Overview

URL safe-guard.site/pt/env/vodafone
IP212.237.233.86
ASNUAB Interneto vizija
Location Lithuania
Report completed2022-09-28 19:54:56 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-28 2 safe-guard.site/pt/env/vodafone Phishing
2022-09-28 2 safe-guard.site/pt/env/vodafone/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-28 2 whampamp.com Sinkholed
2022-09-28 2 whampamp.com Sinkholed
2022-09-28 2 datatechone.com Sinkholed
2022-09-28 2 whampamp.com Sinkholed


Files

No files detected



Passive DNS (38)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS open.spotify.com (2) 3062 2012-06-04 12:41:14 UTC 2022-09-28 11:41:03 UTC 35.186.224.25
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-28 14:54:21 UTC 142.250.74.174
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-28 08:06:38 UTC 34.120.237.76
mnemonic passive DNS e1.o.lencr.org (4) 6159 2021-08-20 07:36:30 UTC 2022-09-28 05:22:53 UTC 23.36.77.32
mnemonic passive DNS scripts.mediamathrdrt.com (2) 273493 2021-06-01 09:41:40 UTC 2022-09-28 15:16:53 UTC 172.64.138.19
mnemonic passive DNS apresolve.spotify.com (2) 753 2013-09-30 17:51:11 UTC 2022-09-28 11:41:04 UTC 34.98.74.57
mnemonic passive DNS gew4-spclient.spotify.com (4) 0 2022-03-28 13:26:27 UTC 2022-09-28 11:41:05 UTC 35.186.224.17 Domain (spotify.com) ranked at: 187
mnemonic passive DNS sentry.io (1) 2743 2016-08-31 05:38:44 UTC 2022-09-28 04:42:35 UTC 35.188.42.15
mnemonic passive DNS 35.227.234.222 (1) 0 2019-02-15 12:35:24 UTC 2022-06-15 16:40:06 UTC 35.227.234.222 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-09-28 04:36:20 UTC 142.250.74.3
mnemonic passive DNS megalotto-static.gigmagic.io (2) 0 2020-11-23 07:59:35 UTC 2022-09-28 10:37:45 UTC 172.64.149.99 Unknown ranking
mnemonic passive DNS i.scdn.co (1) 1162 2017-01-30 05:00:06 UTC 2022-09-28 14:32:49 UTC 151.101.86.248
mnemonic passive DNS graphql.datocms.com (2) 163121 2018-06-26 13:09:32 UTC 2022-09-28 14:53:45 UTC 104.22.2.238
mnemonic passive DNS pxl.qccerttest.com (1) 0 2022-07-13 18:30:05 UTC 2022-09-28 17:16:31 UTC 143.204.55.35 Unknown ranking
mnemonic passive DNS whampamp.com (3) 30947 2022-03-12 13:52:24 UTC 2022-09-28 08:05:33 UTC 139.45.197.236
mnemonic passive DNS media.megarushaffiliates.com (1) 0 2020-12-30 14:36:06 UTC 2022-09-28 18:00:40 UTC 23.36.79.18 Unknown ranking
mnemonic passive DNS open.spotifycdn.com (1) 0 2022-06-13 14:04:22 UTC 2022-09-28 11:41:04 UTC 151.101.86.249 Domain (spotifycdn.com) ranked at: 1791
mnemonic passive DNS pixel.quantserve.com (1) 417 2018-04-06 01:24:19 UTC 2022-09-28 15:12:56 UTC 91.228.74.159
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-28 05:13:47 UTC 143.204.55.110
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-09-28 12:03:19 UTC 139.45.195.8
mnemonic passive DNS eu.can-get-so.me (1) 0 2022-05-24 05:08:11 UTC 2022-09-28 07:57:42 UTC 157.90.33.78 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 54.187.160.31
mnemonic passive DNS edge.fullstory.com (1) 2769 2019-10-31 13:31:26 UTC 2022-09-28 13:15:05 UTC 35.201.112.186
mnemonic passive DNS safe-guard.site (2) 0 2022-04-26 13:58:50 UTC 2022-09-28 11:58:55 UTC 212.237.233.86 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:36:09 UTC 23.36.77.32
mnemonic passive DNS track.adform.net (2) 3564 2012-05-21 07:01:21 UTC 2022-09-28 04:36:29 UTC 37.157.4.25
mnemonic passive DNS encore.scdn.co (2) 25928 2020-07-15 14:12:23 UTC 2022-09-28 18:00:42 UTC 151.101.86.248
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-28 13:14:04 UTC 104.18.32.68
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-28 16:15:39 UTC 93.184.220.29
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-28 04:42:17 UTC 142.250.74.72
mnemonic passive DNS megalotto-api.gigmagic.io (2) 0 2020-09-09 18:17:35 UTC 2022-09-28 15:16:53 UTC 104.18.38.157 Unknown ranking
mnemonic passive DNS s2.adform.net (1) 4693 2013-04-18 11:49:52 UTC 2022-09-28 12:42:35 UTC 37.157.2.247
mnemonic passive DNS megalotto-api.gigmagic.io (2) 0 2020-09-09 18:17:35 UTC 2022-09-28 15:16:53 UTC 172.64.149.99 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 12:06:36 UTC 143.204.55.27
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS secure.quantserve.com (1) 973 2018-05-21 20:36:17 UTC 2022-09-28 04:53:11 UTC 91.228.74.159
mnemonic passive DNS datatechone.com (1) 0 2015-06-17 13:52:19 UTC 2022-09-28 14:54:39 UTC 139.45.195.253 Unknown ranking
mnemonic passive DNS www.megarush.com (51) 0 2020-11-23 07:59:35 UTC 2022-09-28 10:37:45 UTC 104.22.31.168 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 212.237.233.86

