safe-guard.site/mx/env/totalplay/
212.237.233.86302 Found 0 B URL HTTP/1.1 safe-guard.site/mx/env/totalplay/
IP 212.237.233.86:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /mx/env/totalplay/ HTTP/1.1
Host: safe-guard.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 24 Sep 2022 21:40:11 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ag2
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11883
Expires: Sun, 25 Sep 2022 00:58:14 GMT
Date: Sat, 24 Sep 2022 21:40:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C_m75ai0FgS2j14vVn6_mWpejeUyyKCvnZ-VeIB0521yuYMs3ZVfQg==
age: 61497
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
13.224.132.44200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 13.224.132.44:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 21:05:47 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5bcd40a2316c5562d7412ab736bca3a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: KZRrq-e8BBdqJA9Q61SFDwiDIKHIj1ATxLryFz_SpME-YkKHALkXOg==
Age: 2064
whampamp.com/4/5087048?var=ag2
139.45.197.236200 OK 7.1 kB URL HTTP/1.1 whampamp.com/4/5087048?var=ag2
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8753)
Hash 109afc458a3f2441d4e5381819876882
b75fbd219e668b833baee8788538a53c4abe389f
c7d1313b749a1f5e1a593fc0c87fde25af2fb21291325ba43d9bf67cdf248a14
Analyzer Verdict Alert quad9 Sinkholed
GET /4/5087048?var=ag2 HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 21:40:11 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 123f3b36088a5bd9b381b881e02f4bc9
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=282e2a4887654424a1ec6b443d340827; expires=Sun, 24 Sep 2023 21:40:11 GMT; path=/
oaidts=1664055611; expires=Sun, 24 Sep 2023 21:40:11 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 21:40:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f29a678b472b135eeec39af31d5114dc
3081b9afbbad4b726fc48a7b78255ee1081b7135
0a1f4757bf58c7492ce995087886375fb50f0872e626b5bd5d8749cb13b5f95d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 21:40:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 16:52:35 GMT
Expires: Thu, 29 Sep 2022 16:52:34 GMT
Etag: "3081b9afbbad4b726fc48a7b78255ee1081b7135"
Cache-Control: max-age=414142,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fead56bc5cb521-OSL
datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314
139.45.195.253200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 453
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 24 Sep 2022 21:40:12 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 21:40:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=419708,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fead56a936b52d-OSL
whampamp.com/favicon.ico
139.45.197.236204 No Content 0 B IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ag2
Cookie: OAID=282e2a4887654424a1ec6b443d340827; oaidts=1664055611
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 24 Sep 2022 21:40:12 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
my.rtmark.net/img.gif?f=merge&userId=282e2a4887654424a1ec6b443d340827
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=282e2a4887654424a1ec6b443d340827
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=282e2a4887654424a1ec6b443d340827 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 21:40:12 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=282e2a4887654424a1ec6b443d340827; expires=Sun, 24 Sep 2023 21:40:12 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
13.224.132.44200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 13.224.132.44:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 21:20:46 GMT
Expires: Sat, 24 Sep 2022 21:55:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f715245c12dc1f6bdadc387db50e442c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: IsUNOo0XOptXiqaqZYQD10E3iQBHAW5f0G0l34TxeY-gbUUmXz7r8Q==
Age: 1166
whampamp.com/?z=5087048&syncedCookie=true&rhd=false
139.45.197.236302 Found 0 B URL HTTP/1.1 whampamp.com/?z=5087048&syncedCookie=true&rhd=false
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 447
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=282e2a4887654424a1ec6b443d340827; oaidts=1664055611
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 24 Sep 2022 21:40:12 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 1a4883a3ab7c361c5c20eb77c9858abf
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597655156217360862&subid1=5087048&cost=0.001923&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=282e2a4887654424a1ec6b443d340827; expires=Sun, 24 Sep 2023 21:40:12 GMT; path=/
oaidts=1664055611; expires=Sun, 24 Sep 2023 21:40:12 GMT; path=/
syncedCookie=true; expires=Sat, 01 Oct 2022 21:40:12 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 906
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:12 GMT
Last-Modified: Sat, 24 Sep 2022 21:25:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb4c7699a20964e546d9587c832dea8a
6ae6ec864620166d3c71921ea03fe2dc2f713375
04d8d473fd14d64a80b1fadaa049f2f758cdc7a3db74d4f4892ade68a5b68f24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04D8D473FD14D64A80B1FADAA049F2F758CDC7A3DB74D4F4892ADE68A5B68F24"
Last-Modified: Sat, 24 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16932
Expires: Sun, 25 Sep 2022 02:22:24 GMT
Date: Sat, 24 Sep 2022 21:40:12 GMT
Connection: keep-alive
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597655156217360862&subid1=5087048&cost=0.001923&rdk=rk3
157.90.33.78302 Found 0 B URL HTTP/2 eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597655156217360862&subid1=5087048&cost=0.001923&rdk=rk3
IP 157.90.33.78:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597655156217360862&subid1=5087048&cost=0.001923&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 24 Sep 2022 21:40:12 GMT
content-length: 0
x-trace: 166862826ffa096d484f12ebac7a4eb1
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=WLDw6wfrQV2hMme6Onmpfw; expires=Sun, 24 Sep 2023 21:40:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
