:33 GMT
Expires: Thu, 29 Sep 2022 07:40:10 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gyQxHMeOsEvxAedtrDFR6tr-PNv1Wf01d93in2Ex851Q2_PSKbDgvA==
Age: 1918


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:01:31 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=339226,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752330fd2c83b4ed-OSL

                                        
                                            GET /img.gif?f=merge&userId=905d64afb60e493a979bb84b8414ca77 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 29 Sep 2022 08:01:31 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=905d64afb60e493a979bb84b8414ca77; expires=Fri, 29 Sep 2023 08:01:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 435
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=905d64afb60e493a979bb84b8414ca77; oaidts=1664438491
Upgrade-Insecure-Requests: 1

                                         
                                         139.45.197.236
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Thu, 29 Sep 2022 08:01:32 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: ee304844edbb01f10c7652eb8dd70a1c
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=599261068048732427&subid1=5087048&cost=0.001400&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=905d64afb60e493a979bb84b8414ca77; expires=Fri, 29 Sep 2023 08:01:32 GMT; path=/ oaidts=1664438491; expires=Fri, 29 Sep 2023 08:01:32 GMT; path=/ syncedCookie=true; expires=Thu, 06 Oct 2022 08:01:32 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5580
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:01:32 GMT
Last-Modified: Thu, 29 Sep 2022 06:28:32 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CD88033ADD236C06522A2DC45559CBE1667DFE90BA634514E54CDD110F6E80A1"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1795
Expires: Thu, 29 Sep 2022 08:31:27 GMT
Date: Thu, 29 Sep 2022 08:01:32 GMT
Connection: keep-alive

                                        
                                            GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=599261068048732427&subid1=5087048&cost=0.001400&rdk=rk3 HTTP/1.1 
Host: eu.can-get-so.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         157.90.33.71
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 29 Sep 2022 08:01:32 GMT
content-length: 0
x-trace: 36ae30d28f759c8fc885ce353cd83750
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=QaoTB6fuRyOxpGotwVKeXA; expires=Fri, 29 Sep 2023 08:01:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1 
Host: 35.227.234.222
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         35.227.234.222
HTTP/1.1 302 Found
                                        
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 29 Sep 2022 08:01:32 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google

                                        
                                            GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1 
Host: media.megarushaffiliates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.9
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Thu, 29 Sep 2022 08:01:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 29 Sep 2022 08:01:32 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664438492406)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C202292981%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%225332501%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Sat, 29-Sep-3021 08:01:32 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=31, origin; dur=49
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VBzejF2cBny+gGgRosBP3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.255.30
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wWjEAh0s05ltSjAs001/oXXtmq8=

                                        
                                            GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Thu, 29 Sep 2022 08:01:32 GMT
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 1499
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 752331029978b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Size:   10484
Md5:    d23da8f3e4e37a17c1d3ed7a1a11d429
Sha1:   9dda69da77b703d438db74468375685f6983625d
Sha256: a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c
                                        
                                            GET /fonts/Inter-Bold.woff2 HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Thu, 29 Sep 2022 08:01:32 GMT
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 1043
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 752331029979b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Size:   10508
Md5:    a2517956b299e0c02bfc2a92eb05f623
Sha1:   ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
Sha256: 412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37
                                        
                                            GET /fonts/DS-Digital.woff2 HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Thu, 29 Sep 2022 08:01:32 GMT
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 1499
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75233102997bb4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Size:   776
Md5:    789f060683abdb5574a93bf59c7dd2e2
Sha1:   17b677d648dfdc9e290a25e8c137ebb0448c069b
Sha256: 375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248
                                        
                                            GET /fonts/Inter-Regular.woff2 HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Thu, 29 Sep 2022 08:01:32 GMT
content-length: 10108
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 1499
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75233102997ab4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Size:   10108
Md5:    5ec57a5a91c67095e4a7e91ac375ffb1
Sha1:   23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
Sha256: 9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5
                                        
                                            GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 08:01:32 GMT
expires: Thu, 29 Sep 2022 08:01:32 GMT
cache-control: private, max-age=900
last-modified: Thu, 29 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23513)
Size:   50754
Md5:    ac9b764506960199dc6886338992f578
Sha1:   a540387b1c268d4eedbd1183c5652d383b9c64d7
Sha256: 1ea77080b0466aef16eca921d062895355674ac735d8fee92e41de48b534c905
                                        
                                            GET /js/index.94a008e8.js HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 29 Sep 2022 08:01:32 GMT
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5912
server: cloudflare
cf-ray: 75233102998ab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   284146
Md5:    e7fca49df4894d83d9e850f5772ef2b1
Sha1:   c9739387a020ce5f579f8277ed2c13ec6a8ba27d
Sha256: 6f68d17d54846d1d689b6c455d034c3dc3e98e5840e7f9314889966be76b9cda
                                        
