Report - safe-guard.site/mx/env/totalplay/

Report Overview

Submitted URL
safe-guard.site/mx/env/totalplay/
IP
212.237.233.86
ASN
#212531 UAB Interneto vizija
Submitted
2022-09-24 21:40:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
whampamp.com	30947	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	9.8 kB	139.45.197.236
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.4 kB	142.250.74.3
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	22 kB	142.250.74.174
graphql.datocms.com	163121	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	133 kB	104.22.3.238
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	678 B	139.45.195.8
35.227.234.222	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	204 B	35.227.234.222
rs.fullstory.com	2455	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	417 B	35.186.194.58
safe-guard.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	352 B	235 B	212.237.233.86
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	7.1 kB	23.36.77.32
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.5 kB	23.36.77.32
encore.scdn.co	25928	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	485 B	90 kB	151.101.86.248
pixel.quantserve.com	417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	972 B	459 B	91.228.74.244
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.162.203.49
megalotto-img.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	11 kB	104.18.38.157
apresolve.spotify.com	753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	816 B	832 B	34.98.74.57
megalotto-api.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	4.7 kB	104.18.38.157
pxl.qccerttest.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	859 B	730 B	143.204.55.21
gew4-spclient.spotify.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.3 kB	35.186.224.17
scripts.mediamathrdrt.com	273493	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	840 B	172.67.129.58
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	13.224.132.44
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.7 kB	93.184.220.29
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	51 kB	142.250.74.72
d3mi6d1ao3fzsg.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	17 kB	108.156.13.178
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	172.64.155.188
datatechone.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	462 B	139.45.195.253
www.megarush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	38 kB	1.3 MB	172.67.22.147
megalotto-static.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.1 MB	172.64.149.99
track.adform.net	3564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	541 B	721 B	37.157.2.234
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
eu.can-get-so.me	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	527 B	381 B	157.90.33.78
media.megarushaffiliates.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	1.1 kB	23.36.79.9
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	59 kB	34.120.237.76
rules.quantcount.com	877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	937 B	13.224.132.9

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-24	medium	safe-guard.site/mx/env/totalplay/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-24	medium	whampamp.com	Sinkholed
2022-09-24	medium	datatechone.com	Sinkholed
2022-09-24	medium	whampamp.com	Sinkholed
2022-09-24	medium	whampamp.com	Sinkholed

JavaScript (27)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-K4GPX49	152 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K4GPX49 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:40:26 Last Seen2023-03-08 00:40:26 Times Seen1 Hash f79cdf033448ae9ca6f32a36930c70db 74ffd1a00727e6c62dffe8fb478e98f62dece8a6 dd2631935b0e680101bfb58e202c858785fd6d6a4213e062ebc7c1322df6ace1 Loading...

	scripts.mediamathrdrt.com/scripts/b_megarush.js	805 B	2023-03-07	2024-03-29
Pretty URL scripts.mediamathrdrt.com/scripts/b_megarush.js IP 172.67.129.58 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2024-03-29 16:08:03 Times Seen301 Hash 515636fd468eb57dafca110b214b3161 2843400ad362c003c84b007091acd45c7ecf813f b89528e21d6f85cc11459c7b6ec733cb9f9775a351f6dda2597aa76eeca5b761 Loading...

	www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C	1.2 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 4b845dcbe67dcf2f08884d22e61ca993 d5df2c0e8e2e49aef3881c2331cc8c2a601d6667 8df185c955c3ece045fce2017142562a3d3b8c678176d86faeab2c8f5307c791 Loading...

	secure.quantserve.com/quant.js	27 kB	2023-03-07	2023-03-17
Pretty URL secure.quantserve.com/quant.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:49:11 Last Seen2023-03-17 12:55:49 Times Seen1 Hash 78ddecc5281a6afd31e701cbc4607581 91f15c2f3080ddccb4aaddcbaceeb6cfc462771b 34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745 Loading...

	rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js	271 B	2023-03-07	2023-03-17
Pretty URL rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js IP 13.224.132.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 34e255255d25312b08a2cc8566b5bf38 56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85 1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23 Loading...

	www.megarush.com/js/chunk-vendors.25e1a372.js	326 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/chunk-vendors.25e1a372.js IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 794d5dedcb45f2d9e25097986de4b2d8 a7e6eccff06fea3094cf113b276a0e8ca408eb8a f8063bd1bb6c5549795d3eea5d60aab8e94688fb1b67901a60d4ce921790b4fd Loading...

	www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C	1.1 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 8d23e75026216948f6f5480cfec43614 19f79c45ee1364682a41bf32d9ed60000977c5e8 82cd2ac7e097cd8a40b29aacebcbdb07b414cf167a11c9c88af7e6733b712efc Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js	16 kB	2023-03-07	2023-03-17
Pretty URL d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js IP 108.156.13.178 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 9f2263de140cc78c0737d17051307016 0174dfe38c88f9e7043b002fb9131c7a71399d77 17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 06:46:57 Times Seen36953628 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C	70 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 29c52dd8b94963ce070a831157ff78e6 e49e51244fd219ff2191d75aadd3be4bbb8adf35 98a9253151b22574fe7f11829de0f8b5de1f2f5985295cdffe7a3d56fa3dc716 Loading...

	edge.fullstory.com/s/fs.js	253 kB	2023-03-07	2023-03-08
Pretty URL edge.fullstory.com/s/fs.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:45:05 Last Seen2023-03-08 03:47:02 Times Seen1 Hash 6d6bcf2eb2acba7e9998402d9fc176f5 2eaa929b1b6318b7b3108d59c1497dd6b571ec43 25811fecdea7f61529eac181b06f990d1d6e73eeb61215c00df164621b729282 Loading...

	www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C	72 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 05767ea3358595f1121304133ca91186 9cc28d62d149415bc7708e7d4c65a0a679017c65 6c8e8873e5f00c38cae3d86f5fe172fe8d8192995d2b7180c9801bbf46d29c12 Loading...