35.227.234.222302 Found 0 B URL HTTP/1.1 35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
IP 35.227.234.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 24 Sep 2022 21:40:12 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google
push.services.mozilla.com/
35.162.203.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.203.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RnSL8AAH25CrZUHKIXIgcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uAX/TRsVjB5GlUKd8CPGHkhMZfE=
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
23.36.79.9301 Moved Permanently 0 B URL HTTP/2 media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 24 Sep 2022 21:40:12 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 21:40:12 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664055612788)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C20229242140%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%225117917%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Mon, 24-Sep-3021 21:40:12 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=100
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3144f1238bfc47b688919ec2fb2f1d9a
06a32006bbb1e0f1c44bba6c86c01fe8b6c7e83e
d6010e4a702073c58b5db4014bef15694f2e550dcb261b6e7c508ec29bfbc388
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:12 GMT
Server: ECS (amb/6B9B)
Content-Length: 280
www.megarush.com/fonts/Inter-Regular.woff2
172.67.22.147200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-Regular.woff2
IP 172.67.22.147:0
File type Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Hash 5ec57a5a91c67095e4a7e91ac375ffb1
23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5
GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: font/woff2
content-length: 10108
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3913
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead5dbdb0b524-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/DS-Digital.woff2
172.67.22.147200 OK 776 B URL HTTP/2 www.megarush.com/fonts/DS-Digital.woff2
IP 172.67.22.147:0
File type Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Hash 789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248
GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: font/woff2
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3793
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead5dbdb1b524-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/Inter-ExtraBold.woff2
172.67.22.147200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-ExtraBold.woff2
IP 172.67.22.147:0
File type Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Hash d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c
GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: font/woff2
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3913
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead5dbdaeb524-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/Inter-Bold.woff2
172.67.22.147200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-Bold.woff2
IP 172.67.22.147:0
File type Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Hash a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37
GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: font/woff2
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3913
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead5dbdafb524-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
142.250.74.72200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP 142.250.74.72:0
File type ASCII text, with very long lines (23513)
Hash 49b2c023ca480e3e741b261fe661817f
bbf1636c7e2ddd24e0f0098187ac66906eb4cbe5
2ec5efea39f79acad275d2a1c351dd9126d62b526a7962696bb50b25d4dd593c
GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 21:40:13 GMT
expires: Sat, 24 Sep 2022 21:40:13 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50664
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7742a05d973f02cf3432d34b2a3a5624
ecb79d116cb857b82c184e8444d7e046ee47029b
d88363206be929a01659c67bc1f86913b9b14039ae509fa14545263d6d2b50c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D88363206BE929A01659C67BC1F86913B9B14039AE509FA14545263D6D2B50C1"
Last-Modified: Sat, 24 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2569
Expires: Sat, 24 Sep 2022 22:23:02 GMT
Date: Sat, 24 Sep 2022 21:40:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7742a05d973f02cf3432d34b2a3a5624
ecb79d116cb857b82c184e8444d7e046ee47029b
d88363206be929a01659c67bc1f86913b9b14039ae509fa14545263d6d2b50c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D88363206BE929A01659C67BC1F86913B9B14039AE509FA14545263D6D2B50C1"
Last-Modified: Sat, 24 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2569
Expires: Sat, 24 Sep 2022 22:23:02 GMT
Date: Sat, 24 Sep 2022 21:40:13 GMT
Connection: keep-alive
www.megarush.com/js/chunk-vendors.25e1a372.js
172.67.22.147200 OK 106 kB URL HTTP/2 www.megarush.com/js/chunk-vendors.25e1a372.js
IP 172.67.22.147:0
Size 106 kB (106019 bytes)
Hash 1664356370dc417876eaa3ccd2e0b948
63286c5d2002be68cefc19695c6fe571a1b738c4
bae847efae39616cf19c9eca913a511f019b4a102928628aed6c65ee4c12af36
GET /js/chunk-vendors.25e1a372.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6527
server: cloudflare
cf-ray: 74fead5dbdb6b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/index.3e5fca25e481a764411c.css
172.67.22.147200 OK 45 kB URL HTTP/2 www.megarush.com/index.3e5fca25e481a764411c.css
IP 172.67.22.147:0
Hash 10a62f5837cacce52a81afc5bbbadbc1
2a39bcc43a2d23799fc979122423a9043f24ed9a
cd2a3e2a105a6e3501b16b4d69a79a042abdb79b82953ea8a44f81d2537f67eb
GET /index.3e5fca25e481a764411c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6472
server: cloudflare
cf-ray: 74fead5dbdb5b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 24 Sep 2022 20:41:09 GMT
expires: Sat, 24 Sep 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 3544
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