                                            GET /favicons/favicon-194x194.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34648636
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 752331053c53b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size:   11668
Md5:    3bc9ecb2b8d9e78d83d49da52c0292fc
Sha1:   b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
Sha256: 9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c
                                        
                                            GET /favicons/favicon-16x16.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
content-length: 437
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-1b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7482077
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 752331053c55b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   437
Md5:    914b291e561aafc860f86bc23c4065f1
Sha1:   b47bda2b8d530bbaead0fbcba219ac18247d1410
Sha256: 08f8a35ac0dda8a81618b381bfc0747ac80e022c0ff44dcb4d8d153dad724b45
                                        
                                            GET /webpush/1/webpush.min.js HTTP/1.1 
Host: d3mi6d1ao3fzsg.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.125
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 16637
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 12:25:30 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 28 Sep 2022 12:31:11 GMT
ETag: "0b6dcee811e4dbd3facde0dfd24ad746"
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WnG85RUDS_kT3c2gKaXqVXJFv6AJO5notvhAAcPx5B7MlOzTibyo8g==
Age: 70223


--- Additional Info ---
Magic:  ASCII text, with very long lines (16636)
Size:   16637
Md5:    0b6dcee811e4dbd3facde0dfd24ad746
Sha1:   b3befb84a716dd2b9eca44fdcc677073f7b794b5
Sha256: 091850353cb7e152319703f06058e815e5b9433c004fe6a7b018e9fde210e74a
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "A7E8C40CE2B4D3E6CC8260B7D24E7982B5FA9B4AA4FA768F18C1B16A53B2C29B"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4937
Expires: Thu, 29 Sep 2022 09:23:50 GMT
Date: Thu, 29 Sep 2022 08:01:33 GMT
Connection: keep-alive

                                        
                                            GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=633550da35fb1b55cc5da572 HTTP/1.1 
Host: megalotto-api.gigmagic.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L666HeyReWawMdcT4IcmKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         104.18.38.157
HTTP/1.1 101 Switching Protocols
                                        
Date: Thu, 29 Sep 2022 08:01:33 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: FMlhxydjW4m3i4Le94dpgEbFNPg=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=34719a151eef5a0d24958f8033c5d960; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752331057f3e0afe-OSL

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "A7E8C40CE2B4D3E6CC8260B7D24E7982B5FA9B4AA4FA768F18C1B16A53B2C29B"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4937
Expires: Thu, 29 Sep 2022 09:23:50 GMT
Date: Thu, 29 Sep 2022 08:01:33 GMT
Connection: keep-alive

                                        
                                            GET /translations/no.json HTTP/1.1 
Host: megalotto-static.gigmagic.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.38.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
content-length: 75074
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 28 Sep 2022 12:09:53 GMT
etag: "2d69de376ff11223f8f0bd1f956ab7c1"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 752331062860b509-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Size:   75074
Md5:    2d69de376ff11223f8f0bd1f956ab7c1
Sha1:   7dceb2a94ced1cacda185266fbd803f6ec6e4ee9
Sha256: ae46b86e84e012ae8f281aa68f750684d9c92ba9734ffe771745cf83ce74718e
                                        
                                            POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:01:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 06:41:09 GMT
expires: Thu, 29 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 4824
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3987
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:01:33 GMT
Last-Modified: Thu, 29 Sep 2022 06:55:06 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /s/fs.js HTTP/1.1 
Host: edge.fullstory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.201.112.186
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdtk6wTOR1XCrm92Bc13A3hrFs9bUz1CDv4tLxk_IUNvSOQnz-Hx6UlUn6Y7r9HLt68x-l9iK4qnhxnuqeR6MOUl6SW4FAhr
x-goog-generation: 1663785557634490
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 63203
content-encoding: br
x-goog-hash: crc32c=S3DyuA==, md5=7a3bB8Gsae6s4GGDcXSBIQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 63203
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 29 Sep 2022 07:11:40 GMT
expires: Thu, 29 Sep 2022 08:11:40 GMT
cache-control: public, max-age=3600,no-transform
age: 2993
last-modified: Wed, 21 Sep 2022 18:39:17 GMT
etag: "edaddb07c1ac69eeace0618371748121"
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65410)
Size:   63203
Md5:    edaddb07c1ac69eeace0618371748121
Sha1:   d6a2dd58b9b4d56425a1391e0ce2354b85d27b13
Sha256: 2853842ec4546df8fa58052aa6715ea4b8321bbbaea78b32d1682a93b009b44b
                                        