Date UQ / IDS / BL URL IP
2022-12-06 06:30:31 +0000
0 - 0 - 2 telenet.website/m/br/13/ 212.237.233.86
2022-12-05 14:03:22 +0000
0 - 0 - 2 telenet.website/m/br/s4/ 212.237.233.86
2022-12-05 06:18:43 +0000
0 - 0 - 2 telenet.website/m/ec/ppt1/ 212.237.233.86
2022-12-05 05:32:41 +0000
0 - 0 - 2 telenet.website/m/br/13/ 212.237.233.86
2022-12-05 05:32:21 +0000
0 - 0 - 2 telenet.website/m/br/13/?key=eyJ0aW1lc3RhbXAi (...) 212.237.233.86

Last 5 reports on ASN: UAB Interneto vizija

Date UQ / IDS / BL URL IP
2022-12-07 16:14:14 +0000
0 - 0 - 1 media2.site/bg/env/maxipaxi/?key=eyJ0aW1lc3Rh (...) 194.135.87.146
2022-12-07 16:05:51 +0000
0 - 0 - 2 televida.site/m/sa/mwh/ 79.98.29.8
2022-12-07 14:08:16 +0000
0 - 0 - 2 mobile1.fun/uz/env/uzmobile 79.98.29.29
2022-12-07 14:08:15 +0000
0 - 0 - 2 mobile1.fun/uz/env/uzmobile/ 79.98.29.29
2022-12-07 10:39:13 +0000
0 - 0 - 0 elemisskincare.pl/ 94.176.237.164

Last 5 reports on domain: safe-guard.site

Date UQ / IDS / BL URL IP
2022-11-09 06:50:14 +0000
0 - 0 - 4 safe-guard.site/mz/env/movitel/ 212.237.233.86
2022-11-09 03:05:32 +0000
0 - 0 - 4 safe-guard.site/cl/500/env/wom 212.237.233.86
2022-11-09 02:59:17 +0000
0 - 0 - 1 safe-guard.site/mx/bx/nl?key=eyJ0aW1lc3RhbXAi (...) 212.237.233.86
2022-11-08 07:14:08 +0000
0 - 0 - 4 safe-guard.site/iq/env/asiacell 212.237.233.86
2022-11-08 06:59:11 +0000
0 - 0 - 4 safe-guard.site/my/fortune/maxis/ 212.237.233.86

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-28 18:00:50 +0000
0 - 0 - 4 telemobile.site/ph/short/globe/ 194.135.87.27
2022-09-28 02:54:31 +0000
0 - 0 - 4 telemobile.site/br/lot2/nl/7/ 194.135.87.27
2022-09-26 23:57:11 +0000
0 - 0 - 5 safe-guard.site/eg/env/telecom 212.237.233.86
2022-09-24 17:02:29 +0000
0 - 0 - 5 safe-guard.site/cl/500/env/nl 212.237.233.86
2022-09-23 07:03:30 +0000
0 - 0 - 5 safe-guard.site/cl/500/bx/nl/ 212.237.233.86


JavaScript

Executed Scripts (27)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (123)


Request Response
                                        
                                            GET /pt/env/vodafone HTTP/1.1 
Host: safe-guard.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         212.237.233.86
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 28 Sep 2022 19:54:44 GMT
Server: Apache
Location: http://safe-guard.site/pt/env/vodafone/
Content-Length: 247
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   247
Md5:    36f6ca6399fd873ab41e9d2bc60d201c
Sha1:   d8d040b1b275e1a1dbe091c0f479cc1bf78d84ec
Sha256: 9c78e10eb09d7b3562c6f6de8e3845349b1fe2e7a84ec862bbe6102528833f71

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 18:54:51 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TqFoG7XhgeY_M4sfdNC24SjmsoHIskJyK51fOaqONPSAKmjZvDEoxQ==
Age: 3593


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3606
Expires: Wed, 28 Sep 2022 20:54:50 GMT
Date: Wed, 28 Sep 2022 19:54:44 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xyXIPE4k6CQQnG6s4higqa0ETWTDoVmGIiugGc80-HdMLptMdz6N4A==
age: 51978
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /pt/env/vodafone/ HTTP/1.1 
Host: safe-guard.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         212.237.233.86
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Date: Wed, 28 Sep 2022 19:54:44 GMT
Server: Apache
Location: //whampamp.com/4/5087048?var=ag2
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 19:54:44 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /4/5087048?var=ag2 HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         139.45.197.236
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
                                        
Server: nginx
Date: Wed, 28 Sep 2022 19:54:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: f6ea2ba4d24403c5d9b9ed0056013d7f
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=f865c60f50cf4077bc543047282cabc0; expires=Thu, 28 Sep 2023 19:54:44 GMT; path=/ oaidts=1664394884; expires=Thu, 28 Sep 2023 19:54:44 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8753)
Size:   7140
Md5:    74c1e6348b54647a06018f9674b3f077
Sha1:   27ef89b94824136f43249e82e99d81f3aaa193bb
Sha256: 9b1b85763623c022184f46e2f98425296256f796b5560388ae675d1cb731d9a8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 19:29:33 GMT
Expires: Wed, 28 Sep 2022 20:26:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wGoM9qt-yj52xFp7RQ2GGKO5N1YX70qk_DgPpQHmTP-EuHdev8KLYA==
Age: 1512


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 19:54:45 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=382832,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f08608d94b500-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 19:54:45 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 04:52:37 GMT
Expires: Mon, 03 Oct 2022 04:52:36 GMT
Etag: "e1e5e031bc34cc40fb8712697a6f6c6fe73ad62f"
Cache-Control: max-age=377270,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f08609aa60b45-OSL

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ag2
Cookie: OAID=f865c60f50cf4077bc543047282cabc0; oaidts=1664394884