172.67.22.147200 OK 3.2 kB URL HTTP/2 www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
IP 172.67.22.147:0
Hash 0485a6d584d42e8b42370f876bd1a4c0
27e0e55c76be790cab7766576153382adfb2faf3
63f64a6b5971e0d51df0dffce85830a14ced91c015de575b1637a7c2e05265c3
GET /nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/html
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-497zf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead5d3d13b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
108.156.13.178200 OK 16 kB URL HTTP/1.1 d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP 108.156.13.178:0
File type ASCII text, with very long lines (16536)
Hash 9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a
GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 11:24:13 GMT
ETag: "9f2263de140cc78c0737d17051307016"
X-Cache: Hit from cloudfront
Via: 1.1 14b5d848e0a4cab1de054891ea1e787c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL51-P1
X-Amz-Cf-Id: 9xxc3DMAuZj0eAUQ0onjZiM_0qz8ZtefSZViofKV9PrNx7PAaLMrgA==
Age: 36961
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0a857ec357c4926f2ff239f9a31bb9bb
a5a58af0cbec26484ecc20b0a77abfd9793afa23
286f60e4d1f4321e2541bc84299afd02a2729bd3f97c7af719dd1c7fc2e9b773
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4254
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:13 GMT
Last-Modified: Sat, 24 Sep 2022 20:29:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.megarush.com/base.css
172.67.22.147200 OK 65 kB URL HTTP/2 www.megarush.com/base.css
IP 172.67.22.147:0
Hash 18996a1a3024dd09903d85c22a5cd46e
ce06f244696433f43ef34303058e6c9dbe5d494e
c3098b418fb4b9f7389c4f22ccec8906ed6997401d899c1b61398980853df7a6
GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Tue, 20 Sep 2022 19:46:31 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6263
server: cloudflare
cf-ray: 74fead5dbdb2b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612>m=2wg9l0K4GPX49&z=2006441161
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612>m=2wg9l0K4GPX49&z=2006441161
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612>m=2wg9l0K4GPX49&z=2006441161 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Sat, 24 Sep 2022 12:50:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 31789
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEBAAEABAAAAAC~&jid=214743944&gjid=356499025&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612&_r=1>m=2wg9l0K4GPX49&z=1767156809
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEBAAEABAAAAAC~&jid=214743944&gjid=356499025&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612&_r=1>m=2wg9l0K4GPX49&z=1767156809
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEBAAEABAAAAAC~&jid=214743944&gjid=356499025&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612&_r=1>m=2wg9l0K4GPX49&z=1767156809 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.megarush.com
date: Sat, 24 Sep 2022 21:40:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632f793cd3a0cae114a29c3c
104.18.38.157101 Switching Protocols 0 B URL HTTP/1.1 megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632f793cd3a0cae114a29c3c
IP 104.18.38.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632f793cd3a0cae114a29c3c HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GHrHB7xUt9I7lCvbJpbsmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 24 Sep 2022 21:40:13 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: GU2o4why2ySQPwjyKSMdbX68ROQ=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=a97e9b23ef57e88ea120d9331828b0a7; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fead613f06b518-OSL
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP 142.250.74.3:0
Hash 82db53eefc48dfca8cb998427a0bcc8e
7174a3d479ad51c7a0acac5a804cadbd1b0c16d8
b7f270699334895cd526e18412d366dcb647492e03cef6f1f3f76b41e0841bca
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megalotto-static.gigmagic.io/translations/no.json
172.64.149.99200 OK 75 kB URL HTTP/2 megalotto-static.gigmagic.io/translations/no.json
IP 172.64.149.99:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Hash c2bbcc94bb88bd8501e783cb5309f53a
0866706258d25179ff9f25f1185d54e8a9222eec
dc6d64b029ac273b3bfb1434db5f41e784532e7896343388fc5635fdbbd91cd2
GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: application/json; charset=utf-8
content-length: 75076
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 20 Sep 2022 12:59:05 GMT
etag: "c2bbcc94bb88bd8501e783cb5309f53a"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead620ef6fab8-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d9eff21729a0c32955af875ed373b4b0
308b854f40b1f64aa2acfd290d19949530d44c34
46894d8a5b637e4f3bb5e22980e12cd28d07c484f89999ef99917f8371d0491c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46894D8A5B637E4F3BB5E22980E12CD28D07C484F89999EF99917F8371D0491C"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6929
Expires: Sat, 24 Sep 2022 23:35:42 GMT
Date: Sat, 24 Sep 2022 21:40:13 GMT
Connection: keep-alive
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
172.64.149.99200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 172.64.149.99:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=e8751e5421811b1fce445d4dd9bfadea; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead637ff2fab8-OSL
X-Firefox-Spdy: h2
rs.fullstory.com/rec/page
35.186.194.58202 Accepted 76 B URL HTTP/2 rs.fullstory.com/rec/page
IP 35.186.194.58:0
File type JSON data\012- , ASCII text
Hash 483ffa09cea154d304956a80f8b6b0cc
8c4675aeda7de53c381d4027ac239f0ea83a82ca
39cd29318acd06252db1fc7edf14ce35ebbd083cf672cd371bb0e40340370f08
POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 377
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 21:40:13 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15690
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 21:40:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15690
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 21:40:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15690