                                            POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:01:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5294
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:01:33 GMT
Last-Modified: Thu, 29 Sep 2022 06:33:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5294
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:01:33 GMT
Last-Modified: Thu, 29 Sep 2022 06:33:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3151
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 08:01:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3151
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 08:01:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3151
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 08:01:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3151
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 08:01:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3151
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 08:01:33 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9034
x-amzn-requestid: 20199dff-cd75-4f47-9395-9fdab045638c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtHROoAMFQ6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-6a77e2d438ae887e4cd54ec6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z92zeMKTSVmpz2TYok8XpBUxuY4ZzN3Z_w32gQgjX1QGb26YDxnfdQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 13253
etag: "927d5a375d9607b23caadae148566fdff10147b1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9034
Md5:    2054ae778a3079d8233ee33045127df6
Sha1:   927d5a375d9607b23caadae148566fdff10147b1
Sha256: 6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iJqlMznUxlZhvkId6f8cJu8dbVThmd6iLiZxHTATX7TeHm_0vYplDA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:30 GMT
age: 16383
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6390
Md5:    14218a43c5e5bbce546735a780c8ccce
Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6
Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
                                        
                                            GET /banners/scripts/st/trackpoint-async.js HTTP/1.1 
Host: s2.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.157.5.72
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 08:01:33 GMT
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 11:35:31 GMT
x-rgw-object-type: Normal
etag: W/"64271612f9771203ff18d1de033d1b31"
x-amz-request-id: tx0000003753adbfd01dcca-0063355059-3292f8ba-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   39868
Md5:    f7b9c33c2e0661a914b0644311c89c29
Sha1:   3a0c4919cd92d27f23117ab4459de265793c996a
Sha256: bdbfac220723816de3b37ca52c0ff52be7d454100699cf23309434cbacfbdff5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LwYd0qn4P-zh1W4GvU8vNEo3_TZHEqtErAj3UKx7a82LIDaBsiXE-w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:04:20 GMT
age: 46633
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7859
Md5:    c62a6368c456e9614ca4c8e360a2ef12
Sha1:   35ec6e80d324bb215796c590a7ffafbaea55d88e
Sha256: 90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3332
x-amzn-requestid: fb6cb616-5b4d-4aaf-a891-50b4de8b6f95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJ_6AGNYIAMFSHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333e03f-377fe02d1cc7ad2b3a15ca1a;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 05:48:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nJJZxZlapt4k5988yU-V94pBBH2SmfSZ0Zb_oJXA07mppg0lF04wLg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 17:18:10 GMT
age: 53003
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3332
Md5:    6ac86079d2901fb11bfaff81d91bb2d2
Sha1:   4fc0699c763f67a2602b4b3f46b8b4013d2049c6
Sha256: 8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9654
x-amzn-requestid: 7961f184-9476-43de-bf35-8ccb50ee1760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsHA6oAMFvRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-05f567f7606462ac44f89987;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XaB4TwXv4xy0Sy3dncNYZWEPEnHY5BkEHR7fZDK59APYkzH9DPdT7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 13253
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9654
Md5:    36ae9444071dd70dcf86802c370ffda9
Sha1:   44cc19b21912d07f82a88af5b2fa6d3e370459bf
Sha256: 99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
                                        
                                            GET /img/home-page/coin-2-4.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31423890
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310bcb69b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Size:   786
Md5:    dca8df1b0d982ac3fbbc6c0b506cc0f2
Sha1:   392422815633ebaf9eef022677f0b73e1352ae66
Sha256: a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09
                                        
                                            GET /img/home-page/coin-3-2.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7481116
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310bdb71b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Size:   2192
Md5:    c90348c562ec643acfbdf36d973d8326
Sha1:   90c07f0c13fd06f043d36c223eb9afaa34abdf7c
Sha256: 68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca
                                        
                                            GET /img/icons/loader.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: W/"6321ea87-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 59628
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aea76b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3206
Md5:    535bc36304a1af104a7b0f3587d8cb7d
Sha1:   4f68e524fc182423d81af946eb1309d6133bf90e
Sha256: a9e2095804e8ec4ae88a08d15b4ef8be3e1d4a438a1599902d02985cf30af8e2
                                        
                                            GET /img/benefits/promotions.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 21005
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-520d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3000177
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310bebb2b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Size:   21005
Md5:    0d9863db2ba8c87a673de9ea91482d5e
Sha1:   daca14014aeb80e137b6682a8c816cdd92639b2c
Sha256: 131582b1399fc62d9464a553a37bf6938d29fa48852a4d2564a3f6315f366911
                                        
                                            GET /img/home-page/coin-1-1.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31423890
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310beb96b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Size:   4257
Md5:    214e2f889379dcba70bace5878068150
Sha1:   d6873dae324b9fd44a70e73f20dc9eb81253a7ae
Sha256: bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0
                                        
                                            GET /img/home-page/coin-3-3.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9884879
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310bdb86b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Size:   1807
Md5:    fbdad22b02cf9a7a23c2f0553b1459e7
Sha1:   b64101b18924eba076f35318cce3e8a8bdec28b0
Sha256: 7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680
                                        