	open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.0bd2e6ee.js	632 kB	2023-03-08	2023-03-08
Pretty URL open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.0bd2e6ee.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:20:06 Last Seen2023-03-08 01:20:08 Times Seen1 Hash 8edf12d4fb0a44acff1dda9d72e9e819 1e303895b9410c56746de79f0446dd749e9e2827 5753c86501b25557a2ded9d0d299ef35bf16c9e2433e65e15c088b089fb12bbc Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1204285308&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_98555C0CA24A4B51AF4968E905C1F87C	729 B	2023-03-08	2023-03-08
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1204285308&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_98555C0CA24A4B51AF4968E905C1F87C IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:40:26 Last Seen2023-03-08 00:40:26 Times Seen1 Hash dc93d7baea8092e7354a2d350d6df5e7 cbfc502d58140718277019d0ae64a2017cdb96c5 7b006f6de2745b59a3d731b8f7183958b5d420e317f67f16cbf50ca6d5d635c1 Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1204285308&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_98555C0CA24A4B51AF4968E905C1F87C	542 B	2023-03-07	2023-03-17
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1204285308&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_98555C0CA24A4B51AF4968E905C1F87C IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 2ccd12d03fad8f3e6cecde40cdd802ba 28d041241344c759642b1788adcf27b0582c7e04 56430687824251353e667ff24b449b626c78df2e3b7da8d829dd1a49b5a2708c Loading...

	open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js	742 kB	2023-03-07	2023-03-08
Pretty URL open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:53 Last Seen2023-03-08 03:11:50 Times Seen1 Hash 0afe273148d4728a9f38436db36c8431 b264b83d6d750ccddb4603db4b2ac7bc3752ac31 b566eb9e18f40e97326ff40241ad4db171b8183e57058abdb9fcb4f1f0b3bbe0 Loading...

	scripts.mediamathrdrt.com/safeframe	173 B	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash ed2ee4ac79bc7af5967acee3f32c0b7c ce88dc9a9fb3501823b374291671d5016581a8de 975e4354b54fbad37d4342e331a35b41188179551e25da7bd06bda1d5649fb76 Loading...

	track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=\|&ord=237188630032&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&Set1=en-US%7Cen-US%7C1280x1024%7C24	385 B	2023-03-08	2023-03-08
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=\|&ord=237188630032&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 37.157.2.234 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:40:26 Last Seen2023-03-08 00:40:26 Times Seen1 Hash 79026cc3d25c8e9d65999630dc057671 c547a9fd1303ea5eee51485bccfa729eb653b54d 7743e2eed676b05c16ba8b0dcac27fb1b665d64e4669c1cab4bb84bdedf8018d Loading...

	whampamp.com/4/5087048?var=ag2	8.9 kB	2023-03-07	2023-03-10
Pretty URL whampamp.com/4/5087048?var=ag2 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:47:57 Last Seen2023-03-10 11:11:14 Times Seen1 Hash 18f6d61af48cf7aabd486dcfff42a496 63295685ac129d84bbfa71be5f4c9d888f9f04f6 d4f50d1f12704c18a6d8ab9b53de21ca333c852d8f7c1dce304a1f10989cbe37 Loading...

	www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C	244 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 251b3c4f175a3557d020af7276e3a62c 78d8f5a1fc8fa63a6b05f87b13beb475f68d065a b681075422c11c3cf1edf3e9aac4a0ac48bbe5f5302eeb45f3f63a82e779fe24 Loading...

	s2.adform.net/banners/scripts/st/trackpoint-async.js	80 kB	2023-03-07	2023-03-08
Pretty URL s2.adform.net/banners/scripts/st/trackpoint-async.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:03 Last Seen2023-03-08 05:30:10 Times Seen1 Hash 64271612f9771203ff18d1de033d1b31 a36154bbc0392453b207291b5580323c739799b1 faa7c5a62d21d645024e4385c3dfaf01614dffb80b2f51e9aa07b3a35a2c5090 Loading...

	scripts.mediamathrdrt.com/safeframe	3.6 kB	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash 94ddf5c543e810ada88812cdb346392a a4414d0d384c7d405d8f23fcaf18ee61d8895cce 513a33d7b370a1a09ffe81463bd0575c9d697b21a4f97ef09d25543ddf3bd1b1 Loading...

	www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C	409 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 1975ca962a84729519ec67c01b3b24a6 343814a3878553f938081eaca8e1acd975420b9d 750dd2532ed69312546d95f623a804e030b3d2d2c1e167be87c746a8c6c0cf14 Loading...

	whampamp.com/4/5087048?var=ag2	5.4 kB	2023-03-08	2023-03-08
Pretty URL whampamp.com/4/5087048?var=ag2 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:40:26 Last Seen2023-03-08 00:40:26 Times Seen1 Hash 3c7ffb5854f690f7e64921aa4581e65f fb5ec9dc23decd0a5e985825b0030606271a16f3 716efa29b27a218c3d493ad5295eef171ec0195ae40cfcabd416bf3ab6b40703 Loading...

	www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C	373 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e94fe87cb0f9b191e8a2f2c0fa5e267a 3c2deb6b38f8cf76c90e2b6bd12161bccbc8ca9b 51c583bce95c19f63dcd7bc23d3cd1267ad6f710e77f1b946717d231c60dbc5f Loading...

	www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C	68 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e239a24babf5dcada90d18e249730189 a03c92a556330ca1c9611eb6d488aacc7889df2e a1e90c45f22ab45026fe49d18aa82a55e295ec4efa4aaf16e3f04365567bc0e2 Loading...

HTTP Transactions (119)

URL IP Response Size

safe-guard.site/mx/env/totalplay/

212.237.233.86

302 Found

0 B

URL HTTP/1.1
safe-guard.site/mx/env/totalplay/
IP
212.237.233.86:0
ASN
#212531 UAB Interneto vizija

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mx/env/totalplay/ HTTP/1.1
Host: safe-guard.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sat, 24 Sep 2022 21:40:11 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ag2
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11883
Expires: Sun, 25 Sep 2022 00:58:14 GMT
Date: Sat, 24 Sep 2022 21:40:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C_m75ai0FgS2j14vVn6_mWpejeUyyKCvnZ-VeIB0521yuYMs3ZVfQg==
age: 61497
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

13.224.132.44

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
13.224.132.44:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 21:05:47 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5bcd40a2316c5562d7412ab736bca3a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: KZRrq-e8BBdqJA9Q61SFDwiDIKHIj1ATxLryFz_SpME-YkKHALkXOg==
Age: 2064

whampamp.com/4/5087048?var=ag2

139.45.197.236

200 OK

7.1 kB

URL HTTP/1.1
whampamp.com/4/5087048?var=ag2
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8753)
Size
7.1 kB (7140 bytes)
Hash
109afc458a3f2441d4e5381819876882
b75fbd219e668b833baee8788538a53c4abe389f
c7d1313b749a1f5e1a593fc0c87fde25af2fb21291325ba43d9bf67cdf248a14