                                         
                                         139.45.197.236
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Wed, 28 Sep 2022 19:54:45 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314 HTTP/1.1 
Host: datatechone.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 453
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.253
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Wed, 28 Sep 2022 19:54:45 GMT
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /img.gif?f=merge&userId=f865c60f50cf4077bc543047282cabc0 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 28 Sep 2022 19:54:45 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f865c60f50cf4077bc543047282cabc0; expires=Thu, 28 Sep 2023 19:54:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5966
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 19:54:45 GMT
Last-Modified: Wed, 28 Sep 2022 18:15:19 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 447
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=f865c60f50cf4077bc543047282cabc0; oaidts=1664394884
Upgrade-Insecure-Requests: 1

                                         
                                         139.45.197.236
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Wed, 28 Sep 2022 19:54:45 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 62e5a03879d03a69ddd5b682ca34ae4c
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=599078172004458765&subid1=5087048&cost=0.001172&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=f865c60f50cf4077bc543047282cabc0; expires=Thu, 28 Sep 2023 19:54:45 GMT; path=/ oaidts=1664394884; expires=Thu, 28 Sep 2023 19:54:45 GMT; path=/ syncedCookie=true; expires=Wed, 05 Oct 2022 19:54:45 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E28AB4F2968DE579E5BBF28127CDD9C20A6DF4A057B577DAEBC499711FFDB581"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2927
Expires: Wed, 28 Sep 2022 20:43:32 GMT
Date: Wed, 28 Sep 2022 19:54:45 GMT
Connection: keep-alive

                                        
                                            GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=599078172004458765&subid1=5087048&cost=0.001172&rdk=rk3 HTTP/1.1 
Host: eu.can-get-so.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         157.90.33.78
HTTP/2 302 Found
                                        
server: nginx
date: Wed, 28 Sep 2022 19:54:45 GMT
content-length: 0
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=IYn0QbpmQl2gq8CUQisRNA; expires=Thu, 28 Sep 2023 19:54:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1 
Host: 35.227.234.222
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         35.227.234.222
HTTP/1.1 302 Found
                                        
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 28 Sep 2022 19:54:45 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Al/kt70SIm6qNCfS/M+bVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.160.31
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OQbAFDUgNqS3TaLxRkpwXTEI4Tc=

                                        
                                            GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1 
Host: media.megarushaffiliates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.18
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 28 Sep 2022 19:54:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 28 Sep 2022 19:54:45 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664394885881)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C20229281954%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%225322534%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Fri, 28-Sep-3021 19:54:45 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=45
X-Firefox-Spdy: h2

                                        
                                            GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 2860
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f0865b97eb4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Size:   10484
Md5:    d23da8f3e4e37a17c1d3ed7a1a11d429
Sha1:   9dda69da77b703d438db74468375685f6983625d
Sha256: a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c
                                        
                                            GET /fonts/Inter-Bold.woff2 HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 1779
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f0865b97fb4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Size:   10508
Md5:    a2517956b299e0c02bfc2a92eb05f623
Sha1:   ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
Sha256: 412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37
                                        
                                            GET /fonts/Inter-Regular.woff2 HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
content-length: 10108
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 2860
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f0865b984b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Size:   10108
Md5:    5ec57a5a91c67095e4a7e91ac375ffb1
Sha1:   23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
Sha256: 9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5
                                        
                                            GET /fonts/DS-Digital.woff2 HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 2638
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f0865b985b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Size:   776
Md5:    789f060683abdb5574a93bf59c7dd2e2
Sha1:   17b677d648dfdc9e290a25e8c137ebb0448c069b
Sha256: 375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248
                                        
                                            GET /chunk-vendors.76e8e4d0.css HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4988
server: cloudflare
cf-ray: 751f0865b988b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1042
Md5:    65ec6de2c0b581f4d7dc5c3c4d8903f9
Sha1:   5cdf76685d99bb0e0f1692203f745ad19d759382
Sha256: 7bcc59fb00fa3dafa4caa337f908332dc4f50bdac048237b517f715d3f543397
                                        
                                            GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 19:54:46 GMT
expires: Wed, 28 Sep 2022 19:54:46 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 18:50:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50738
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23513)
Size:   50738
Md5:    94d8bd47b677938bac2875828e713129
Sha1:   7ee6839b5c07b3b00355d38c26a08caebd05b6f7
Sha256: 98dd109efef342b2ddca28eefd0586bdf583c989405195495955896113bb3f03
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 19:54:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicons/favicon-194x194.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34605029
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f0868bd8fb4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size:   11668
Md5:    3bc9ecb2b8d9e78d83d49da52c0292fc
Sha1:   b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
Sha256: 9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c
                                        
                                            GET /base.css HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Tue, 20 Sep 2022 19:46:31 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3549
server: cloudflare
cf-ray: 751f0865b987b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1794
Md5:    4c1acc9cf9b5a55e113a033df95eabee
Sha1:   666671fd203e2b6cfb2f7c8dbd7d7bb4481301f3
Sha256: 39df773bc3f8c6ebbf1880531ea707aff1966faec7d4153e4939a5a9fb79e938
                                        
                                            GET /js/chunk-vendors.25e1a372.js HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6831
server: cloudflare
cf-ray: 751f0865c992b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   122219
Md5:    5c084be45c6e86e8098d40181e6ff6a7
Sha1:   aa43899549d6e209744c237da79845ba52740363
Sha256: 18cc3df9c352f4201d3b438b62716a3963969ad8f3fc6138b3540a196a20c915
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "617293EB5BA875D7BBA5875775B8F36791A84AD3ACDF0D88FCB370A044BD33E6"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5302
Expires: Wed, 28 Sep 2022 21:23:08 GMT
Date: Wed, 28 Sep 2022 19:54:46 GMT
Connection: keep-alive

                                        
                                            GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6334a683a6bdece3777c7fef HTTP/1.1 
Host: megalotto-api.gigmagic.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mCbaFIaa0jCVCRBvA1TU1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         104.18.38.157
HTTP/1.1 101 Switching Protocols
                                        
Date: Wed, 28 Sep 2022 19:54:46 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: BdvBj8ds50Hh+PZJDhGR4eyGZGQ=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=0cedd9831f185d4467a29376e3a98c9d; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f08690ec7b4ff-OSL