                                            GET /img/home-page/coin-3-1.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31423890
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310bebadb4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Size:   4434
Md5:    3da73129d9d4dd65c43060dacf06f3df
Sha1:   9abf4ea9710ba53af92778718c245ddf64c42a5f
Sha256: 6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6
                                        
                                            GET /img/benefits/loyalty.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 9659
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9880722
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310bebbdb4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Size:   9659
Md5:    df4d6dc1ebb3bbbace8d15ec77486d46
Sha1:   287e7185a17258c716cbf616aa95287c0db255a9
Sha256: a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8
                                        
                                            GET /img/icons/gambleaware18.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9878578
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aea74b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   64411
Md5:    4b56fe045394256d74e59ad1bc1f425a
Sha1:   7fcb56ce286c9a852e7d53e41af0c5cd621c7bd6
Sha256: 4277b2e812ba419aa91a4f942a8bb874add88bc0bef493cc29055a7efb650ee5
                                        
                                            GET /img/benefits/megaclub.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 10578
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 59629
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310bebd0b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Size:   10578
Md5:    6a13cb2219f5d42d2a9c95d9104ef8b2
Sha1:   7fcbf688a27942e5fc89d5796144c17095336a41
Sha256: 02796f7fee25c816673368b88fae179a1d4ac8210b8c1dd5198825e56e592e66
                                        
                                            GET /img/home-page/coin-2-1.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 3452
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31423890
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310beb9ab4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Size:   3452
Md5:    09e800f81a52a109cbf3a8b2f8e727bf
Sha1:   d44509cdbddce4991b70f10276c47786e9993d0b
Sha256: 8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376
                                        
                                            GET /img/icons/casino--side-nav.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18396914
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aaa1db4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   49435
Md5:    af0408f08dabe2a50dce5512609ed0dc
Sha1:   00ce043cd0aa3be64fc29291bc2f6cfdcf2f0607
Sha256: 2848a7b59269460a9f05907b9a86fd785ef7a9661e62304af4e7a983e9da40f6
                                        
                                            GET /img/icons/mega-bolt-badge-new.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-655"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3148193
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aca45b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12817
Md5:    276d0329416b7b0eed6403322980a689
Sha1:   a6d45e8aeb8004bdded231f032bdfbb29f9d2352
Sha256: c2785d33a2405ad4966c9cb0656055b96ac5a78d6080138039a055ea835b33e6
                                        
                                            GET /img/affiliates/online-gamblers.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 14178
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-3762"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34649318
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310bfbf5b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 800 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size:   14178
Md5:    9c612bb3dbe37436b86ec881eecb90c4
Sha1:   45722b1f16d3b61f2803fa3bb78403414bd3a442
Sha256: e92c2f751a6eddbd489bf745193c6af18af7d1f270396f0a0d40efc778c5672c
                                        
                                            GET /img/icons/mega-phone-badge-new.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29886735
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aca4ab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4955
Md5:    18dc427632d6f43841fdbdff6ec0407e
Sha1:   82033f7d2c1225a8f685ec84f6f357dba1d00fdf
Sha256: 8218bf8fe09b917200bc565da845247e658c3d5d7ab0dfba29b99f759591f057
                                        
                                            GET /img/home-page/smoke-1-medium.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 35333
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: "61656602-8a05"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30402897
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310c0c0ab4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 800 x 317, 8-bit gray+alpha, non-interlaced\012- data
Size:   35333
Md5:    109f267221e2cee94514a7efaebd29a9
Sha1:   a2e8d66e2f36d10fbdb7e78e42aefaffdfdbf7f2
Sha256: 72d4591ac99f7e8c9d7bbd20af81a880c6b66a6632772d6f0f085656afb3b801
                                        
                                            GET /img/icons/flag-nb-no.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34649316
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310ada56b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   75401
Md5:    b69aaef14ed7c247f1213388beee81c2
Sha1:   9c684acc850baa2a3983db882f61a3f982f0ca40
Sha256: c1c2326bd11905bd893628118948c381c74444955986dbf9bb492b1d7671448d
                                        
                                            GET /img/icons/ibas.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f8e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34649316
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310ada66b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   55270
Md5:    8d72a87a8f297b2b2ad29e5514ca65f1
Sha1:   476e72e4687d98173c5d70f96ff8ede3be9d17ca
Sha256: cb4183ec0342570e7b2978e1b585cf4e0031976c8c27a04e2971b4e3391b6794
                                        
                                            GET /img/icons/mega-checked-badge-new.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-66f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29886735
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aca50b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31313
Md5:    6ec1adb2146e0aa48e73ee861a30bc41
Sha1:   d917a2ff433f58d00fc6a1bafdec5ea269a9827b
Sha256: b3bf16a1128617f1b9af6f6b9ffd15e6b2668880b854c99ae8e88d905488c19f
                                        