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/5087048?var=ag2 HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 21:40:11 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 123f3b36088a5bd9b381b881e02f4bc9
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=282e2a4887654424a1ec6b443d340827; expires=Sun, 24 Sep 2023 21:40:11 GMT; path=/
oaidts=1664055611; expires=Sun, 24 Sep 2023 21:40:11 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 21:40:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f29a678b472b135eeec39af31d5114dc
3081b9afbbad4b726fc48a7b78255ee1081b7135
0a1f4757bf58c7492ce995087886375fb50f0872e626b5bd5d8749cb13b5f95d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 21:40:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 16:52:35 GMT
Expires: Thu, 29 Sep 2022 16:52:34 GMT
Etag: "3081b9afbbad4b726fc48a7b78255ee1081b7135"
Cache-Control: max-age=414142,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fead56bc5cb521-OSL

datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314

139.45.195.253

200 OK

2 B

URL HTTP/1.1
datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314
IP
139.45.195.253:0
ASN
#9002 RETN Limited

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 453
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 24 Sep 2022 21:40:12 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 21:40:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=419708,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fead56a936b52d-OSL

whampamp.com/favicon.ico

139.45.197.236

204 No Content

0 B

URL HTTP/1.1
whampamp.com/favicon.ico
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ag2
Cookie: OAID=282e2a4887654424a1ec6b443d340827; oaidts=1664055611

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 24 Sep 2022 21:40:12 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

my.rtmark.net/img.gif?f=merge&userId=282e2a4887654424a1ec6b443d340827

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=282e2a4887654424a1ec6b443d340827
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=merge&userId=282e2a4887654424a1ec6b443d340827 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 21:40:12 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=282e2a4887654424a1ec6b443d340827; expires=Sun, 24 Sep 2023 21:40:12 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

13.224.132.44

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
13.224.132.44:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 21:20:46 GMT
Expires: Sat, 24 Sep 2022 21:55:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f715245c12dc1f6bdadc387db50e442c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: IsUNOo0XOptXiqaqZYQD10E3iQBHAW5f0G0l34TxeY-gbUUmXz7r8Q==
Age: 1166

whampamp.com/?z=5087048&syncedCookie=true&rhd=false

139.45.197.236

302 Found

0 B

URL HTTP/1.1
whampamp.com/?z=5087048&syncedCookie=true&rhd=false
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 447
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=282e2a4887654424a1ec6b443d340827; oaidts=1664055611
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 24 Sep 2022 21:40:12 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 1a4883a3ab7c361c5c20eb77c9858abf
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597655156217360862&subid1=5087048&cost=0.001923&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=282e2a4887654424a1ec6b443d340827; expires=Sun, 24 Sep 2023 21:40:12 GMT; path=/
oaidts=1664055611; expires=Sun, 24 Sep 2023 21:40:12 GMT; path=/
syncedCookie=true; expires=Sat, 01 Oct 2022 21:40:12 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 906
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:12 GMT
Last-Modified: Sat, 24 Sep 2022 21:25:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb4c7699a20964e546d9587c832dea8a
6ae6ec864620166d3c71921ea03fe2dc2f713375
04d8d473fd14d64a80b1fadaa049f2f758cdc7a3db74d4f4892ade68a5b68f24

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04D8D473FD14D64A80B1FADAA049F2F758CDC7A3DB74D4F4892ADE68A5B68F24"
Last-Modified: Sat, 24 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16932
Expires: Sun, 25 Sep 2022 02:22:24 GMT
Date: Sat, 24 Sep 2022 21:40:12 GMT
Connection: keep-alive

eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597655156217360862&subid1=5087048&cost=0.001923&rdk=rk3

157.90.33.78

302 Found

0 B

URL HTTP/2
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597655156217360862&subid1=5087048&cost=0.001923&rdk=rk3
IP
157.90.33.78:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597655156217360862&subid1=5087048&cost=0.001923&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sat, 24 Sep 2022 21:40:12 GMT
content-length: 0
x-trace: 166862826ffa096d484f12ebac7a4eb1
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=WLDw6wfrQV2hMme6Onmpfw; expires=Sun, 24 Sep 2023 21:40:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop

35.227.234.222

302 Found

0 B

URL HTTP/1.1
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
IP
35.227.234.222:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 24 Sep 2022 21:40:12 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google

push.services.mozilla.com/

35.162.203.49

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.203.49:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RnSL8AAH25CrZUHKIXIgcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uAX/TRsVjB5GlUKd8CPGHkhMZfE=

media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575

23.36.79.9

301 Moved Permanently

0 B

URL HTTP/2
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP
23.36.79.9:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 24 Sep 2022 21:40:12 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 21:40:12 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664055612788)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C20229242140%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%225117917%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Mon, 24-Sep-3021 21:40:12 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=100
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3144f1238bfc47b688919ec2fb2f1d9a
06a32006bbb1e0f1c44bba6c86c01fe8b6c7e83e
d6010e4a702073c58b5db4014bef15694f2e550dcb261b6e7c508ec29bfbc388

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:12 GMT
Server: ECS (amb/6B9B)
Content-Length: 280

www.megarush.com/fonts/Inter-Regular.woff2

172.67.22.147

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Regular.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Size
10 kB (10108 bytes)
Hash
5ec57a5a91c67095e4a7e91ac375ffb1
23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5

HTTP Headers

GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: font/woff2
content-length: 10108
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3913
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead5dbdb0b524-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/DS-Digital.woff2

172.67.22.147

200 OK

776 B

URL HTTP/2
www.megarush.com/fonts/DS-Digital.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Size
776 B (776 bytes)
Hash
789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248

HTTP Headers

GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: font/woff2
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3793
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead5dbdb1b524-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-ExtraBold.woff2

172.67.22.147

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-ExtraBold.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Size
10 kB (10484 bytes)
Hash
d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c

HTTP Headers

GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: font/woff2
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3913
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead5dbdaeb524-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Bold.woff2

172.67.22.147

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Bold.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Size
10 kB (10508 bytes)
Hash
a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37

HTTP Headers

GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: font/woff2
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3913
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead5dbdafb524-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-K4GPX49

142.250.74.72

200 OK

51 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (23513)
Size
51 kB (50664 bytes)
Hash
49b2c023ca480e3e741b261fe661817f
bbf1636c7e2ddd24e0f0098187ac66906eb4cbe5
2ec5efea39f79acad275d2a1c351dd9126d62b526a7962696bb50b25d4dd593c