                                        
                                            GET /translations/no.json HTTP/1.1 
Host: megalotto-static.gigmagic.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.149.99
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
content-length: 75074
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 28 Sep 2022 12:09:53 GMT
etag: "2d69de376ff11223f8f0bd1f956ab7c1"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751f0869ba2cb509-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Size:   75074
Md5:    2d69de376ff11223f8f0bd1f956ab7c1
Sha1:   7dceb2a94ced1cacda185266fbd803f6ec6e4ee9
Sha256: ae46b86e84e012ae8f281aa68f750684d9c92ba9734ffe771745cf83ce74718e
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "617293EB5BA875D7BBA5875775B8F36791A84AD3ACDF0D88FCB370A044BD33E6"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5302
Expires: Wed, 28 Sep 2022 21:23:08 GMT
Date: Wed, 28 Sep 2022 19:54:46 GMT
Connection: keep-alive

                                        
                                            POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 19:54:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 18:41:09 GMT
expires: Wed, 28 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 4417
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6075
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 19:54:46 GMT
Last-Modified: Wed, 28 Sep 2022 18:13:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /s/fs.js HTTP/1.1 
Host: edge.fullstory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.201.112.186
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdtkfX5TxPr_SWVmOfY3dhmZfJJoTPjwuPvUGAPj0_hXe1MBR7MQxmQWlwA1GAgSvDxMnAJ9RDuVQPhH0eeVN8q5zLZ9xkrL
x-goog-generation: 1663785557634490
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 63203
content-encoding: br
x-goog-hash: crc32c=S3DyuA==, md5=7a3bB8Gsae6s4GGDcXSBIQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 63203
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 28 Sep 2022 19:11:40 GMT
expires: Wed, 28 Sep 2022 20:11:40 GMT
cache-control: public, max-age=3600,no-transform
age: 2586
last-modified: Wed, 21 Sep 2022 18:39:17 GMT
etag: "edaddb07c1ac69eeace0618371748121"
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65410)
Size:   63203
Md5:    edaddb07c1ac69eeace0618371748121
Sha1:   d6a2dd58b9b4d56425a1391e0ce2354b85d27b13
Sha256: 2853842ec4546df8fa58052aa6715ea4b8321bbbaea78b32d1682a93b009b44b
                                        
                                            POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 19:54:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /scripts/b_megarush.js HTTP/1.1 
Host: scripts.mediamathrdrt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.138.19
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 32203303-5b77-4f54-a49b-12f76593ddba
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.004207
expires: 2022-08-29 19:54:46 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uN8G8ySFvjeNdbadx84OHaqD%2BppVmyGo90Bsfwp472gpSGkeAfiTjW4PzhOtGcLj6HaiKki9OwfxLmZDffLHNhvO7unsu0aH4k7AhZZHGxXIsg97mSpJ8u69oLq45zBGLhKedW099lhet2RA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751f0869aa927759-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   723
Md5:    c2b3606b5f7d79c18b45cf0109b99c9f
Sha1:   883256a09c8c05563fb8b9d411f050547ab3d88b
Sha256: 5a4c82a1d18dac0478d3b4cd7e7eccf6acc49c42a40872649f73ac730aa3ac2b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9616
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 19:54:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9616
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 19:54:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9616
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 19:54:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9616
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 19:54:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9616
Expires: Wed, 28 Sep 2022 22:35:03 GMT
Date: Wed, 28 Sep 2022 19:54:47 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rV80hKsopWPf_A8hKw0kwTOjVN4Bq-5f8oXDP2wluyGwof5yXFe2Bw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:42:47 GMT
age: 79920
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 79664
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    6139c878a7d2bd32c61fc8287996eb5b
Sha1:   9c4692ea64832895fbd107d91f879728b6a440c7
Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Di1kDUlYEc1rv31fHM-OquU_W_LggEzDCTVME5iFJ5KffZcQyN6i2A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:31:39 GMT
age: 44588
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    ea3890e460356d6ecc3ba4e405ac2e9e
Sha1:   b383135e2ebc23fe80eb0d594b198cb8c89327a5
Sha256: 8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 80034
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14464
Md5:    aa5cad224dbddd71881bd07255beb4da
Sha1:   bc214d60be395d4cf753216ff8f9691c33d25e75
Sha256: 82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmVkKXoPqZmnwFtpKhuox1kJNDoSxMEmYE39_zVPyaeoU4sPqq-_wA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:23 GMT
age: 79824
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13299
Md5:    ad84ed0c5b2090df7996007514cf1984
Sha1:   651600f2ef18cecc2e38370069bbb5e1d86f68e0
Sha256: a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
                                        
                                            GET /service-worker.js HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Wed, 28 Sep 2022 19:55:16 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751f08691dfcb4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20354
Md5:    1ea8410328bc973cf1982a2dcdda02ed
Sha1:   63b2ec36cffb89d16c6d21b91e617e858259f256
Sha256: 4663febdf338247eaa2c194abf8bfbb9faa9ab67f40eeb7b5cfcd1ecf0a8172c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3804
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 19:54:47 GMT
Last-Modified: Wed, 28 Sep 2022 18:51:23 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1 
Host: open.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Cookie: sp_t=e8673b169a2d4892dd6264f1ad1b95b3; sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3De8673b169a2d4892dd6264f1ad1b95b3%26device%3Ddesktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.186.224.25
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
vary: Accept-Encoding,Accept-Encoding
set-cookie: sp_t=e8673b169a2d4892dd6264f1ad1b95b3; path=/; expires=Thu, 28 Sep 2023 19:54:47 GMT; domain=.spotify.com; samesite=none; secure
content-encoding: gzip
sp-trace-id: 20fbaaae62a29114
x-envoy-upstream-service-time: 12
server: envoy
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25532
Md5:    69bfc1154c6db3333da7a251bc4a9999
Sha1:   28ad5a5cdc7b97bd91b42b333e32d68e9cf43530
Sha256: 708c12cd9a49938f5ebb955d0f8a8e85ba12655b14e087791aaab3923283b69a
                                        