                                            GET /img/icons/trustly--white.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9886159
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba3db4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /img/icons/megaclub--updated.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9886467
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aaa26b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png HTTP/1.1 
Host: megalotto-img.gigmagic.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

                                         
                                         104.18.38.157
HTTP/2 200 OK
content-type: image/avif
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 83745
last-modified: Mon, 12 Sep 2022 22:56:53 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 5600ea53cb2bd76c49069c9948d9eafca3a48e23
x-imgix-render-farm: 01.560
age: 1415080
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10061-SJC, cache-ams12751-AMS
x-cache: HIT, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7523310bfc30b50c-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, AVIF Image\012- data
Size:   83745
Md5:    bedc100c06fb83e57bdb6d2f42747b20
Sha1:   833f812570395944549808e657831b895ef6409e
Sha256: b78a93d52e444df6bcee282606786244c12597d8483004fb48d5af83672781d1
                                        
                                            GET /cdn/build/embed-legacy/embed-legacy.831fa035.css HTTP/1.1 
Host: open.spotifycdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.249
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: keep-alive
Content-Length: 3509
Last-Modified: Mon, 25 Jul 2022 10:32:22 GMT
ETag: "9d04a5c053836e9cdaaed792e0e6a744"
x-goog-generation: 1658745142507438
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3509
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 29 Sep 2022 08:01:34 GMT
Age: 5693139
X-Served-By: cache-chi-kigq8000063-CHI, cache-bma1652-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 37550
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000


--- Additional Info ---
Magic:  ASCII text, with very long lines (23516), with no line terminators
Size:   3509
Md5:    9d04a5c053836e9cdaaed792e0e6a744
Sha1:   95a0d88c66706407a87daf0b82296ef68ea01444
Sha256: 7977dfdb15f2ab9ea2d9c3822a180b63428e43b5d199617d7a4d3e5fa741341c
                                        
                                            GET /cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js HTTP/1.1 
Host: open.spotifycdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.249
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: keep-alive
Content-Length: 216408
Last-Modified: Fri, 23 Sep 2022 13:58:28 GMT
ETag: "6cfb055add86ca9eaec1ea804e296841"
x-goog-generation: 1663941508891823
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 216408
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 29 Sep 2022 08:01:34 GMT
Age: 496771
X-Served-By: cache-chi-klot8100040-CHI, cache-bma1634-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 378
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   216408
Md5:    6cfb055add86ca9eaec1ea804e296841
Sha1:   2428216fd79584b06b3ff68babf3af39ac66bd60
Sha256: 771e7bc985b7d1826034161d255037b8ecdb3d693379ade56e24664712d7d3c8
                                        
                                            GET /games/no_NO.json HTTP/1.1 
Host: megalotto-static.gigmagic.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

                                         
                                         104.18.38.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 714008
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 06 Sep 2022 08:13:41 GMT
etag: "2b8d7eb8d9f56918e231833888a022c4"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7523310bcf34b509-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   714008
Md5:    2b8d7eb8d9f56918e231833888a022c4
Sha1:   38aa421f60d49dc4f204d473c435e34529e2e9e8
Sha256: b3fe1abb3128d08ba81a2de1ae727dba1fc4fec2f829a44dceeb23a219dfc3f9
                                        
                                            GET /video/arcade-game.webm HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Range: bytes=0-
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 206 Partial Content
content-type: video/webm
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
content-length: 61172
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-eef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-range: bytes 0-61171/61172
cf-cache-status: BYPASS
set-cookie: geoip_country=no; Path=/; webserver=megarush-prd-64c858bd68-497zf; Domain=www.megarush.com; Path=/; geoip_country=no; Domain=www.megarush.com; Path=/; LanguageCode=nb-no; Domain=www.megarush.com; Path=/; app_uid=CoAHdGM1UN5aRAAsB2euAg==; expires=Sat, 29-Oct-22 08:01:34 GMT; domain=$host; path=/
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310c7c98b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   61172
Md5:    9aaef915ba1a5046a92ef8dfcc58cdba
Sha1:   c25acbf957571a53c4ca7cc5a910757e4cfffd66
Sha256: 565d4805821948f9740cd260a8da41b19189a2f3658867815af960a5a31f035a
                                        
                                            GET /img/icons/askgamblers.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-126e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9880721
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aea75b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8986
Md5:    54bdbb5915e816be3165a6cdb2dec3c5
Sha1:   627642bae04def2d8bccab31d98566d64fc3022d
Sha256: e2e386049f9c69a5854bb9674d728f8042104603021a3112517cfe86fd11625e
                                        