HTTP Headers

GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 21:40:13 GMT
expires: Sat, 24 Sep 2022 21:40:13 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50664
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
7742a05d973f02cf3432d34b2a3a5624
ecb79d116cb857b82c184e8444d7e046ee47029b
d88363206be929a01659c67bc1f86913b9b14039ae509fa14545263d6d2b50c1

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D88363206BE929A01659C67BC1F86913B9B14039AE509FA14545263D6D2B50C1"
Last-Modified: Sat, 24 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2569
Expires: Sat, 24 Sep 2022 22:23:02 GMT
Date: Sat, 24 Sep 2022 21:40:13 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
7742a05d973f02cf3432d34b2a3a5624
ecb79d116cb857b82c184e8444d7e046ee47029b
d88363206be929a01659c67bc1f86913b9b14039ae509fa14545263d6d2b50c1

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D88363206BE929A01659C67BC1F86913B9B14039AE509FA14545263D6D2B50C1"
Last-Modified: Sat, 24 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2569
Expires: Sat, 24 Sep 2022 22:23:02 GMT
Date: Sat, 24 Sep 2022 21:40:13 GMT
Connection: keep-alive

www.megarush.com/js/chunk-vendors.25e1a372.js

172.67.22.147

200 OK

106 kB

URL HTTP/2
www.megarush.com/js/chunk-vendors.25e1a372.js
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
106 kB (106019 bytes)
Hash
1664356370dc417876eaa3ccd2e0b948
63286c5d2002be68cefc19695c6fe571a1b738c4
bae847efae39616cf19c9eca913a511f019b4a102928628aed6c65ee4c12af36

HTTP Headers

GET /js/chunk-vendors.25e1a372.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6527
server: cloudflare
cf-ray: 74fead5dbdb6b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/index.3e5fca25e481a764411c.css

172.67.22.147

200 OK

45 kB

URL HTTP/2
www.megarush.com/index.3e5fca25e481a764411c.css
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
45 kB (44900 bytes)
Hash
10a62f5837cacce52a81afc5bbbadbc1
2a39bcc43a2d23799fc979122423a9043f24ed9a
cd2a3e2a105a6e3501b16b4d69a79a042abdb79b82953ea8a44f81d2537f67eb

HTTP Headers

GET /index.3e5fca25e481a764411c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6472
server: cloudflare
cf-ray: 74fead5dbdb5b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 24 Sep 2022 20:41:09 GMT
expires: Sat, 24 Sep 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 3544
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C

172.67.22.147

200 OK

3.2 kB

URL HTTP/2
www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.2 kB (3180 bytes)
Hash
0485a6d584d42e8b42370f876bd1a4c0
27e0e55c76be790cab7766576153382adfb2faf3
63f64a6b5971e0d51df0dffce85830a14ced91c015de575b1637a7c2e05265c3

HTTP Headers

GET /nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/html
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-497zf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead5d3d13b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js

108.156.13.178

200 OK

16 kB

URL HTTP/1.1
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP
108.156.13.178:0
ASN
#0

File type
ASCII text, with very long lines (16536)
Size
16 kB (16537 bytes)
Hash
9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a

HTTP Headers

GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 11:24:13 GMT
ETag: "9f2263de140cc78c0737d17051307016"
X-Cache: Hit from cloudfront
Via: 1.1 14b5d848e0a4cab1de054891ea1e787c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL51-P1
X-Amz-Cf-Id: 9xxc3DMAuZj0eAUQ0onjZiM_0qz8ZtefSZViofKV9PrNx7PAaLMrgA==
Age: 36961

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0a857ec357c4926f2ff239f9a31bb9bb
a5a58af0cbec26484ecc20b0a77abfd9793afa23
286f60e4d1f4321e2541bc84299afd02a2729bd3f97c7af719dd1c7fc2e9b773

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4254
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:13 GMT
Last-Modified: Sat, 24 Sep 2022 20:29:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

www.megarush.com/base.css

172.67.22.147

200 OK

65 kB

URL HTTP/2
www.megarush.com/base.css
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
65 kB (64560 bytes)
Hash
18996a1a3024dd09903d85c22a5cd46e
ce06f244696433f43ef34303058e6c9dbe5d494e
c3098b418fb4b9f7389c4f22ccec8906ed6997401d899c1b61398980853df7a6

HTTP Headers

GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Tue, 20 Sep 2022 19:46:31 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6263
server: cloudflare
cf-ray: 74fead5dbdb2b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.google-analytics.com/collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612&gtm=2wg9l0K4GPX49&z=2006441161

142.250.74.174

200 OK

35 B

URL HTTP/2
www.google-analytics.com/collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612&gtm=2wg9l0K4GPX49&z=2006441161
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612&gtm=2wg9l0K4GPX49&z=2006441161 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Sat, 24 Sep 2022 12:50:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 31789
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEBAAEABAAAAAC~&jid=214743944&gjid=356499025&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612&_r=1&gtm=2wg9l0K4GPX49&z=1767156809

142.250.74.174

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEBAAEABAAAAAC~&jid=214743944&gjid=356499025&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612&_r=1&gtm=2wg9l0K4GPX49&z=1767156809
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j97&a=453464873&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEBAAEABAAAAAC~&jid=214743944&gjid=356499025&cid=1149379812.1664055612&tid=UA-143790984-2&_gid=969443498.1664055612&_r=1&gtm=2wg9l0K4GPX49&z=1767156809 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.megarush.com
date: Sat, 24 Sep 2022 21:40:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632f793cd3a0cae114a29c3c

104.18.38.157

101 Switching Protocols

0 B

URL HTTP/1.1
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632f793cd3a0cae114a29c3c
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632f793cd3a0cae114a29c3c HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GHrHB7xUt9I7lCvbJpbsmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Sat, 24 Sep 2022 21:40:13 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: GU2o4why2ySQPwjyKSMdbX68ROQ=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=a97e9b23ef57e88ea120d9331828b0a7; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fead613f06b518-OSL

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
82db53eefc48dfca8cb998427a0bcc8e
7174a3d479ad51c7a0acac5a804cadbd1b0c16d8
b7f270699334895cd526e18412d366dcb647492e03cef6f1f3f76b41e0841bca