                                            GET /img/icons/live-casino--yellow.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18330582
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e7d12b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5443
Md5:    dbfd183af63c98d119186c08bdb25f77
Sha1:   9ef98246f31d524df05ea6e76e6576c2fa6c4a40
Sha256: 0c264705827904f3953d183e088710bccde12d1490383dd0c1b44e55f5542e2b
                                        
                                            GET /img/icons/casino--side-nav.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18353308
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e7d11b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3847
Md5:    47515933b945d39915bd031d56e50ecc
Sha1:   7ca64fb2abf840518dbb4f1080f1447767869a01
Sha256: ec5c0c358b3590a7f7bd144f6c44f59197a7c74f6655bb011501ba094fa796a2
                                        
                                            GET /banners/scripts/st/trackpoint-async.js HTTP/1.1 
Host: s2.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.157.2.247
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 19:54:46 GMT
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 11:35:31 GMT
x-rgw-object-type: Normal
etag: W/"64271612f9771203ff18d1de033d1b31"
x-amz-request-id: tx00000c54f4ae59c4271b7-0063348b79-3292f941-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31359
Md5:    596b8d8884a57701fbc6d416f9c265c5
Sha1:   33038b7f91b1493e32117552aadf48132d4f9472
Sha256: dd8272cc7ac45e0e430d464bd719978f1b0d18d3f00b8b682c8d2d8e6fe470d8
                                        
                                            GET /img/home-page/mega-jackpots.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9834813
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086f8e6ab4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Size:   63747
Md5:    b4342b052aabdba3960a5b2b5c7e519a
Sha1:   aebc2a2c7be9d8d2895694af3fde7674affef4c2
Sha256: d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d
                                        
                                            GET /img/icons/menu.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Thu, 17 Mar 2022 09:55:04 GMT
etag: W/"62330578-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16612469
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e9d44b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3684
Md5:    40a050892db89d53f88420b87edad4bc
Sha1:   7a675b65d787ab70907b48b4389cd4221927da23
Sha256: 841ab79abdc8ee22b37c3df24d1aba9298b12a3edece126f9fc5b47f3046ee1a
                                        
                                            GET /img/icons/live-casino--flat.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34605710
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e9d3db4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1760
Md5:    fb87ad06f4487d95064ca4fbdd840f3f
Sha1:   e58182ed929fba23d981281ebafc81ef629ff595
Sha256: c9fc79bda5c1ff89442ab1b04541dbf4ac024572edc9282f664a6da25bd685f6
                                        
                                            GET /img/icons/pragmaticPlay.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9673906
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e7d06b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5716
Md5:    b8f8080810e1d0697f9b82efa369d32e
Sha1:   c1f537342f1ad5c1290c9f67f9b2d16f29dea6a6
Sha256: a6595853343f922a63deaff71d746faacd4f8a6c94d7b3e1c34c974ca9f23b5f
                                        
                                            GET /img/home-page/coin-1-1.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31380283
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086f8e6db4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Size:   4257
Md5:    214e2f889379dcba70bace5878068150
Sha1:   d6873dae324b9fd44a70e73f20dc9eb81253a7ae
Sha256: bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0
                                        
                                            GET /safeframe HTTP/1.1 
Host: scripts.mediamathrdrt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.138.19
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 378ba99b-21db-48a6-aed2-6923c899ddcd
x-download-options: noopen
x-runtime: 0.002025
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eitIDN1h%2F%2BF%2BbYg5pIUliqJO3oUXhErYdT5EeyGv3LIZj9ZkjE7Uk%2F5jlpRtVdsOWUvKeT8J4pHV8BYZvI5m9vE%2FO1FivFRG3ffYQpi74dN01fRPH1w40C%2Fi505BsM8IAK%2B35W5i8izyz6P3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751f086a9d3c7759-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   22195
Md5:    3cabd61c42c777bff173b234da38ba23
Sha1:   be224ddfdc46a3dd4bcaf1f5505ef01a3226044f
Sha256: f360d6d491e8834a4f6c97b0ac1b085e1123cd49a3e99de8c46f095fff93e85a
                                        
                                            GET /img/home-page/coin-3-1.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31380283
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086f8e79b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Size:   4434
Md5:    3da73129d9d4dd65c43060dacf06f3df
Sha1:   9abf4ea9710ba53af92778718c245ddf64c42a5f
Sha256: 6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6
                                        
                                            GET /img/icons/search.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-212"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34605710
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e9d43b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10872
Md5:    6e0939d99395038911628e4428efd45a
Sha1:   b06d982d2eb3e0aaa15f5e9202c2c0c7f8e1e8c1
Sha256: b2c1b14a35dceb44676d5ca99774074611604adbffd2d3a91983470e22137a80
                                        
                                            GET /img/icons/promotions--updated.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9837115
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e8d2cb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10112
Md5:    a992977986ae80a5c4ccd4d790876497
Sha1:   5548fe32f38267a57b57ac6c31892173fe3260e9
Sha256: 66db4bea58a33b6860df55864dcb5cf40a16d34fb9cd0e844ef13a8bfa773d64
                                        
                                            GET /img/icons/promotions--flat.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18330582
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e9d3fb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   48974
Md5:    b5645fe9f9d98255f48be03c3f22d385
Sha1:   27609a33fca7e1425792000978ba185fd0af3904
Sha256: 40683a7dbdb35ddc57ac26030007da1f29ba6090fe1a7dad23feab4e1eef81ea
                                        
                                            GET /img/icons/mastercard--white.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34605710
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e9d4ab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   15137
Md5:    6045e768c7d8c4f8f583b086a2f57f9a
Sha1:   a5baa9b46fc0ff80ee4918e4b5fbbab1851dfbee
Sha256: 65b2e7326536948482ba50ed5dad5688807ddcbc4313b5a01fcb69046d9b9618
                                        