                                            GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1 
Host: open.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         35.186.224.25
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
vary: Accept-Encoding
set-cookie: sp_t=3c54340dc90ff5df44929c69f6a89bc4; path=/; expires=Fri, 29 Sep 2023 08:01:33 GMT; domain=.spotify.com; samesite=none; secure sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D3c54340dc90ff5df44929c69f6a89bc4%26device%3Ddesktop; path=/; expires=Fri, 30 Sep 2022 08:01:33 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: c6b74201bc8deb69
x-envoy-upstream-service-time: 6
server: envoy
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25336
Md5:    dedf893babecfee408d412433c955b13
Sha1:   341147f58e9777a916c1cfe5c97c704f07127681
Sha256: ae1490d9e8650545d63ba83bceb6cde39c6d385d92e473a0faec1188e778afe0
                                        
                                            GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1 
Host: encore.scdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.248
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Connection: keep-alive
Content-Length: 84088
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: W/"f7b12903dd7a2d536ceb2b7cd1dba2c1"
x-goog-generation: 1652441931211351
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 84027
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Thu, 29 Sep 2022 08:01:34 GMT
Age: 805265
X-Served-By: cache-chi-klot8100099-CHI, cache-bma1647-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 4, 9
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000


--- Additional Info ---
Magic:  data
Size:   84865
Md5:    29e838b343bcec72c5bf62fa78885d66
Sha1:   ca6db337998d924a52417dee70f9188c82143209
Sha256: ad2d4f32723c6f5a6a90f31e251cd38e42aa65afa3863bd3cbcb3f7e71366633
                                        
                                            GET /?type=dealer&type=spclient HTTP/1.1 
Host: apresolve.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         34.98.74.57
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 109
date: Thu, 29 Sep 2022 08:01:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   109
Md5:    4866049703dfcda251bdee5d9cf8e192
Sha1:   ee1f20de91879f21dbaee0412cb410a41a487f33
Sha256: 91b13f5ddaf90d016651ff661f9a325cf7922da7326d5e630f359a4e0e65d03a
                                        
                                            GET /img/icons/onlinedisputeresolution.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1a7e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9131088
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310ada5fb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   92162
Md5:    464e9f9a07c4d67a9e5c33a5afbab2c0
Sha1:   46b078af64e6bc0b8a8eb7397695682deba698e6
Sha256: 6eb554764c3a6679409e19142230baa9f861d2f86ac9bf6238e3a888ec24e7d0
                                        
                                            GET /img/home-page/glows/purple.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-261"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7481115
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310c0c09b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   131178
Md5:    24f03c6181286c152c1b043af0eedac3
Sha1:   0db5fdca62b8b97048f579206070dd91a95c634a
Sha256: e512ec494677cbf448bb140785a25e901399ec44c241778e7de3e67aaadca224
                                        
                                            GET /img/icons/promotions--updated.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9880721
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aaa27b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F7D736150F5B679E263F4FB17E384924235B5D6975F7CB0248723C98985385F"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5509
Expires: Thu, 29 Sep 2022 09:33:23 GMT
Date: Thu, 29 Sep 2022 08:01:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "F2D1CB5783129E3000A6306EB5C8722358B341480D14AE5CDB04F5289A890E46"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Thu, 29 Sep 2022 09:39:01 GMT
Date: Thu, 29 Sep 2022 08:01:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "F2D1CB5783129E3000A6306EB5C8722358B341480D14AE5CDB04F5289A890E46"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Thu, 29 Sep 2022 09:39:01 GMT
Date: Thu, 29 Sep 2022 08:01:34 GMT
Connection: keep-alive

                                        
                                            GET /img/icons/mga.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-74d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9884877
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310ada5ab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1498)
Size:   1290
Md5:    78845582e9c930815edf6a605ccedda5
Sha1:   88009c18d7ebd50ad8bfafd371e67cb741c8e6b7
Sha256: 980ed3ae4a40c77bf63d5f26bcf4d37d5776708e79d1a495cc13118f944f27b3
                                        
                                            GET /img/icons/mastercard--white.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34649316
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba39b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2136)
Size:   959
Md5:    9fecd7f6fa5e4fc7798c72d38614b3bc
Sha1:   cf705a27878f71c30d4852a7b8dba1786e2827fa
Sha256: cfd28c1229048c4685ea2bae6887309f9773f8536c18aedc92bb950fa8acdd73
                                        
                                            GET /img/icons/promotions--flat.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18374188
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba31b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (387)
Size:   283
Md5:    b06b6ccea1b64004010ed281ae5abe3f
Sha1:   ada795e3b5e5d47ff6e5480da3edd30ace6033fa
Sha256: d905a99899b8f11d5969893171b4ce2d975f1551fcf8202c3479e1f31a754950
                                        