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

megalotto-static.gigmagic.io/translations/no.json

172.64.149.99

200 OK

75 kB

URL HTTP/2
megalotto-static.gigmagic.io/translations/no.json
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Size
75 kB (75076 bytes)
Hash
c2bbcc94bb88bd8501e783cb5309f53a
0866706258d25179ff9f25f1185d54e8a9222eec
dc6d64b029ac273b3bfb1434db5f41e784532e7896343388fc5635fdbbd91cd2

HTTP Headers

GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: application/json; charset=utf-8
content-length: 75076
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 20 Sep 2022 12:59:05 GMT
etag: "c2bbcc94bb88bd8501e783cb5309f53a"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead620ef6fab8-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d9eff21729a0c32955af875ed373b4b0
308b854f40b1f64aa2acfd290d19949530d44c34
46894d8a5b637e4f3bb5e22980e12cd28d07c484f89999ef99917f8371d0491c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46894D8A5B637E4F3BB5E22980E12CD28D07C484F89999EF99917F8371D0491C"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6929
Expires: Sat, 24 Sep 2022 23:35:42 GMT
Date: Sat, 24 Sep 2022 21:40:13 GMT
Connection: keep-alive

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

172.64.149.99

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=e8751e5421811b1fce445d4dd9bfadea; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead637ff2fab8-OSL
X-Firefox-Spdy: h2

rs.fullstory.com/rec/page

35.186.194.58

202 Accepted

76 B

URL HTTP/2
rs.fullstory.com/rec/page
IP
35.186.194.58:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
76 B (76 bytes)
Hash
483ffa09cea154d304956a80f8b6b0cc
8c4675aeda7de53c381d4027ac239f0ea83a82ca
39cd29318acd06252db1fc7edf14ce35ebbd083cf672cd371bb0e40340370f08

HTTP Headers

POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 377
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 21:40:13 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15690
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 21:40:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15690
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 21:40:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15690
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 21:40:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15690
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 21:40:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8354 bytes)
Hash
e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dXqPCGTGK8gW86McTltPuNYKXQgUuSqcL_XbyRQitinH5LsUscmU2w==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 85945
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-4.png

172.67.22.147

200 OK

786 B

URL HTTP/2
www.megarush.com/img/home-page/coin-2-4.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Size
786 B (786 bytes)
Hash
dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09

HTTP Headers

GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31041010
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead642d78b524-OSL
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/promotions/filter

172.64.149.99

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=ec165fe678b48342d2debd4134e1852b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead63f84efab8-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10032 bytes)
Hash
aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 85398
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-2.png

172.67.22.147

200 OK

2.2 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-2.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Size
2.2 kB (2192 bytes)
Hash
c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca

HTTP Headers

GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7098236
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead642d7cb524-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6386 bytes)
Hash
d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 85658
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-3.png

172.67.22.147

200 OK

1.8 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-3.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1807 bytes)
Hash
fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680

HTTP Headers

GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9501999
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead642d7eb524-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:59:08 GMT
age: 85266
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d9eff21729a0c32955af875ed373b4b0
308b854f40b1f64aa2acfd290d19949530d44c34
46894d8a5b637e4f3bb5e22980e12cd28d07c484f89999ef99917f8371d0491c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46894D8A5B637E4F3BB5E22980E12CD28D07C484F89999EF99917F8371D0491C"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6928
Expires: Sat, 24 Sep 2022 23:35:42 GMT
Date: Sat, 24 Sep 2022 21:40:14 GMT
Connection: keep-alive

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10279 bytes)
Hash
8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:12:38 GMT
age: 62856
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/mega-jackpots.png

172.67.22.147

200 OK

64 kB

URL HTTP/2
www.megarush.com/img/home-page/mega-jackpots.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Size
64 kB (63747 bytes)
Hash
b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d

HTTP Headers

GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9495540
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead645da8b524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-1.png

172.67.22.147

200 OK

3.5 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-2-1.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Size
3.5 kB (3452 bytes)
Hash
09e800f81a52a109cbf3a8b2f8e727bf
d44509cdbddce4991b70f10276c47786e9993d0b
8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376

HTTP Headers

GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31041010
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead645daeb524-OSL
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/games/no_NO.json

172.64.149.99

200 OK

714 kB

URL HTTP/2
megalotto-static.gigmagic.io/games/no_NO.json
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
714 kB (714008 bytes)
Hash
2b8d7eb8d9f56918e231833888a022c4
38aa421f60d49dc4f204d473c435e34529e2e9e8
b3fe1abb3128d08ba81a2de1ae727dba1fc4fec2f829a44dceeb23a219dfc3f9

HTTP Headers

GET /games/no_NO.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: application/json; charset=utf-8
content-length: 714008
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 06 Sep 2022 08:13:41 GMT
etag: "2b8d7eb8d9f56918e231833888a022c4"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead637feefab8-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9935 bytes)
Hash
55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 85584
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-1-1.png

172.67.22.147

200 OK

4.3 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-1-1.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4257 bytes)
Hash
214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0

HTTP Headers

GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31041010
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead645dadb524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-2.png

172.67.22.147

200 OK

2.6 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-2-2.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 61 x 69, 8-bit colormap, non-interlaced\012- data
Size
2.6 kB (2616 bytes)
Hash
bba9175cb7f05129ab03029f757b73ec
3efab582d082e5eb7f9ad9106f564c6f95e1fcc0
5ec2a2d82d3f356dcda627c1858e64278702b9c348f707287c9e72d0cbe05ad7

HTTP Headers

GET /img/home-page/coin-2-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 2616
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-a38"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9497842
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead645db0b524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-1.png

172.67.22.147

200 OK

4.4 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-1.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4434 bytes)
Hash
3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6

HTTP Headers

GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31041010
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead646db6b524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/benefits/promotions.png

172.67.22.147

200 OK

21 kB

URL HTTP/2
www.megarush.com/img/benefits/promotions.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21005 bytes)
Hash
0d9863db2ba8c87a673de9ea91482d5e
daca14014aeb80e137b6682a8c816cdd92639b2c
131582b1399fc62d9464a553a37bf6938d29fa48852a4d2564a3f6315f366911

HTTP Headers

GET /img/benefits/promotions.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 21005
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-520d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2617297
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead64adefb524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/benefits/loyalty.png

172.67.22.147

200 OK

9.7 kB

URL HTTP/2
www.megarush.com/img/benefits/loyalty.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Size
9.7 kB (9659 bytes)
Hash
df4d6dc1ebb3bbbace8d15ec77486d46
287e7185a17258c716cbf616aa95287c0db255a9
a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8