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 21:40:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15690
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 21:40:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dXqPCGTGK8gW86McTltPuNYKXQgUuSqcL_XbyRQitinH5LsUscmU2w==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 85945
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-4.png
172.67.22.147200 OK 786 B URL HTTP/2 www.megarush.com/img/home-page/coin-2-4.png
IP 172.67.22.147:0
File type PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Hash dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09
GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31041010
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead642d78b524-OSL
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
172.64.149.99200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 172.64.149.99:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=ec165fe678b48342d2debd4134e1852b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead63f84efab8-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 85398
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-2.png
172.67.22.147200 OK 2.2 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-2.png
IP 172.67.22.147:0
File type PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Hash c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca
GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7098236
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead642d7cb524-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 85658
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-3.png
172.67.22.147200 OK 1.8 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-3.png
IP 172.67.22.147:0
File type PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Hash fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680
GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9501999
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead642d7eb524-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:59:08 GMT
age: 85266
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d9eff21729a0c32955af875ed373b4b0
308b854f40b1f64aa2acfd290d19949530d44c34
46894d8a5b637e4f3bb5e22980e12cd28d07c484f89999ef99917f8371d0491c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46894D8A5B637E4F3BB5E22980E12CD28D07C484F89999EF99917F8371D0491C"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6928
Expires: Sat, 24 Sep 2022 23:35:42 GMT
Date: Sat, 24 Sep 2022 21:40:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:12:38 GMT
age: 62856
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/mega-jackpots.png
172.67.22.147200 OK 64 kB URL HTTP/2 www.megarush.com/img/home-page/mega-jackpots.png
IP 172.67.22.147:0
File type PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Hash b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d
GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9495540
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead645da8b524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-1.png
172.67.22.147200 OK 3.5 kB URL HTTP/2 www.megarush.com/img/home-page/coin-2-1.png
IP 172.67.22.147:0
File type PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Hash 09e800f81a52a109cbf3a8b2f8e727bf
d44509cdbddce4991b70f10276c47786e9993d0b
8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376
GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31041010
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead645daeb524-OSL
X-Firefox-Spdy: h2
megalotto-static.gigmagic.io/games/no_NO.json
172.64.149.99200 OK 714 kB URL HTTP/2 megalotto-static.gigmagic.io/games/no_NO.json
IP 172.64.149.99:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 714 kB (714008 bytes)
Hash 2b8d7eb8d9f56918e231833888a022c4
38aa421f60d49dc4f204d473c435e34529e2e9e8
b3fe1abb3128d08ba81a2de1ae727dba1fc4fec2f829a44dceeb23a219dfc3f9
GET /games/no_NO.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: application/json; charset=utf-8
content-length: 714008
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 06 Sep 2022 08:13:41 GMT
etag: "2b8d7eb8d9f56918e231833888a022c4"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead637feefab8-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 85584
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-1-1.png
172.67.22.147200 OK 4.3 kB URL HTTP/2 www.megarush.com/img/home-page/coin-1-1.png
IP 172.67.22.147:0
File type PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Hash 214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0
GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31041010
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead645dadb524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-2.png
172.67.22.147200 OK 2.6 kB URL HTTP/2 www.megarush.com/img/home-page/coin-2-2.png
IP 172.67.22.147:0
File type PNG image data, 61 x 69, 8-bit colormap, non-interlaced\012- data
Hash bba9175cb7f05129ab03029f757b73ec
3efab582d082e5eb7f9ad9106f564c6f95e1fcc0
5ec2a2d82d3f356dcda627c1858e64278702b9c348f707287c9e72d0cbe05ad7
GET /img/home-page/coin-2-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 2616
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-a38"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9497842
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead645db0b524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-1.png
172.67.22.147200 OK 4.4 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-1.png
IP 172.67.22.147:0
File type PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Hash 3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6
GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31041010
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead646db6b524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/promotions.png
172.67.22.147200 OK 21 kB URL HTTP/2 www.megarush.com/img/benefits/promotions.png
IP 172.67.22.147:0
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d9863db2ba8c87a673de9ea91482d5e