                                            GET /img/icons/search.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-212"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34649316
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba34b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: graphql.datocms.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 151
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
authorization: Bearer 35d777e787abbc619166a62135c433
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

                                         
                                         172.67.11.48
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Thu, 29 Sep 2022 08:01:35 GMT
cf-ray: 75233111b8c31bfe-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 2001702
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 5
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4336-DUB, cache-bma1630-BMA
x-timer: S1664438495.018107,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4124), with no line terminators
Size:   732
Md5:    a1805f2989ef9bae1355f71348f1eb36
Sha1:   5fe06fa6b2bb5077a4ea88e93c838e703f4d268c
Sha256: 80ad3fb6b5a393c61882a483cf5194322a3b6829829d902e9b21a4a65063bdb6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F7D736150F5B679E263F4FB17E384924235B5D6975F7CB0248723C98985385F"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5508
Expires: Thu, 29 Sep 2022 09:33:23 GMT
Date: Thu, 29 Sep 2022 08:01:35 GMT
Connection: keep-alive

                                        
                                            GET /Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=524641426200&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_B75AA88F632B4D9FA5397ACC744093A0&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         37.157.4.25
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 08:01:35 GMT
content-length: 389
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   389
Md5:    042b873879fe3bf9542a5d74eee61ea5
Sha1:   55b35f5133c2c2e524f02f85ef151109ffc35713
Sha256: e9f87bb8805274c3eed1ffdda7e049263ff0eb2f0e0dc184094bec0daf03d2d9
                                        
                                            POST /gabo-receiver-service/public/v3/events HTTP/1.1 
Host: gew4-spclient.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         35.186.224.17
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Thu, 29 Sep 2022 08:01:35 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   39
Md5:    f204785b49c504e43101096fd3a80e31
Sha1:   e92466090f918c8f9c11268c9d0027fe269a90b6
Sha256: 873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
                                        
                                            GET /img/home-page/grid-new-1.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-31bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9884879
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310c0c10b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5620
Md5:    a001883e899603d2f9f09376c7e815f2
Sha1:   3dd79e23d62480932fddcb11d8408e2b15babf7c
Sha256: 6dd90a832984be59ec872ac80d4048e95d059085adff206de246f08ad723c87a
                                        
                                            POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 HTTP/1.1 
Host: sentry.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.188.42.15
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Thu, 29 Sep 2022 08:01:35 GMT
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /video/header-video-720p.webm HTTP/1.1 
Host: megalotto-static.gigmagic.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=0-
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

                                         
                                         104.18.38.157
HTTP/2 206 Partial Content
content-type: video/webm
                                        
date: Thu, 29 Sep 2022 08:01:35 GMT
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Thu, 29 Sep 2022 12:01:35 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 752331119e42b509-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   1336865
Md5:    63177b286fe4cb8a5431377710ad3715
Sha1:   e762daea246c011e634a226f6062a9a27a344f80
Sha256: ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817
                                        
                                            GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1 
Host: rules.quantcount.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.20
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Thu, 29 Sep 2022 07:13:53 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XeqUdZgb0MdJ5pglNU4xmxC7F4SlKxiTu0B_QwOPs21bYteIFI03BA==
age: 2863
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   271
Md5:    34e255255d25312b08a2cc8566b5bf38
Sha1:   56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
Sha256: 1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23
                                        
                                            GET /pixel?r=1594462632;fpan=1;fpa=P0-1483035071-1664438492619;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664438492618;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1333776041%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_B75AA88F632B4D9FA5397ACC744093A0;ogl= HTTP/1.1 
Host: pxl.qccerttest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.81
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 02:01:57 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3WMm3ZE1t70ovBMiLVWqrYFUAAy41fQdsk26L8nNUMlY7NsgcouvWw==
age: 21579
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    55d25e9dc950d5db4d53a3b195c046c6
Sha1:   75e91ae3e549dab12ed1c9787ade9131aef1c981
Sha256: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
                                        
                                            GET /pixel;r=1970418441;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1333776041%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_B75AA88F632B4D9FA5397ACC744093A0;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1483035071-1664438492619;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664438492620;tzo=0;ogl=;ses=d2dd51f6-dbae-43d9-85bb-f4cab78b9508 HTTP/1.1 
Host: pixel.quantserve.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         91.228.74.166
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 08:01:35 GMT
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=633550df-65893-191da-c665f; expires=Mon, 30-Oct-2023 08:01:35 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    55d25e9dc950d5db4d53a3b195c046c6
Sha1:   75e91ae3e549dab12ed1c9787ade9131aef1c981
Sha256: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
                                        