                                            GET /img/icons/astropaycard--white.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7438084
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ead4eb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13810
Md5:    384fd8491d7e61ba97e14db7728f57d2
Sha1:   306744900e47217c4d82055ab1713a0146dcb615
Sha256: c81fcdcbf87f51686337ac10ce3a7267b26f4b8bf5955bdfc06a76ba27f8ec6e
                                        
                                            GET /img/icons/visa--white.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-279"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34605710
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e9d49b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4621
Md5:    b284b8e515cd561509fe9deee15ed0ca
Sha1:   d65297f6c95ee69263773528884c13e7a9ced5d4
Sha256: 624ccf67915a0abef9bc987dbb739efd8228ac42c91d152ed76270a4b5094247
                                        
                                            GET /img/home-page/smoke-1-medium.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
content-length: 35333
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: "61656602-8a05"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30359290
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086fced6b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 800 x 317, 8-bit gray+alpha, non-interlaced\012- data
Size:   35333
Md5:    109f267221e2cee94514a7efaebd29a9
Sha1:   a2e8d66e2f36d10fbdb7e78e42aefaffdfdbf7f2
Sha256: 72d4591ac99f7e8c9d7bbd20af81a880c6b66a6632772d6f0f085656afb3b801
                                        
                                            GET /img/home-page/smoke-2.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
content-length: 74825
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-12449"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9841272
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086fef13b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1187 x 471, 8-bit/color RGBA, non-interlaced\012- data
Size:   74825
Md5:    b52d54230805a82ccdbc1484c6bde4aa
Sha1:   73fcb683ec6b5598a0b89138843c479d5f479fe0
Sha256: 97b1cfcdf70c6c432984de8f4c9350281c61d6503bd8cd1add15e46ea359eade
                                        
                                            GET /img/question-mark-1.d872b1da.png HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
content-length: 53566
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-d13e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8973224
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086fff21b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 632 x 820, 8-bit colormap, non-interlaced\012- data
Size:   53566
Md5:    d872b1daeb19c1afe87b87c10de4343d
Sha1:   40c2dbf4eea216df495b10b6c039356432b41c4f
Sha256: 56d454faccb635efca719d35f33cd06b0131c75ee321a7f1fb6914099ebdcf96
                                        
                                            GET /img/icons/trustly--white.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9842553
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ead50b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31422
Md5:    05f1ceb737619164221925413222bed7
Sha1:   57073bf4d10685ad72f97ba93dcb5a664e384738
Sha256: 1429512b731b64505bb350a483ac19383aa5376bacf2496a632ee2f23ba8bb3f
                                        
                                            GET /img/icons/payments.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9841272
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e8d2db4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64471)
Size:   714490
Md5:    4098d66614e5d9764ea4ff159b49274a
Sha1:   d6b3fa61790d5f3e7f82afc38277b23ccd698edf
Sha256: 1b894d5c7ec50c07c8dc2ea1fbf6218f5f216ec406211c9bfe9a0ed51baaa999
                                        
                                            GET /img/icons/ibas.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f8e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34605710
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ebd6db4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   85449
Md5:    d9de312d7f182cc270a95f7e0461a15e
Sha1:   efde116100f216169641e5096489ee61f070a47b
Sha256: 83ae2b9096113e404a99a1565657464c17dcfb451ebcc7ab01e01f92de909632
                                        
                                            GET /img/icons/games--flat.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34605710
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e9d34b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   63380
Md5:    8c4113ab34861b8f9f0857eb1a7636d5
Sha1:   3050dbe0cf4e043ea1e44c9dcd1dafaf2aae9b8c
Sha256: 9b03730930e86efe6a0929e42f9a57c96332392b089f6488ef853464008a3644
                                        
                                            GET /img/icons/mega-bolt-badge-new.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-655"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3104587
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ead57b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1170
Md5:    31c6bc0d1c5564c8b35e9192d65000da
Sha1:   ac0c551718568bda202b83e4952ab21a309dc6a8
Sha256: 71fdd874f0f3d7971164add2e73ff612f8cd4216be2e341ae89e4f16baca6987
                                        
                                            GET /img/home-page/glows/purple-jackpot.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9814410
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086fff19b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /img/icons/netent.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9842553
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e7cfeb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (23516)
Size:   4854
Md5:    554394f43f6e8edb0ae1e0e52abaf103
Sha1:   978fb552c736f17993d6b12422430c4a1fdcdf4b
Sha256: 3c9620eb9e582fa484bcedef39219c77cce61bf2c30e3ac2319062388cb7379a
                                        
                                            GET /cdn/build/embed-legacy/embed-legacy.8584be2a.js HTTP/1.1 
Host: open.spotifycdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.249
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: keep-alive
Content-Length: 128572
Last-Modified: Wed, 28 Sep 2022 18:53:22 GMT
ETag: "5cbf8aa83601af9472605a04a5fbe148"
x-goog-generation: 1664391202332617
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 128572
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 19:54:47 GMT
Age: 3441
X-Served-By: cache-chi-klot8100154-CHI, cache-bma1676-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 193
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   128572
Md5:    5cbf8aa83601af9472605a04a5fbe148
Sha1:   62b37f7fd30cfacdbc3d1fff87d6c89605adcba2
Sha256: 7a70c4b4e1584b3cde25573917c0303ded87f4431ebbe7b594044f1a0b8cef63
                                        
                                            GET /img/home-page/grid-new-1.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-31bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9841272
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086fef0fb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (52805)
Size:   221557
Md5:    d0488ad402b08b820efa4a16ea44ce7c
Sha1:   9f38b01a933b57a525492e283dbbaf037d3551bc
Sha256: 4cd73f4fb65f8f8c31080c70f9862653b27ef174e13fa889aa81b1c67da9fe09
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F7D736150F5B679E263F4FB17E384924235B5D6975F7CB0248723C98985385F"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20630
Expires: Thu, 29 Sep 2022 01:38:37 GMT
Date: Wed, 28 Sep 2022 19:54:47 GMT
Connection: keep-alive