daca14014aeb80e137b6682a8c816cdd92639b2c
131582b1399fc62d9464a553a37bf6938d29fa48852a4d2564a3f6315f366911
GET /img/benefits/promotions.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 21005
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-520d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2617297
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead64adefb524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/loyalty.png
172.67.22.147200 OK 9.7 kB URL HTTP/2 www.megarush.com/img/benefits/loyalty.png
IP 172.67.22.147:0
File type PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Hash df4d6dc1ebb3bbbace8d15ec77486d46
287e7185a17258c716cbf616aa95287c0db255a9
a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8
GET /img/benefits/loyalty.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 9659
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9497842
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead64adfdb524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/megaclub.png
172.67.22.147200 OK 11 kB URL HTTP/2 www.megarush.com/img/benefits/megaclub.png
IP 172.67.22.147:0
File type PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Hash 6a13cb2219f5d42d2a9c95d9104ef8b2
7fcbf688a27942e5fc89d5796144c17095336a41
02796f7fee25c816673368b88fae179a1d4ac8210b8c1dd5198825e56e592e66
GET /img/benefits/megaclub.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 10578
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2722820
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead64ae07b524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/feel-the-rush.png
172.67.22.147200 OK 49 kB URL HTTP/2 www.megarush.com/img/home-page/feel-the-rush.png
IP 172.67.22.147:0
File type PNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data
Hash 141c6d0e374b086cf1d604173cb607c8
9e5531e6e26ad4cb621dd35d9521b167ce99ca53
c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2
GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 48691
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31041010
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead64ae0db524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/netent.svg
172.67.22.147200 OK 21 kB URL HTTP/2 www.megarush.com/img/icons/netent.svg
IP 172.67.22.147:0
Hash 7fe331ae716b8d350d03bd6dbc5b034b
f85525d62222dbd204319fbfc9dcdd94f2e66deb
910426337e4e5157f1802c2041ee67231cc9c4f26c45b4aac4ac3214e8a85201
GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9503280
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead644d9bb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/affiliates/online-gamblers.png
172.67.22.147200 OK 14 kB URL HTTP/2 www.megarush.com/img/affiliates/online-gamblers.png
IP 172.67.22.147:0
File type PNG image data, 800 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c612bb3dbe37436b86ec881eecb90c4
45722b1f16d3b61f2803fa3bb78403414bd3a442
e92c2f751a6eddbd489bf745193c6af18af7d1f270396f0a0d40efc778c5672c
GET /img/affiliates/online-gamblers.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 14178
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-3762"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266438
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead659f34b524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/affiliates/norges-casino.png
172.67.22.147200 OK 12 kB URL HTTP/2 www.megarush.com/img/affiliates/norges-casino.png
IP 172.67.22.147:0
File type PNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data
Hash 453efb7650d4c514229ddc7cb4b5d04f
f00e51876a720516521db90908019e5ccebe0397
d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e
GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 12111
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266438
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65af5cb524-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c642fd2431f428b56a0b4dc797518e1
9642d1602fa7f92b341d90fe2279e03ba7010993
3317c90690b614384073a3552a5b7a0b8378943e54c910539a01c1b42d9dfe8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1894
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:14 GMT
Last-Modified: Sat, 24 Sep 2022 21:08:40 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.megarush.com/img/icons/promotions--updated.svg
172.67.22.147200 OK 1.2 kB URL HTTP/2 www.megarush.com/img/icons/promotions--updated.svg
IP 172.67.22.147:0
Hash 5f928553fd7d8fc9e03feb8f2c8aafcb
3f6eb219746f65b9dc14e9701e6366e818664e10
69102dadc45f6bf32576c9b2942152bde602bf63c89b36de8274597dc75f1674
GET /img/icons/promotions--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9497842
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efcbb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/relaxGaming.svg
172.67.22.147200 OK 7.4 kB URL HTTP/2 www.megarush.com/img/icons/relaxGaming.svg
IP 172.67.22.147:0
Hash f46a365cf1504bb02ad978368cf9487d
5cb9fbec22a0c09eef3a3dfe5256c5564da65262
a3d4d6a3d2f8dd9a791bc2176e1ee48cb35c2385f149041348319ebb1c5ee56b
GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7098236
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead644d93b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/gambleaware18.svg
172.67.22.147200 OK 36 kB URL HTTP/2 www.megarush.com/img/icons/gambleaware18.svg
IP 172.67.22.147:0
Hash 7e4b5fe48b2cafe829299e87d33e81a7
d81e65b0f15278b8c4c3208b903c06cd8f5055d9
f5db1a9a7ad6a69677db033e307bb77818692449f6d0050cbac648184c830f07
GET /img/icons/gambleaware18.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9495699
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead663870b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--flat.svg
172.67.22.147200 OK 77 kB URL HTTP/2 www.megarush.com/img/icons/live-casino--flat.svg
IP 172.67.22.147:0
Hash 7be0bf9c1e2b835f789abc610a853a53
f05a0c05d3a2a48aff0363b1324ded9253816c76
3b1f29db7a31dc759d5c36eb1aff374325c0f29bbe5741db59419fd9bfc9731a