                                            GET /?type=dealer&type=spclient HTTP/1.1 
Host: apresolve.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         34.98.74.57
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 113
date: Thu, 29 Sep 2022 08:01:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   113
Md5:    d1b6b84ad50a0ace09dd208a3978cd09
Sha1:   f8afda9a0a5037d5625e7cbb0ba1326770c6d0dc
Sha256: 11b53b79683e86bdfc624a3502ee2cb873d7101f604fdd47713afc590ee632e4
                                        
                                            GET /img/icons/mega-clock-badge-new.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9874202
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310ada52b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/live-casino--flat.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34649316
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba30b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/gamcare.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-dd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34649316
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310ada6ab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0 HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 29 Sep 2022 08:01:32 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/; webserver=megarush-prd-64c858bd68-497zf; Domain=www.megarush.com; Path=/; geoip_country=no; Domain=www.megarush.com; Path=/; LanguageCode=nb-no; Domain=www.megarush.com; Path=/; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75233101f8bab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/live-casino--yellow.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18374188
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aaa24b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/astropaycard--white.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7481690
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba3ab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/menu.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Thu, 17 Mar 2022 09:55:04 GMT
etag: W/"62330578-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16656075
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba36b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/gamblersanonymous.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7481690
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310ada6db4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /Serving/TrackPoint/?pm=2381934&ADFdivider=|&ord=524641426200&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_B75AA88F632B4D9FA5397ACC744093A0&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive

                                         
                                         37.157.4.25
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 08:01:34 GMT
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=524641426200&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_B75AA88F632B4D9FA5397ACC744093A0&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Sat, 29-Oct-2022 08:01:34 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /chunk-vendors.76e8e4d0.css HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 29 Sep 2022 08:01:32 GMT
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5352
server: cloudflare
cf-ray: 752331029981b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/chunk-vendors.25e1a372.js HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 29 Sep 2022 08:01:32 GMT
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7143
server: cloudflare
cf-ray: 752331029989b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/relaxGaming.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7481115
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aaa0fb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn/build/embed-legacy/embed-legacy.0dabba36.js HTTP/1.1 
Host: open.spotifycdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.249
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: keep-alive
Content-Length: 128598
Last-Modified: Thu, 29 Sep 2022 07:45:35 GMT
ETag: "0a0b7a96e23cac927157fb8e4d438d81"
x-goog-generation: 1664437535512880
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 128598
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 29 Sep 2022 08:01:34 GMT
Age: 686
X-Served-By: cache-chi-klot8100085-CHI, cache-bma1637-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 15
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000


--- Additional Info ---
                                        
                                            GET /img/icons/help-round.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34649316
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba2db4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /quant.js HTTP/1.1 
Host: secure.quantserve.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.228.74.166
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 29 Sep 2022 08:01:35 GMT
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Thu, 06 Oct 2022 08:01:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/playAndGo.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31423720
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310a9a08b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/games--flat.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34649316
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba2eb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/jeton--white.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9884878
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aca40b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/visa--white.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-279"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34649316
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba38b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1333776041&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_B75AA88F632B4D9FA5397ACC744093A0 HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         37.157.4.25
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 08:01:35 GMT
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/logo.113ce962.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-cf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9880722
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310bfbfdb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /base.css HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 29 Sep 2022 08:01:32 GMT
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Tue, 20 Sep 2022 19:46:31 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3888
server: cloudflare
cf-ray: 75233102997fb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/payments.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9884878
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aba2cb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/begambleaware.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: W/"6321ea87-18df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 59628
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310ada68b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /index.3e5fca25e481a764411c.css HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 29 Sep 2022 08:01:32 GMT
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7143
server: cloudflare
cf-ray: 752331029984b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /service-worker.js HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Thu, 29 Sep 2022 08:02:03 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 752331058ca0b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /scripts/b_megarush.js HTTP/1.1 
Host: scripts.mediamathrdrt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.129.58
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 6c8845e0-8b04-40cc-90ea-19bf588e2ea5
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.006136
expires: 2022-08-30 08:01:33 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBUqwp1hAxjv9oy%2BZJnLa1SGpSWWKAdWDeaxleGv94AxDY9ave5Md6Y4jYobjQ7oo%2BjDo8lDz%2FvpD1Hq1xMA0R6q%2BNkKj4ivZ6BRtAOvN9B07dfsfYqus%2Brm5jaqvtprvoHXi5%2BuIfjoON71"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75233105df1e1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/netent.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9886159
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aaa12b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/pragmaticPlay.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_B75AA88F632B4D9FA5397ACC744093A0
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:33 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9717512
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310aaa18b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/palms.1f322dbc.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_B75AA88F632B4D9FA5397ACC744093A0; _ga=GA1.2.1540120494.1664438491; _gid=GA1.2.1988678553.1664438491; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         172.67.22.147
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 08:01:34 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-33a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7481690
vary: Accept-Encoding
server: cloudflare
cf-ray: 7523310c3c42b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---