                                        
                                            GET /img/icons/jeton--white.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9841272
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ead53b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2776
Md5:    1a2e310b8d0c8021bab10d0e2c34be96
Sha1:   6e3d77b688b32ba68543d4e4aab26ed197c183c6
Sha256: 145f0eca2eb80eb9db2d8abac281cdcf7b156468aaacf1c0f1a178c70256d5ad
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F7D736150F5B679E263F4FB17E384924235B5D6975F7CB0248723C98985385F"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20629
Expires: Thu, 29 Sep 2022 01:38:37 GMT
Date: Wed, 28 Sep 2022 19:54:48 GMT
Connection: keep-alive

                                        
                                            GET /Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=834941127117&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_7F5DDAC8583645A6A3ABEED342A60A19&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         37.157.4.25
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 28 Sep 2022 19:54:48 GMT
content-length: 389
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   389
Md5:    e25d2d22a3f4d1ef4dc0f06a4793855d
Sha1:   76f343efd7919fb79ef455f657bf6e803a02f190
Sha256: 45a58c71c183691bb1557d12ad1c0c82f1d0a495d06cc3a23d61aa984c2e6c3a
                                        
                                            GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1 
Host: encore.scdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.248
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Connection: keep-alive
Content-Length: 84088
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: W/"f7b12903dd7a2d536ceb2b7cd1dba2c1"
x-goog-generation: 1652441931211351
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 84027
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 19:54:48 GMT
Age: 761659
X-Served-By: cache-chi-klot8100099-CHI, cache-bma1654-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 4, 28
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000


--- Additional Info ---
Magic:  data
Size:   84088
Md5:    4eaffdf96f4c6f984686e93d5d9cb325
Sha1:   8c576f620ae00a66282d8eb10dc2eb580888aaf1
Sha256: 9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6
                                        
                                            GET /?type=dealer&type=spclient HTTP/1.1 
Host: apresolve.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         34.98.74.57
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 109
date: Wed, 28 Sep 2022 19:54:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   109
Md5:    4866049703dfcda251bdee5d9cf8e192
Sha1:   ee1f20de91879f21dbaee0412cb410a41a487f33
Sha256: 91b13f5ddaf90d016651ff661f9a325cf7922da7326d5e630f359a4e0e65d03a
                                        
                                            GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1 
Host: encore.scdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.248
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 19:54:48 GMT
Age: 1472908
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1654-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 12
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000


--- Additional Info ---
Magic:  data
Size:   89536
Md5:    fe1cfc14b7498b187c78fa72fb72d148
Sha1:   6bec8ce832951162e0ebc4b257e3ee850fe7aade
Sha256: 039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "F46B9AABA2591C897B967CF8DC3B904F22C3C4ADB13E35EBB45D47C9077EEFFB"
Last-Modified: Mon, 26 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3923
Expires: Wed, 28 Sep 2022 21:00:11 GMT
Date: Wed, 28 Sep 2022 19:54:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "F46B9AABA2591C897B967CF8DC3B904F22C3C4ADB13E35EBB45D47C9077EEFFB"
Last-Modified: Mon, 26 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3923
Expires: Wed, 28 Sep 2022 21:00:11 GMT
Date: Wed, 28 Sep 2022 19:54:48 GMT
Connection: keep-alive

                                        
                                            GET /image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 HTTP/1.1 
Host: i.scdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.248
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Connection: keep-alive
Content-Length: 130780
Last-Modified: Fri, 30 Apr 2021 15:10:01 GMT
ETag: "ccb11204819dd6617e4e1fba9eeb5a84"
x-goog-generation: 1619795401707780
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 130780
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 19:54:48 GMT
Age: 728805
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100027-CHI, cache-bma1683-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 75, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Size:   130780
Md5:    ccb11204819dd6617e4e1fba9eeb5a84
Sha1:   3f5233f01c8ce71ffddde8694d269ee834964b93
Sha256: f3fa391ba021ceb98c27ff44f743db4d6a4073c0faf83ebf9f030d82bf4e6111
                                        
                                            OPTIONS / HTTP/1.1 
Host: graphql.datocms.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.2.238
HTTP/2 200 OK
content-type: text/plain;charset=UTF-8
                                        
date: Wed, 28 Sep 2022 19:54:48 GMT
content-length: 0
access-control-allow-origin: https://www.megarush.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751f08763a4cb4f9-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1 
Host: gew4-spclient.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         35.186.224.17
HTTP/2 200 OK
                                        
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Wed, 28 Sep 2022 19:54:48 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1 
Host: gew4-spclient.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         35.186.224.17
HTTP/2 200 OK
                                        
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Wed, 28 Sep 2022 19:54:48 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3196
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 19:54:48 GMT
Last-Modified: Wed, 28 Sep 2022 19:01:32 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /quant.js HTTP/1.1 
Host: secure.quantserve.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.228.74.159
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 19:54:48 GMT
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Wed, 05 Oct 2022 19:54:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10573
Md5:    f4e832b489bda0f084fea294af38969f
Sha1:   5ff51bb074fc29ddd5a8ee7bdeda12640c13d95d
Sha256: 75601b4c336b7b57e2df412730e491d95f21bf3a4556f1c976af4e9f41891917
                                        
                                            POST /gabo-receiver-service/public/v3/events HTTP/1.1 
Host: gew4-spclient.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         35.186.224.17
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Wed, 28 Sep 2022 19:54:48 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   39
Md5:    f204785b49c504e43101096fd3a80e31
Sha1:   e92466090f918c8f9c11268c9d0027fe269a90b6
Sha256: 873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
                                        