GET /img/icons/live-casino--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efcfb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/question-mark-1.d872b1da.png
172.67.22.147200 OK 54 kB URL HTTP/2 www.megarush.com/img/question-mark-1.d872b1da.png
IP 172.67.22.147:0
File type PNG image data, 632 x 820, 8-bit colormap, non-interlaced\012- data
Hash d872b1daeb19c1afe87b87c10de4343d
40c2dbf4eea216df495b10b6c039356432b41c4f
56d454faccb635efca719d35f33cd06b0131c75ee321a7f1fb6914099ebdcf96
GET /img/question-mark-1.d872b1da.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 53566
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-d13e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8633951
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead66d933b524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/casino--side-nav.svg
172.67.22.147200 OK 84 kB URL HTTP/2 www.megarush.com/img/icons/casino--side-nav.svg
IP 172.67.22.147:0
Hash cae16df593c0cf932a6ee609c1a5209c
1665d7926975b32ab032222889c23091c7c86007
a233b9b204f493a30cacb69329a8b2b501ba569485d9285d88a861b3401ec8a8
GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18014035
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65bf5eb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--yellow.svg
172.67.22.147200 OK 64 kB URL HTTP/2 www.megarush.com/img/icons/live-casino--yellow.svg
IP 172.67.22.147:0
Hash 5ec1558b231784a44451ad3503781be8
d423f92c9af4f9e6e8b472ba5f88617f6dc2fe64
3e8569e062ca18c64f78aa9f7285cc5cdbc5acb16b1cc36e10077713597af587
GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17991309
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efc7b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/payments.svg
172.67.22.147200 OK 11 kB URL HTTP/2 www.megarush.com/img/icons/payments.svg
IP 172.67.22.147:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (13268), with CRLF, LF line terminators
Hash 034f34b43ce2424bd9c0ee32df2082a9
e0a7f481de97e4a68fcecfc0f5262b5c3bd703b7
6c33602c2140dde4938d23891faa68d15e7ce040798af0ece671718ae10c7c61
GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9501999
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efccb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/glows/half-blue.svg
172.67.22.147200 OK 3.9 kB URL HTTP/2 www.megarush.com/img/home-page/glows/half-blue.svg
IP 172.67.22.147:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (23516)
Hash 156bc80e585b13d85f7aad8605a04c60
b4e92c4adf151fdb8505896f282fbbc0ae73a00d
86da854b7bc94a58c4ff23e74f08da51cf0ad56afc1b0eb3b84e3766fe4569e0
GET /img/home-page/glows/half-blue.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-2a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30020044
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead66c927b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/playAndGo.svg
172.67.22.147200 OK 131 kB URL HTTP/2 www.megarush.com/img/icons/playAndGo.svg
IP 172.67.22.147:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (59601)
Size 131 kB (131146 bytes)
Hash 0649eb26d67fe3e1cc9186f6d87b12a3
b639925c31f4cb8c7e4be05681abe961d9b75be2
a339d1525588c4009be7e20d83c46e31b20de855aa2b63c78e355b90e1358ba6
GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31040841
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead644d91b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/search.svg
172.67.22.147200 OK 217 kB URL HTTP/2 www.megarush.com/img/icons/search.svg
IP 172.67.22.147:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (64409)
Size 217 kB (217083 bytes)
Hash 9126e58a3fbcb4b4b6509e188e1353cc
1b4a07e08b027ae39b6a0d72ca76da43b403f398
55f37949660ac1898fbb4fd917a7f2b815b5c3dd69f361e58e59ae90338afc7d
GET /img/icons/search.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-212"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efd3b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/trustly--white.svg
172.67.22.147200 OK 1.2 kB URL HTTP/2 www.megarush.com/img/icons/trustly--white.svg
IP 172.67.22.147:0
Hash 84f88308ae10fb8a353d188607dda56e
ab7a8af71d1a256e6306a7b9bfeedfb24d5eaf0c
a935c84d3b457b348921d99c300e1ab952883799bcc94b6389e6b39924de6caa
GET /img/icons/trustly--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9503280
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f803b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/games--flat.svg
172.67.22.147200 OK 6.2 kB URL HTTP/2 www.megarush.com/img/icons/games--flat.svg
IP 172.67.22.147:0
Hash ee13cf7b4fcfa8cc6f861adc060c6ba3
f8c870c9ef74ef5cb106858ba16892f2c74c3909
60d5302ea8c5c4c3dbb95a555199239ea77787fb673b91eac0be974ada7dd412
GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efceb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
172.64.149.99200 OK 2.3 kB URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 172.64.149.99:0
Hash 0d1bb65918f27e42716e8e42899b358b
bb4aa211c084894d9d3566bb587476e367047b51
75ed2a280debad989d2e1e66743ca75ba9192547445861c9edb0058291b8bda2
POST /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 632f793cd3a0cae114a29c3c
Origin: https://www.megarush.com
Content-Length: 47
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=a97e9b23ef57e88ea120d9331828b0a7; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead644890fab8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
104.18.38.157200 OK 10 kB URL HTTP/2 megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP 104.18.38.157:0
File type ISO Media, AVIF Image\012- data
Hash 28ccbd410f5b5e0e33516f7e71bcc0a7
0c6d269f173969c51a90daf5b3fc6eca0ed4c708
419bd04af07cecfa20d4290e95e7a9f13a1d75f28b9adc9da8b2e10d183812f6
GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 06 Sep 2022 09:45:02 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 66cd5b3423986c504740641be9f0a18ddd2feace
x-imgix-render-farm: 01.1072
age: 1598111
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-ams12739-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead642c470afa-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/menu.svg
172.67.22.147200 OK 96 kB URL HTTP/2 www.megarush.com/img/icons/menu.svg