HTTP Headers

GET /img/benefits/loyalty.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 9659
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9497842
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead64adfdb524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/benefits/megaclub.png

172.67.22.147

200 OK

11 kB

URL HTTP/2
www.megarush.com/img/benefits/megaclub.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10578 bytes)
Hash
6a13cb2219f5d42d2a9c95d9104ef8b2
7fcbf688a27942e5fc89d5796144c17095336a41
02796f7fee25c816673368b88fae179a1d4ac8210b8c1dd5198825e56e592e66

HTTP Headers

GET /img/benefits/megaclub.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 10578
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2722820
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead64ae07b524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/feel-the-rush.png

172.67.22.147

200 OK

49 kB

URL HTTP/2
www.megarush.com/img/home-page/feel-the-rush.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data
Size
49 kB (48691 bytes)
Hash
141c6d0e374b086cf1d604173cb607c8
9e5531e6e26ad4cb621dd35d9521b167ce99ca53
c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2

HTTP Headers

GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 48691
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31041010
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead64ae0db524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/netent.svg

172.67.22.147

200 OK

21 kB

URL HTTP/2
www.megarush.com/img/icons/netent.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
21 kB (20845 bytes)
Hash
7fe331ae716b8d350d03bd6dbc5b034b
f85525d62222dbd204319fbfc9dcdd94f2e66deb
910426337e4e5157f1802c2041ee67231cc9c4f26c45b4aac4ac3214e8a85201

HTTP Headers

GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9503280
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead644d9bb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/affiliates/online-gamblers.png

172.67.22.147

200 OK

14 kB

URL HTTP/2
www.megarush.com/img/affiliates/online-gamblers.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14178 bytes)
Hash
9c612bb3dbe37436b86ec881eecb90c4
45722b1f16d3b61f2803fa3bb78403414bd3a442
e92c2f751a6eddbd489bf745193c6af18af7d1f270396f0a0d40efc778c5672c

HTTP Headers

GET /img/affiliates/online-gamblers.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 14178
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-3762"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266438
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead659f34b524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/affiliates/norges-casino.png

172.67.22.147

200 OK

12 kB

URL HTTP/2
www.megarush.com/img/affiliates/norges-casino.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data
Size
12 kB (12111 bytes)
Hash
453efb7650d4c514229ddc7cb4b5d04f
f00e51876a720516521db90908019e5ccebe0397
d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e

HTTP Headers

GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 12111
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266438
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65af5cb524-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5c642fd2431f428b56a0b4dc797518e1
9642d1602fa7f92b341d90fe2279e03ba7010993
3317c90690b614384073a3552a5b7a0b8378943e54c910539a01c1b42d9dfe8e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1894
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 21:40:14 GMT
Last-Modified: Sat, 24 Sep 2022 21:08:40 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

www.megarush.com/img/icons/promotions--updated.svg

172.67.22.147

200 OK

1.2 kB

URL HTTP/2
www.megarush.com/img/icons/promotions--updated.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.2 kB (1180 bytes)
Hash
5f928553fd7d8fc9e03feb8f2c8aafcb
3f6eb219746f65b9dc14e9701e6366e818664e10
69102dadc45f6bf32576c9b2942152bde602bf63c89b36de8274597dc75f1674

HTTP Headers

GET /img/icons/promotions--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9497842
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efcbb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/relaxGaming.svg

172.67.22.147

200 OK

7.4 kB

URL HTTP/2
www.megarush.com/img/icons/relaxGaming.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
7.4 kB (7410 bytes)
Hash
f46a365cf1504bb02ad978368cf9487d
5cb9fbec22a0c09eef3a3dfe5256c5564da65262
a3d4d6a3d2f8dd9a791bc2176e1ee48cb35c2385f149041348319ebb1c5ee56b

HTTP Headers

GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7098236
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead644d93b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gambleaware18.svg

172.67.22.147

200 OK

36 kB

URL HTTP/2
www.megarush.com/img/icons/gambleaware18.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
36 kB (35997 bytes)
Hash
7e4b5fe48b2cafe829299e87d33e81a7
d81e65b0f15278b8c4c3208b903c06cd8f5055d9
f5db1a9a7ad6a69677db033e307bb77818692449f6d0050cbac648184c830f07

HTTP Headers

GET /img/icons/gambleaware18.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9495699
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead663870b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--flat.svg

172.67.22.147

200 OK

77 kB

URL HTTP/2
www.megarush.com/img/icons/live-casino--flat.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
77 kB (76583 bytes)
Hash
7be0bf9c1e2b835f789abc610a853a53
f05a0c05d3a2a48aff0363b1324ded9253816c76
3b1f29db7a31dc759d5c36eb1aff374325c0f29bbe5741db59419fd9bfc9731a

HTTP Headers

GET /img/icons/live-casino--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efcfb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/question-mark-1.d872b1da.png

172.67.22.147

200 OK

54 kB

URL HTTP/2
www.megarush.com/img/question-mark-1.d872b1da.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 632 x 820, 8-bit colormap, non-interlaced\012- data
Size
54 kB (53566 bytes)
Hash
d872b1daeb19c1afe87b87c10de4343d
40c2dbf4eea216df495b10b6c039356432b41c4f
56d454faccb635efca719d35f33cd06b0131c75ee321a7f1fb6914099ebdcf96

HTTP Headers

GET /img/question-mark-1.d872b1da.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/png
content-length: 53566
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-d13e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8633951
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead66d933b524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/casino--side-nav.svg

172.67.22.147

200 OK

84 kB

URL HTTP/2
www.megarush.com/img/icons/casino--side-nav.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
84 kB (84489 bytes)
Hash
cae16df593c0cf932a6ee609c1a5209c
1665d7926975b32ab032222889c23091c7c86007
a233b9b204f493a30cacb69329a8b2b501ba569485d9285d88a861b3401ec8a8

HTTP Headers

GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18014035
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65bf5eb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--yellow.svg

172.67.22.147

200 OK

64 kB

URL HTTP/2
www.megarush.com/img/icons/live-casino--yellow.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
64 kB (64495 bytes)
Hash
5ec1558b231784a44451ad3503781be8
d423f92c9af4f9e6e8b472ba5f88617f6dc2fe64
3e8569e062ca18c64f78aa9f7285cc5cdbc5acb16b1cc36e10077713597af587

HTTP Headers

GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17991309
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efc7b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/payments.svg