                                            GET /pixel?r=159157768;fpan=1;fpa=P0-1780436323-1664394886227;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664394886227;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1646258974%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_7F5DDAC8583645A6A3ABEED342A60A19;ogl= HTTP/1.1 
Host: pxl.qccerttest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 02:01:57 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Q2jH1pB6kRpbiwZm2w-8Fbv5gJww8VuCTO-3d5ZyrxuLUCLxgJG6kQ==
age: 64372
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    55d25e9dc950d5db4d53a3b195c046c6
Sha1:   75e91ae3e549dab12ed1c9787ade9131aef1c981
Sha256: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
                                        
                                            GET /pixel;r=1953828411;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1646258974%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_7F5DDAC8583645A6A3ABEED342A60A19;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1780436323-1664394886227;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664394886230;tzo=0;ogl=;ses=b1a37f59-63ca-44de-83e3-b73dbf4dd54e HTTP/1.1 
Host: pixel.quantserve.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         91.228.74.159
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 28 Sep 2022 19:54:48 GMT
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=6334a688-cfa0a-62461-b4b4f; expires=Sun, 29-Oct-2023 19:54:48 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    55d25e9dc950d5db4d53a3b195c046c6
Sha1:   75e91ae3e549dab12ed1c9787ade9131aef1c981
Sha256: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
                                        
                                            POST /gabo-receiver-service/public/v3/events HTTP/1.1 
Host: gew4-spclient.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         35.186.224.17
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Wed, 28 Sep 2022 19:54:48 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   39
Md5:    f204785b49c504e43101096fd3a80e31
Sha1:   e92466090f918c8f9c11268c9d0027fe269a90b6
Sha256: 873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
                                        
                                            POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 HTTP/1.1 
Host: sentry.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.188.42.15
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Wed, 28 Sep 2022 19:54:48 GMT
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /video/header-video-720p.webm HTTP/1.1 
Host: megalotto-static.gigmagic.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=0-
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

                                         
                                         172.64.149.99
HTTP/2 206 Partial Content
content-type: video/webm
                                        
date: Wed, 28 Sep 2022 19:54:48 GMT
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Wed, 28 Sep 2022 23:54:48 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 751f08762b14b509-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   1336865
Md5:    63177b286fe4cb8a5431377710ad3715
Sha1:   e762daea246c011e634a226f6062a9a27a344f80
Sha256: ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817
                                        
                                            GET /?type=dealer&type=spclient HTTP/1.1 
Host: apresolve.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         34.98.74.57
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 113
date: Wed, 28 Sep 2022 19:54:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   113
Md5:    8177b209c1130c2cd91e81fc2c8e7f6e
Sha1:   462e71e317321d63d01adbac945ed2026864af08
Sha256: 1603f7622b2f58b0fdc6ada3f7de5f607577854a4e0fd10a80ca0d45eb2be9c9
                                        
                                            GET /img/home-page/glows/purple.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-261"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7437508
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086fced2b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1646258974&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_7F5DDAC8583645A6A3ABEED342A60A19 HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         37.157.4.25
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Wed, 28 Sep 2022 19:54:48 GMT
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: graphql.datocms.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 151
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
authorization: Bearer 35d777e787abbc619166a62135c433
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

                                         
                                         104.22.2.238
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 28 Sep 2022 19:54:48 GMT
cf-ray: 751f08765a77b4f9-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 1958096
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 44
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4333-DUB, cache-cph2320051-CPH
x-timer: S1664394889.715809,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/gamcare.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-dd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34605710
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ebd74b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/gambleaware18.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9834972
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ecd88b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/playAndGo.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31380114
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e7cefb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/relaxGaming.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7437509
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e7cfcb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/mega-checked-badge-new.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-66f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29843129
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ead5fb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/begambleaware.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: W/"6321ea87-18df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16022
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ebd70b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /index.3e5fca25e481a764411c.css HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6831
server: cloudflare
cf-ray: 751f0865b98bb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1 
Host: open.spotify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         35.186.224.25
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
vary: Accept-Encoding
set-cookie: sp_t=e8673b169a2d4892dd6264f1ad1b95b3; path=/; expires=Thu, 28 Sep 2023 19:54:47 GMT; domain=.spotify.com; samesite=none; secure sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3De8673b169a2d4892dd6264f1ad1b95b3%26device%3Ddesktop; path=/; expires=Thu, 29 Sep 2022 19:54:47 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: d09155ee61bab8f7
x-envoy-upstream-service-time: 6
server: envoy
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/home-page/grid-new-2.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 18 Oct 2021 10:20:15 GMT
etag: W/"616d4a5f-3194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29842219
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f08701f3fb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/palms.1f322dbc.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-33a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7438083
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086fff28b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/gamblersanonymous.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7438084
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ebd75b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /igc/megalotto/promotions/filter HTTP/1.1 
Host: megalotto-api.gigmagic.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 47
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 6334a683a6bdece3777c7fef
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

                                         
                                         172.64.149.99
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=0cedd9831f185d4467a29376e3a98c9d; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751f086feb5eb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/index.94a008e8.js HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 19:54:46 GMT
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6831
server: cloudflare
cf-ray: 751f0865c995b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/help-round.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34605710
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086e8d30b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/askgamblers.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-126e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9837115
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ecd8bb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /img/icons/loader.svg HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; btag=656126_7F5DDAC8583645A6A3ABEED342A60A19; _ga=GA1.2.1634512154.1664394885; _gid=GA1.2.1005155385.1664394885; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 19:54:47 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: W/"6321ea87-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16022
vary: Accept-Encoding
server: cloudflare
cf-ray: 751f086ecd8cb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /nb-no?btag=656126_7F5DDAC8583645A6A3ABEED342A60A19 HTTP/1.1 
Host: www.megarush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.22.31.168
HTTP/2 200 OK
content-type: text/html
                                        
date: Wed, 28 Sep 2022 19:54:45 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/; webserver=megarush-prd-64c858bd68-497zf; Domain=www.megarush.com; Path=/; geoip_country=no; Domain=www.megarush.com; Path=/; LanguageCode=nb-no; Domain=www.megarush.com; Path=/; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751f08652887b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---