IP 172.67.22.147:0
Hash a39b761158137e86d73160e27c09fcc1
0ab0b6c2eb48f59a63572a8b47594fa091511b64
0fa4606d9f3f00a8786788cfb7b50bd79c5129b59fc5aeebd05d5616bd678ab4
GET /img/icons/menu.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Mar 2022 09:55:04 GMT
etag: W/"62330578-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16273196
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efd4b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 112 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ada688893d3bb826641c5154ba87fffe
8b542749a632699ac961fc00c90cff721aba538f
638316d72cf3bb9e9e5b22da2e2da0c1c30b2f7ad8b438e717cf3a454add38a1
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 112
date: Sat, 24 Sep 2022 21:40:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
graphql.datocms.com/
104.22.3.238200 OK 132 kB IP 104.22.3.238:0
Size 132 kB (131473 bytes)
Hash 0a0beb358f4f21ca23131a5f791a0258
52daa6d54687b82532427438e4bce02fb66eddbd
8f8b8b6395dc6232b333ae0dab15bb8a4bb90932f9600649e4257b1c5c8fb006
POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
authorization: Bearer 35d777e787abbc619166a62135c433
Content-Length: 151
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:15 GMT
content-type: application/json; charset=utf-8
cf-ray: 74fead6b7e2db512-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 1618823
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 42
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4336-DUB, cache-bma1665-BMA
x-timer: S1664055615.325872,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
13.224.132.9200 OK 271 B URL HTTP/2 rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
IP 13.224.132.9:0
Hash 34e255255d25312b08a2cc8566b5bf38
56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23
GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sat, 24 Sep 2022 21:18:40 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d01c9eafefacaa6322fccd6199f781c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: gTwsoummSn56QTsYMWiShlaeNyP_cwesUfGzUFMJh_r3KfWPpWnPCg==
age: 2283
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
151.101.86.248200 OK 90 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP 151.101.86.248:0
Hash fe1cfc14b7498b187c78fa72fb72d148
6bec8ce832951162e0ebc4b257e3ee850fe7aade
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Sat, 24 Sep 2022 21:40:15 GMT
Age: 1133636
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 10
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
pxl.qccerttest.com/pixel?r=965339072;fpan=1;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614357;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ogl=
143.204.55.21200 OK 35 B URL HTTP/2 pxl.qccerttest.com/pixel?r=965339072;fpan=1;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614357;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ogl=
IP 143.204.55.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=965339072;fpan=1;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614357;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
date: Sat, 24 Sep 2022 01:48:50 GMT
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t3ibIPqKo3VSm4BijmmsOzdrnb6gT7h7FLWjAiumDCSWnlBeoAj63g==
age: 71486
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Origin
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1201983825;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614359;tzo=0;ogl=;ses=ca5aa42c-c95b-4973-bc1e-fced8cc656ac
91.228.74.244200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1201983825;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614359;tzo=0;ogl=;ses=ca5aa42c-c95b-4973-bc1e-fced8cc656ac
IP 91.228.74.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1201983825;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614359;tzo=0;ogl=;ses=ca5aa42c-c95b-4973-bc1e-fced8cc656ac HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:15 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=632f793f-97f8e-3c405-500af; expires=Wed, 25-Oct-2023 21:40:15 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
megalotto-static.gigmagic.io/video/header-video-720p.webm
172.64.149.99206 Partial Content 1.3 MB URL HTTP/2 megalotto-static.gigmagic.io/video/header-video-720p.webm
IP 172.64.149.99:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 1.3 MB (1336865 bytes)
Hash 63177b286fe4cb8a5431377710ad3715
e762daea246c011e634a226f6062a9a27a344f80
ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817
GET /video/header-video-720p.webm HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Sat, 24 Sep 2022 21:40:15 GMT
content-type: video/webm
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Sun, 25 Sep 2022 01:40:15 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 74fead6cddfdfab8-OSL
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Sat, 24 Sep 2022 21:40:15 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Sat, 24 Sep 2022 21:40:15 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-clock-badge-new.svg
172.67.22.147200 OK 682 B URL HTTP/2 www.megarush.com/img/icons/mega-clock-badge-new.svg
IP 172.67.22.147:0
Hash e4c2a3b2c799425fb8ae2d0ec5e8dd87
cbf8b5a116a2f8c922b6b6ff68360b9ddc57558d
d016dc0c6f58ad89ed68dbc39b8ee6660179091ef84e0c722406c64f6c1434e3
GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9491323
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f80db524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Sat, 24 Sep 2022 21:40:15 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Sat, 24 Sep 2022 21:40:15 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 110 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fcd8b40e3de241f9627240d4bab6f694
9a3d777f60a870d7f92f30188b27e340d913a56a
2a037aeb75ef4e1f8a382e67e76c6f9538bb688e3adc0cad8515bc564eefbcf1
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 110
date: Sat, 24 Sep 2022 21:40:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=|&ord=237188630032&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.2.234302 Found 0 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=|&ord=237188630032&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.2.234:0
GET /Serving/TrackPoint/?pm=2381934&ADFdivider=|&ord=237188630032&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=237188630032&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Mon, 24-Oct-2022 21:40:13 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.megarush.com/js/index.94a008e8.js
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/js/index.94a008e8.js
IP 172.67.22.147:0
GET /js/index.94a008e8.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6471
server: cloudflare
cf-ray: 74fead5dbdb9b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/megaclub--updated.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/megaclub--updated.svg
IP 172.67.22.147:0
GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9503588
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efc9b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/flag-nb-no.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/flag-nb-no.svg
IP 172.67.22.147:0
GET /img/icons/flag-nb-no.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f80eb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/begambleaware.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/begambleaware.svg
IP 172.67.22.147:0
GET /img/icons/begambleaware.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-18df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead663868b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/chunk-vendors.76e8e4d0.css
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/chunk-vendors.76e8e4d0.css
IP 172.67.22.147:0
GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6527
server: cloudflare
cf-ray: 74fead5dbdb4b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
scripts.mediamathrdrt.com/scripts/b_megarush.js
172.67.129.58200 OK 0 B URL HTTP/2 scripts.mediamathrdrt.com/scripts/b_megarush.js
IP 172.67.129.58:0
GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: f9c9d366-8f2c-4016-878d-b0cb22896146
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.004911
expires: 2022-08-25 21:40:13 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZ3DnCc7Um2ZKhW1%2Bpl2J9WWrWbjVYvjaO8Dt7vn2VKwnEaChB89%2F6XVGuMOKVl6P7QiYbw1VZnc%2Fd0xEiW7YUbbeLa9MrMuKg211pGvC7mRaAKIeDNpr9zcOmdZQjFjR%2B1wFrbOG9ca99C4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fead5fab30b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.megarush.com/img/icons/visa--white.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/visa--white.svg
IP 172.67.22.147:0
GET /img/icons/visa--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-279"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efd5b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-bolt-badge-new.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-bolt-badge-new.svg
IP 172.67.22.147:0
GET /img/icons/mega-bolt-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-655"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2765314
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f808b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
172.64.149.99200 OK 0 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 172.64.149.99:0
POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 632f793cd3a0cae114a29c3c
Origin: https://www.megarush.com
Content-Length: 18
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=a97e9b23ef57e88ea120d9331828b0a7; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead63c829fab8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/astropaycard--white.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/astropaycard--white.svg
IP 172.67.22.147:0
GET /img/icons/astropaycard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7098811
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f800b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-phone-badge-new.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-phone-badge-new.svg
IP 172.67.22.147:0
GET /img/icons/mega-phone-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29503856
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f80ab524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/service-worker.js
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/service-worker.js
IP 172.67.22.147:0
GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:15 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Sat, 24 Sep 2022 21:40:45 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead6ee99db524-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/pragmaticPlay.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/pragmaticPlay.svg
IP 172.67.22.147:0
GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9334633
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead645da7b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/help-round.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/help-round.svg
IP 172.67.22.147:0
GET /img/icons/help-round.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efcdb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-checked-badge-new.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-checked-badge-new.svg
IP 172.67.22.147:0
GET /img/icons/mega-checked-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-66f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29503856
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f80bb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/promotions--flat.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/promotions--flat.svg
IP 172.67.22.147:0
GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17991309
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efd0b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mastercard--white.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mastercard--white.svg
IP 172.67.22.147:0
GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efd7b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2