172.67.22.147

200 OK

11 kB

URL HTTP/2
www.megarush.com/img/icons/payments.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (13268), with CRLF, LF line terminators
Size
11 kB (10677 bytes)
Hash
034f34b43ce2424bd9c0ee32df2082a9
e0a7f481de97e4a68fcecfc0f5262b5c3bd703b7
6c33602c2140dde4938d23891faa68d15e7ce040798af0ece671718ae10c7c61

HTTP Headers

GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9501999
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efccb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/half-blue.svg

172.67.22.147

200 OK

3.9 kB

URL HTTP/2
www.megarush.com/img/home-page/glows/half-blue.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (23516)
Size
3.9 kB (3938 bytes)
Hash
156bc80e585b13d85f7aad8605a04c60
b4e92c4adf151fdb8505896f282fbbc0ae73a00d
86da854b7bc94a58c4ff23e74f08da51cf0ad56afc1b0eb3b84e3766fe4569e0

HTTP Headers

GET /img/home-page/glows/half-blue.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-2a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30020044
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead66c927b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/playAndGo.svg

172.67.22.147

200 OK

131 kB

URL HTTP/2
www.megarush.com/img/icons/playAndGo.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (59601)
Size
131 kB (131146 bytes)
Hash
0649eb26d67fe3e1cc9186f6d87b12a3
b639925c31f4cb8c7e4be05681abe961d9b75be2
a339d1525588c4009be7e20d83c46e31b20de855aa2b63c78e355b90e1358ba6

HTTP Headers

GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31040841
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead644d91b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/search.svg

172.67.22.147

200 OK

217 kB

URL HTTP/2
www.megarush.com/img/icons/search.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (64409)
Size
217 kB (217083 bytes)
Hash
9126e58a3fbcb4b4b6509e188e1353cc
1b4a07e08b027ae39b6a0d72ca76da43b403f398
55f37949660ac1898fbb4fd917a7f2b815b5c3dd69f361e58e59ae90338afc7d

HTTP Headers

GET /img/icons/search.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-212"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efd3b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/trustly--white.svg

172.67.22.147

200 OK

1.2 kB

URL HTTP/2
www.megarush.com/img/icons/trustly--white.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.2 kB (1249 bytes)
Hash
84f88308ae10fb8a353d188607dda56e
ab7a8af71d1a256e6306a7b9bfeedfb24d5eaf0c
a935c84d3b457b348921d99c300e1ab952883799bcc94b6389e6b39924de6caa

HTTP Headers

GET /img/icons/trustly--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9503280
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f803b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/games--flat.svg

172.67.22.147

200 OK

6.2 kB

URL HTTP/2
www.megarush.com/img/icons/games--flat.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.2 kB (6217 bytes)
Hash
ee13cf7b4fcfa8cc6f861adc060c6ba3
f8c870c9ef74ef5cb106858ba16892f2c74c3909
60d5302ea8c5c4c3dbb95a555199239ea77787fb673b91eac0be974ada7dd412

HTTP Headers

GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efceb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/promotions/filter

172.64.149.99

200 OK

2.3 kB

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.3 kB (2310 bytes)
Hash
0d1bb65918f27e42716e8e42899b358b
bb4aa211c084894d9d3566bb587476e367047b51
75ed2a280debad989d2e1e66743ca75ba9192547445861c9edb0058291b8bda2

HTTP Headers

POST /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 632f793cd3a0cae114a29c3c
Origin: https://www.megarush.com
Content-Length: 47
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=a97e9b23ef57e88ea120d9331828b0a7; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead644890fab8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png

104.18.38.157

200 OK

10 kB

URL HTTP/2
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, AVIF Image\012- data
Size
10 kB (10434 bytes)
Hash
28ccbd410f5b5e0e33516f7e71bcc0a7
0c6d269f173969c51a90daf5b3fc6eca0ed4c708
419bd04af07cecfa20d4290e95e7a9f13a1d75f28b9adc9da8b2e10d183812f6

HTTP Headers

GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 06 Sep 2022 09:45:02 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 66cd5b3423986c504740641be9f0a18ddd2feace
x-imgix-render-farm: 01.1072
age: 1598111
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-ams12739-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead642c470afa-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/menu.svg

172.67.22.147

200 OK

96 kB

URL HTTP/2
www.megarush.com/img/icons/menu.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
96 kB (95983 bytes)
Hash
a39b761158137e86d73160e27c09fcc1
0ab0b6c2eb48f59a63572a8b47594fa091511b64
0fa4606d9f3f00a8786788cfb7b50bd79c5129b59fc5aeebd05d5616bd678ab4

HTTP Headers

GET /img/icons/menu.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Mar 2022 09:55:04 GMT
etag: W/"62330578-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16273196
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efd4b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

112 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
ada688893d3bb826641c5154ba87fffe
8b542749a632699ac961fc00c90cff721aba538f
638316d72cf3bb9e9e5b22da2e2da0c1c30b2f7ad8b438e717cf3a454add38a1

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 112
date: Sat, 24 Sep 2022 21:40:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

graphql.datocms.com/

104.22.3.238

200 OK

132 kB

URL HTTP/2
graphql.datocms.com/
IP
104.22.3.238:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
132 kB (131473 bytes)
Hash
0a0beb358f4f21ca23131a5f791a0258
52daa6d54687b82532427438e4bce02fb66eddbd
8f8b8b6395dc6232b333ae0dab15bb8a4bb90932f9600649e4257b1c5c8fb006

HTTP Headers

POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
authorization: Bearer 35d777e787abbc619166a62135c433
Content-Length: 151
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:15 GMT
content-type: application/json; charset=utf-8
cf-ray: 74fead6b7e2db512-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 1618823
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 42
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4336-DUB, cache-bma1665-BMA
x-timer: S1664055615.325872,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2

rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js

13.224.132.9

200 OK

271 B

URL HTTP/2
rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
IP
13.224.132.9:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
271 B (271 bytes)
Hash
34e255255d25312b08a2cc8566b5bf38
56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23

HTTP Headers

GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sat, 24 Sep 2022 21:18:40 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d01c9eafefacaa6322fccd6199f781c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: gTwsoummSn56QTsYMWiShlaeNyP_cwesUfGzUFMJh_r3KfWPpWnPCg==
age: 2283
X-Firefox-Spdy: h2

encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2

151.101.86.248

200 OK

90 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
data
Size
90 kB (89536 bytes)
Hash
fe1cfc14b7498b187c78fa72fb72d148
6bec8ce832951162e0ebc4b257e3ee850fe7aade
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879

HTTP Headers

GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Sat, 24 Sep 2022 21:40:15 GMT
Age: 1133636
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 10
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

pxl.qccerttest.com/pixel?r=965339072;fpan=1;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614357;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ogl=

143.204.55.21

200 OK

35 B

URL HTTP/2
pxl.qccerttest.com/pixel?r=965339072;fpan=1;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614357;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ogl=
IP
143.204.55.21:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel?r=965339072;fpan=1;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614357;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 35
date: Sat, 24 Sep 2022 01:48:50 GMT
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t3ibIPqKo3VSm4BijmmsOzdrnb6gT7h7FLWjAiumDCSWnlBeoAj63g==
age: 71486
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Origin
X-Firefox-Spdy: h2

pixel.quantserve.com/pixel;r=1201983825;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614359;tzo=0;ogl=;ses=ca5aa42c-c95b-4973-bc1e-fced8cc656ac

91.228.74.244

200 OK

35 B

URL HTTP/2
pixel.quantserve.com/pixel;r=1201983825;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614359;tzo=0;ogl=;ses=ca5aa42c-c95b-4973-bc1e-fced8cc656ac
IP
91.228.74.244:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel;r=1201983825;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1204285308%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_98555C0CA24A4B51AF4968E905C1F87C;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-536090479-1664055614357;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664055614359;tzo=0;ogl=;ses=ca5aa42c-c95b-4973-bc1e-fced8cc656ac HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:15 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=632f793f-97f8e-3c405-500af; expires=Wed, 25-Oct-2023 21:40:15 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/video/header-video-720p.webm

172.64.149.99

206 Partial Content

1.3 MB

URL HTTP/2
megalotto-static.gigmagic.io/video/header-video-720p.webm
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.3 MB (1336865 bytes)
Hash
63177b286fe4cb8a5431377710ad3715
e762daea246c011e634a226f6062a9a27a344f80
ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817

HTTP Headers

GET /video/header-video-720p.webm HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Sat, 24 Sep 2022 21:40:15 GMT
content-type: video/webm
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Sun, 25 Sep 2022 01:40:15 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 74fead6cddfdfab8-OSL
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Sat, 24 Sep 2022 21:40:15 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Sat, 24 Sep 2022 21:40:15 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-clock-badge-new.svg

172.67.22.147

200 OK

682 B

URL HTTP/2
www.megarush.com/img/icons/mega-clock-badge-new.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
682 B (682 bytes)
Hash
e4c2a3b2c799425fb8ae2d0ec5e8dd87
cbf8b5a116a2f8c922b6b6ff68360b9ddc57558d
d016dc0c6f58ad89ed68dbc39b8ee6660179091ef84e0c722406c64f6c1434e3

HTTP Headers

GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9491323
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f80db524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Sat, 24 Sep 2022 21:40:15 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Sat, 24 Sep 2022 21:40:15 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

110 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
110 B (110 bytes)
Hash
fcd8b40e3de241f9627240d4bab6f694
9a3d777f60a870d7f92f30188b27e340d913a56a
2a037aeb75ef4e1f8a382e67e76c6f9538bb688e3adc0cad8515bc564eefbcf1

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 110
date: Sat, 24 Sep 2022 21:40:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=|&ord=237188630032&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&Set1=en-US%7Cen-US%7C1280x1024%7C24

37.157.2.234

302 Found

0 B

URL HTTP/2
track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=|&ord=237188630032&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
37.157.2.234:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Serving/TrackPoint/?pm=2381934&ADFdivider=|&ord=237188630032&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=237188630032&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_98555C0CA24A4B51AF4968E905C1F87C&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Mon, 24-Oct-2022 21:40:13 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

www.megarush.com/js/index.94a008e8.js

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/js/index.94a008e8.js
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/index.94a008e8.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6471
server: cloudflare
cf-ray: 74fead5dbdb9b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/megaclub--updated.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/megaclub--updated.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9503588
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efc9b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/flag-nb-no.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/flag-nb-no.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/flag-nb-no.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f80eb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/begambleaware.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/begambleaware.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/begambleaware.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-18df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead663868b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/chunk-vendors.76e8e4d0.css

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/chunk-vendors.76e8e4d0.css
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6527
server: cloudflare
cf-ray: 74fead5dbdb4b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

scripts.mediamathrdrt.com/scripts/b_megarush.js

172.67.129.58

200 OK

0 B

URL HTTP/2
scripts.mediamathrdrt.com/scripts/b_megarush.js
IP
172.67.129.58:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:13 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: f9c9d366-8f2c-4016-878d-b0cb22896146
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.004911
expires: 2022-08-25 21:40:13 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZ3DnCc7Um2ZKhW1%2Bpl2J9WWrWbjVYvjaO8Dt7vn2VKwnEaChB89%2F6XVGuMOKVl6P7QiYbw1VZnc%2Fd0xEiW7YUbbeLa9MrMuKg211pGvC7mRaAKIeDNpr9zcOmdZQjFjR%2B1wFrbOG9ca99C4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fead5fab30b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.megarush.com/img/icons/visa--white.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/visa--white.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/visa--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-279"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efd5b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-bolt-badge-new.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mega-bolt-badge-new.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mega-bolt-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-655"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2765314
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f808b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

172.64.149.99

200 OK

0 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 632f793cd3a0cae114a29c3c
Origin: https://www.megarush.com
Content-Length: 18
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=a97e9b23ef57e88ea120d9331828b0a7; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead63c829fab8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/astropaycard--white.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/astropaycard--white.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/astropaycard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7098811
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f800b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-phone-badge-new.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mega-phone-badge-new.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mega-phone-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29503856
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f80ab524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/service-worker.js

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/service-worker.js
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:15 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Sat, 24 Sep 2022 21:40:45 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fead6ee99db524-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/pragmaticPlay.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/pragmaticPlay.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9334633
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead645da7b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/help-round.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/help-round.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/help-round.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efcdb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-checked-badge-new.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mega-checked-badge-new.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mega-checked-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-66f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29503856
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65f80bb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/promotions--flat.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/promotions--flat.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17991309
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efd0b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mastercard--white.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mastercard--white.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.1149379812.1664055612; _gid=GA1.2.969443498.1664055612; _gat_UA-143790984-2=1; btag=656126_98555C0CA24A4B51AF4968E905C1F87C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 21:40:14 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34266437
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fead65efd7b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations