Report - eu.fndlgifts.click/lt/i13s22/brand/skelbiult/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=e1cdfdaa-de27-44ec-a9e3-54c7095003e1&osv=Windows%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjY0MDI3ODMyIiwiaGFzaCI6IjQxNzNkMTI2MDQ5NjdkOGJjNmE1MWE1ZWM1MzU1OGIwNjJiNDU0MGEifQ==&td=ss.redirectsstm.click&bemobdata=c=0d891d8e-fdb3-4c9e-b586-96f1f2a98bf3..l=e1cdfdaa-de27-44ec-a9e3-54c7095003e1..a=0..b=0..r=ss.redirectsstm.click

Report Overview

Submitted URL
eu.fndlgifts.click/lt/i13s22/brand/skelbiult/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=e1cdfdaa-de27-44ec-a9e3-54c7095003e1&osv=Windows%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjY0MDI3ODMyIiwiaGFzaCI6IjQxNzNkMTI2MDQ5NjdkOGJjNmE1MWE1ZWM1MzU1OGIwNjJiNDU0MGEifQ==&td=ss.redirectsstm.click&bemobdata=c=0d891d8e-fdb3-4c9e-b586-96f1f2a98bf3..l=e1cdfdaa-de27-44ec-a9e3-54c7095003e1..a=0..b=0..r=ss.redirectsstm.click
IP
207.154.225.165
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2022-09-24 13:57:30
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	49 kB	34.120.237.76
rules.quantcount.com	877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	938 B	54.192.137.18
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	104.18.32.68
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	690 B	1.4 kB	142.250.74.3
edge.fullstory.com	2769	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	64 kB	35.201.112.186
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	681 B	139.45.195.8
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	51 kB	142.250.74.72
rs.fullstory.com	2455	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	417 B	35.186.194.58
encore.scdn.co	25928	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	970 B	175 kB	151.101.86.248
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	13.224.245.56
eu.can-get-so.me	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	527 B	338 B	157.90.33.73
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.5 kB	93.184.220.29
sentry.io	2743	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	556 B	404 B	35.188.42.15
open.spotifycdn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	350 kB	151.101.86.249
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	326 B	728 B	23.36.76.226
pxl.qccerttest.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	747 B	13.224.245.20
media.megarushaffiliates.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	1.1 kB	23.36.79.9
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.41.98.34
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.174
megalotto-static.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	886 B	1.4 MB	104.18.38.157
track.adspwretf.click	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	911 B	1.2 kB	3.70.16.242
pixel.quantserve.com	417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	972 B	459 B	91.228.74.166
35.227.234.222	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	204 B	35.227.234.222
graphql.datocms.com	163121	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	971 B	134 kB	104.22.2.238
www.megarush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	34 kB	1.1 MB	172.67.22.147
gew4-spclient.spotify.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.3 kB	35.186.224.17
s2.adform.net	4693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	425 B	37.157.6.235
megalotto-img.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	31 kB	172.64.149.99
scripts.mediamathrdrt.com	273493	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	844 B	172.67.129.58
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	13.224.245.30
ungroudonchan.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	932 B	1.6 kB	139.45.197.238
d3mi6d1ao3fzsg.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	17 kB	108.156.13.188
megalotto-api.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	4.9 kB	172.64.149.99
eu.fndlgifts.click	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	797 B	669 B	207.154.225.165
track.adform.net	3564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	716 kB	37.157.5.142
apresolve.spotify.com	753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	816 B	826 B	34.98.74.57
open.spotify.com	3062	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	491 B	827 B	35.186.224.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-24	medium	ungroudonchan.com	Sinkholed
2022-09-24	medium	ungroudonchan.com	Sinkholed

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039	373 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e94fe87cb0f9b191e8a2f2c0fa5e267a 3c2deb6b38f8cf76c90e2b6bd12161bccbc8ca9b 51c583bce95c19f63dcd7bc23d3cd1267ad6f710e77f1b946717d231c60dbc5f Loading...

	www.megarush.com/js/chunk-vendors.25e1a372.js	326 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/chunk-vendors.25e1a372.js IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 794d5dedcb45f2d9e25097986de4b2d8 a7e6eccff06fea3094cf113b276a0e8ca408eb8a f8063bd1bb6c5549795d3eea5d60aab8e94688fb1b67901a60d4ce921790b4fd Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K4GPX49	152 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K4GPX49 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:28:10 Last Seen2023-03-08 00:33:15 Times Seen1 Hash 6143154bae686f188184a73e574f6afd 8f33f9e6b0340af9882b9e07e04803382784aa06 1fc7d9cff9799f90d47f17bd3fc51a07e8ff0e2d4c42c8756026c9d3c5863320 Loading...

	scripts.mediamathrdrt.com/safeframe	173 B	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash ed2ee4ac79bc7af5967acee3f32c0b7c ce88dc9a9fb3501823b374291671d5016581a8de 975e4354b54fbad37d4342e331a35b41188179551e25da7bd06bda1d5649fb76 Loading...

	track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=\|&ord=278079453505&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&Set1=en-US%7Cen-US%7C1280x1024%7C24	385 B	2023-03-08	2023-03-08
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=\|&ord=278079453505&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 37.157.5.142 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:28:10 Last Seen2023-03-08 00:28:10 Times Seen1 Hash 5623754506feeb7974edc4cdede68f0e c820cf07af8d781fddf2499d2c8a221c2405d265 10264c15bc79af9809fed73306a4dd5fd48165bf82605e8675a2bf07b3621228 Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1002313751&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_48C5271B963F44EF9ECB3BE682F69039	729 B	2023-03-08	2023-03-08
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1002313751&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_48C5271B963F44EF9ECB3BE682F69039 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:28:10 Last Seen2023-03-08 00:28:10 Times Seen1 Hash f447345585c3d6dc8375f12e770ce569 b0ffdb5b76c6f91663ee807fcf43c271d1ca115b 9dbe1ee74ad138484d24c7d83f6da389416e7f118044846477f4412dbb000ba2 Loading...

	open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js	742 kB	2023-03-07	2023-03-08
Pretty URL open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js IP 151.101.86.249 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:53 Last Seen2023-03-08 03:11:50 Times Seen1 Hash 0afe273148d4728a9f38436db36c8431 b264b83d6d750ccddb4603db4b2ac7bc3752ac31 b566eb9e18f40e97326ff40241ad4db171b8183e57058abdb9fcb4f1f0b3bbe0 Loading...

	ungroudonchan.com/4/4598789?ymid=SQStAjm7QhvYjLR54PM9TE&var=074b5bba-80ab-4a33-86df-edbd736e35eb	660 B	2023-03-08	2023-03-08
Pretty URL ungroudonchan.com/4/4598789?ymid=SQStAjm7QhvYjLR54PM9TE&var=074b5bba-80ab-4a33-86df-edbd736e35eb IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:28:10 Last Seen2023-03-08 00:28:10 Times Seen1 Hash be11e948d0f7ef9bccf6c6f465652cf6 1009eeac0973d555de77fa9d66b229dd505a63f7 a671dda446d109ed5cc0e041ac54f0eb31d9bb8e4642465328e363c7feee91a8 Loading...

	rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js	271 B	2023-03-07	2023-03-17
Pretty URL rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js IP 54.192.137.18 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 34e255255d25312b08a2cc8566b5bf38 56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85 1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23 Loading...

	secure.quantserve.com/quant.js	27 kB	2023-03-07	2023-03-17
Pretty URL secure.quantserve.com/quant.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:49:11 Last Seen2023-03-17 12:55:49 Times Seen1 Hash 78ddecc5281a6afd31e701cbc4607581 91f15c2f3080ddccb4aaddcbaceeb6cfc462771b 34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	edge.fullstory.com/s/fs.js	253 kB	2023-03-07	2023-03-08
Pretty URL edge.fullstory.com/s/fs.js IP 35.201.112.186 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:45:05 Last Seen2023-03-08 03:47:02 Times Seen1 Hash 6d6bcf2eb2acba7e9998402d9fc176f5 2eaa929b1b6318b7b3108d59c1497dd6b571ec43 25811fecdea7f61529eac181b06f990d1d6e73eeb61215c00df164621b729282 Loading...

	scripts.mediamathrdrt.com/safeframe	3.6 kB	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash 94ddf5c543e810ada88812cdb346392a a4414d0d384c7d405d8f23fcaf18ee61d8895cce 513a33d7b370a1a09ffe81463bd0575c9d697b21a4f97ef09d25543ddf3bd1b1 Loading...

	www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039	72 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 05767ea3358595f1121304133ca91186 9cc28d62d149415bc7708e7d4c65a0a679017c65 6c8e8873e5f00c38cae3d86f5fe172fe8d8192995d2b7180c9801bbf46d29c12 Loading...

	www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039	70 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 29c52dd8b94963ce070a831157ff78e6 e49e51244fd219ff2191d75aadd3be4bbb8adf35 98a9253151b22574fe7f11829de0f8b5de1f2f5985295cdffe7a3d56fa3dc716 Loading...

	www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039	1.2 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 4b845dcbe67dcf2f08884d22e61ca993 d5df2c0e8e2e49aef3881c2331cc8c2a601d6667 8df185c955c3ece045fce2017142562a3d3b8c678176d86faeab2c8f5307c791 Loading...

	www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039	1.1 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 8d23e75026216948f6f5480cfec43614 19f79c45ee1364682a41bf32d9ed60000977c5e8 82cd2ac7e097cd8a40b29aacebcbdb07b414cf167a11c9c88af7e6733b712efc Loading...

	d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js	16 kB	2023-03-07	2023-03-17
Pretty URL d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js IP 108.156.13.188 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 9f2263de140cc78c0737d17051307016 0174dfe38c88f9e7043b002fb9131c7a71399d77 17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a Loading...

	s2.adform.net/banners/scripts/st/trackpoint-async.js	80 kB	2023-03-07	2023-03-08
Pretty URL s2.adform.net/banners/scripts/st/trackpoint-async.js IP 37.157.6.235 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:03 Last Seen2023-03-08 05:30:10 Times Seen1 Hash 64271612f9771203ff18d1de033d1b31 a36154bbc0392453b207291b5580323c739799b1 faa7c5a62d21d645024e4385c3dfaf01614dffb80b2f51e9aa07b3a35a2c5090 Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1002313751&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_48C5271B963F44EF9ECB3BE682F69039	542 B	2023-03-07	2023-03-17
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1002313751&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_48C5271B963F44EF9ECB3BE682F69039 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 2ccd12d03fad8f3e6cecde40cdd802ba 28d041241344c759642b1788adcf27b0582c7e04 56430687824251353e667ff24b449b626c78df2e3b7da8d829dd1a49b5a2708c Loading...

	www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039	244 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 251b3c4f175a3557d020af7276e3a62c 78d8f5a1fc8fa63a6b05f87b13beb475f68d065a b681075422c11c3cf1edf3e9aac4a0ac48bbe5f5302eeb45f3f63a82e779fe24 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 06:02:05 Times Seen37055923 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039	409 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 1975ca962a84729519ec67c01b3b24a6 343814a3878553f938081eaca8e1acd975420b9d 750dd2532ed69312546d95f623a804e030b3d2d2c1e167be87c746a8c6c0cf14 Loading...

	scripts.mediamathrdrt.com/scripts/b_megarush.js	805 B	2023-03-07	2024-03-29
Pretty URL scripts.mediamathrdrt.com/scripts/b_megarush.js IP 172.67.129.58 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2024-03-29 16:08:03 Times Seen301 Hash 515636fd468eb57dafca110b214b3161 2843400ad362c003c84b007091acd45c7ecf813f b89528e21d6f85cc11459c7b6ec733cb9f9775a351f6dda2597aa76eeca5b761 Loading...

	open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.0bd2e6ee.js	632 kB	2023-03-08	2023-03-08
Pretty URL open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.0bd2e6ee.js IP 151.101.86.249 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:20:06 Last Seen2023-03-08 01:20:08 Times Seen1 Hash 8edf12d4fb0a44acff1dda9d72e9e819 1e303895b9410c56746de79f0446dd749e9e2827 5753c86501b25557a2ded9d0d299ef35bf16c9e2433e65e15c088b089fb12bbc Loading...

	www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039	68 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039 IP 172.67.22.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e239a24babf5dcada90d18e249730189 a03c92a556330ca1c9611eb6d488aacc7889df2e a1e90c45f22ab45026fe49d18aa82a55e295ec4efa4aaf16e3f04365567bc0e2 Loading...

HTTP Transactions (118)

URL IP Response Size

eu.fndlgifts.click/lt/i13s22/brand/skelbiult/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=e1cdfdaa-de27-44ec-a9e3-54c7095003e1&osv=Windows%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjY0MDI3ODMyIiwiaGFzaCI6IjQxNzNkMTI2MDQ5NjdkOGJjNmE1MWE1ZWM1MzU1OGIwNjJiNDU0MGEifQ==&td=ss.redirectsstm.click&bemobdata=c=0d891d8e-fdb3-4c9e-b586-96f1f2a98bf3..l=e1cdfdaa-de27-44ec-a9e3-54c7095003e1..a=0..b=0..r=ss.redirectsstm.click

207.154.225.165

302 Found

0 B

URL HTTP/1.1
eu.fndlgifts.click/lt/i13s22/brand/skelbiult/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=e1cdfdaa-de27-44ec-a9e3-54c7095003e1&osv=Windows%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjY0MDI3ODMyIiwiaGFzaCI6IjQxNzNkMTI2MDQ5NjdkOGJjNmE1MWE1ZWM1MzU1OGIwNjJiNDU0MGEifQ==&td=ss.redirectsstm.click&bemobdata=c=0d891d8e-fdb3-4c9e-b586-96f1f2a98bf3..l=e1cdfdaa-de27-44ec-a9e3-54c7095003e1..a=0..b=0..r=ss.redirectsstm.click
IP
207.154.225.165:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lt/i13s22/brand/skelbiult/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=e1cdfdaa-de27-44ec-a9e3-54c7095003e1&osv=Windows%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjY0MDI3ODMyIiwiaGFzaCI6IjQxNzNkMTI2MDQ5NjdkOGJjNmE1MWE1ZWM1MzU1OGIwNjJiNDU0MGEifQ==&td=ss.redirectsstm.click&bemobdata=c=0d891d8e-fdb3-4c9e-b586-96f1f2a98bf3..l=e1cdfdaa-de27-44ec-a9e3-54c7095003e1..a=0..b=0..r=ss.redirectsstm.click HTTP/1.1
Host: eu.fndlgifts.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 24 Sep 2022 13:57:18 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://track.adspwretf.click/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=e1cdfdaa-de27-44ec-a9e3-54c7095003e1&osv=Windows%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjY0MDI3ODMyIiwiaGFzaCI6IjQxNzNkMTI2MDQ5NjdkOGJjNmE1MWE1ZWM1MzU1OGIwNjJiNDU0MGEifQ==&td=ss.redirectsstm.click&bemobdata=c=0d891d8e-fdb3-4c9e-b586-96f1f2a98bf3..l=e1cdfdaa-de27-44ec-a9e3-54c7095003e1..a=0..b=0..r=ss.redirectsstm.click

firefox.settings.services.mozilla.com/v1/

13.224.245.30

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
13.224.245.30:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 13:05:41 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ba3cc0531c92002d06a895bfb6e3f54.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: _yYAdHuyRUXGMH08-V25CVtcr6w9TWZf4FjX1aPmpqlI0Ea6gUMcxQ==
Age: 3097

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9343
Expires: Sat, 24 Sep 2022 16:33:01 GMT
Date: Sat, 24 Sep 2022 13:57:18 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

13.224.245.56

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
13.224.245.56:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1b5424f4e08ca48fc35e311bea9e9ff6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: m3IccceZjDAtorVTKmgweFsLbsKhdVOvi6Qpv66VMhwboqigocJq_w==
age: 35055
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da0b3103c457627997fd6d25e3253507
244ff79189fb8bbc893e4ec89d3eb3434c3c6bf3
6f06f40553151ec9860a4ad4c37e60ced266ce37195575f3fde09a474a28e002

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F06F40553151EC9860A4AD4C37E60CED266CE37195575F3FDE09A474A28E002"
Last-Modified: Fri, 23 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13930
Expires: Sat, 24 Sep 2022 17:49:28 GMT
Date: Sat, 24 Sep 2022 13:57:18 GMT
Connection: keep-alive

track.adspwretf.click/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=e1cdfdaa-de27-44ec-a9e3-54c7095003e1&osv=Windows%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjY0MDI3ODMyIiwiaGFzaCI6IjQxNzNkMTI2MDQ5NjdkOGJjNmE1MWE1ZWM1MzU1OGIwNjJiNDU0MGEifQ==&td=ss.redirectsstm.click&bemobdata=c=0d891d8e-fdb3-4c9e-b586-96f1f2a98bf3..l=e1cdfdaa-de27-44ec-a9e3-54c7095003e1..a=0..b=0..r=ss.redirectsstm.click

3.70.16.242

302 Found

260 B

URL HTTP/2
track.adspwretf.click/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=e1cdfdaa-de27-44ec-a9e3-54c7095003e1&osv=Windows%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjY0MDI3ODMyIiwiaGFzaCI6IjQxNzNkMTI2MDQ5NjdkOGJjNmE1MWE1ZWM1MzU1OGIwNjJiNDU0MGEifQ==&td=ss.redirectsstm.click&bemobdata=c=0d891d8e-fdb3-4c9e-b586-96f1f2a98bf3..l=e1cdfdaa-de27-44ec-a9e3-54c7095003e1..a=0..b=0..r=ss.redirectsstm.click
IP
3.70.16.242:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with no line terminators
Size
260 B (260 bytes)
Hash
1faee0f17ad921e74bd23ea92ec09173
cb17e17b7d031c2b99d8a7c006e7d0ffdef85995
25dc6a884efb5cb45afa4350dc2b8189f66aea5ae8c63363441dba3496e2f344

HTTP Headers

GET /go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=e1cdfdaa-de27-44ec-a9e3-54c7095003e1&osv=Windows%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjY0MDI3ODMyIiwiaGFzaCI6IjQxNzNkMTI2MDQ5NjdkOGJjNmE1MWE1ZWM1MzU1OGIwNjJiNDU0MGEifQ==&td=ss.redirectsstm.click&bemobdata=c=0d891d8e-fdb3-4c9e-b586-96f1f2a98bf3..l=e1cdfdaa-de27-44ec-a9e3-54c7095003e1..a=0..b=0..r=ss.redirectsstm.click HTTP/1.1
Host: track.adspwretf.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: openresty
date: Sat, 24 Sep 2022 13:57:18 GMT
content-type: text/html; charset=utf-8
content-length: 260
access-control-allow-origin: *
location: https://ungroudonchan.com/4/4598789?ymid=SQStAjm7QhvYjLR54PM9TE&var=074b5bba-80ab-4a33-86df-edbd736e35eb
set-cookie: bemob-uniq-visit:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3=1; Domain=track.adspwretf.click; Path=/; Expires=Sun, 25 Sep 2022 13:57:18 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3:random:bcad9fbed5d562e339b2ddf45707a26c=0-0-10; Domain=track.adspwretf.click; Path=/; Expires=Sun, 25 Sep 2022 13:57:18 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=SQStAjm7QhvYjLR54PM9TE; Domain=track.adspwretf.click; Path=/; Expires=Sun, 25 Sep 2022 13:57:18 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 6.321ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:57:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2a5d1efd4cbedd22e8f682074dc0b163
9273e666bbefcb9971f65efeb9ad8bfb72ed9b94
dd28a4a39b4b51dbc0c9f64f960d7b619490e680a25046f7557477a1a87c2610

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD28A4A39B4B51DBC0C9F64F960D7B619490E680A25046F7557477A1A87C2610"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3399
Expires: Sat, 24 Sep 2022 14:53:57 GMT
Date: Sat, 24 Sep 2022 13:57:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bba085e67dc79a5d7fa489bedbc1d40
a8aff51eb65043726f883a3e5b99fed2ee6e881d
b47f8b1b624bcb0f8f4e0c826d43d75a6e5cf7394c78bb642fb91ec89208ccb2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B47F8B1B624BCB0F8F4E0C826D43D75A6E5CF7394C78BB642FB91EC89208CCB2"
Last-Modified: Sat, 24 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19079
Expires: Sat, 24 Sep 2022 19:15:18 GMT
Date: Sat, 24 Sep 2022 13:57:19 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

13.224.245.30

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
13.224.245.30:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 13:20:46 GMT
Expires: Sat, 24 Sep 2022 13:51:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c168f60079706d202ff05ad02be79d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: UpGzMbqZooBiZ1uYvoHdw-w7i34Upua5G6r8dW1T7r1wG20KiD0lAg==
Age: 2193

ungroudonchan.com/favicon.ico

139.45.197.238

204 No Content

0 B

URL HTTP/2
ungroudonchan.com/favicon.ico
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=69e0c5b7f40b4263a451d0a61c5eabb7; oaidts=1664027838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 24 Sep 2022 13:57:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2

eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597538667191603333&subid1=4598789&cost=0.000281&rdk=rk1

157.90.33.73

302 Found

0 B

URL HTTP/2
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597538667191603333&subid1=4598789&cost=0.000281&rdk=rk1
IP
157.90.33.73:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597538667191603333&subid1=4598789&cost=0.000281&rdk=rk1 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sat, 24 Sep 2022 13:57:19 GMT
content-length: 0
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop
set-cookie: rauid=h6uf9ynwTbuc2xBsFN5SQQ; expires=Sun, 24 Sep 2023 13:57:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop

35.227.234.222

302 Found

0 B

URL HTTP/1.1
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop
IP
35.227.234.222:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 24 Sep 2022 13:57:19 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 13:57:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=447481,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fc074adb5d0b59-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3500
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:57:19 GMT
Last-Modified: Sat, 24 Sep 2022 12:58:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575

23.36.79.9

301 Moved Permanently

0 B

URL HTTP/2
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP
23.36.79.9:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 24 Sep 2022 13:57:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 13:57:19 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664027839384)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C20229241357%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%225084427%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Mon, 24-Sep-3021 13:57:19 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=43
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=merge&userId=69e0c5b7f40b4263a451d0a61c5eabb7

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=69e0c5b7f40b4263a451d0a61c5eabb7
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /img.gif?f=merge&userId=69e0c5b7f40b4263a451d0a61c5eabb7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=69e0c5b7f40b4263a451d0a61c5eabb7; expires=Sun, 24 Sep 2023 13:57:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3144f1238bfc47b688919ec2fb2f1d9a
06a32006bbb1e0f1c44bba6c86c01fe8b6c7e83e
d6010e4a702073c58b5db4014bef15694f2e550dcb261b6e7c508ec29bfbc388

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3708
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:57:19 GMT
Last-Modified: Sat, 24 Sep 2022 12:55:31 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

www.megarush.com/fonts/Inter-ExtraBold.woff2

172.67.22.147

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-ExtraBold.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Size
10 kB (10484 bytes)
Hash
d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c

HTTP Headers

GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: font/woff2
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 5098
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc074cf9e3b511-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Bold.woff2

172.67.22.147

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Bold.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Size
10 kB (10508 bytes)
Hash
a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37

HTTP Headers

GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: font/woff2
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 5098
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc074cf9e5b511-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/DS-Digital.woff2

172.67.22.147

200 OK

776 B

URL HTTP/2
www.megarush.com/fonts/DS-Digital.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Size
776 B (776 bytes)
Hash
789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248

HTTP Headers

GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: font/woff2
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4872
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc074d09ecb511-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Regular.woff2

172.67.22.147

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Regular.woff2
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Size
10 kB (10108 bytes)
Hash
5ec57a5a91c67095e4a7e91ac375ffb1
23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5

HTTP Headers

GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: font/woff2
content-length: 10108
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 5100
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc074d09e9b511-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-K4GPX49

142.250.74.72

200 OK

51 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (23513)
Size
51 kB (50636 bytes)
Hash
992a752a333e45b80b80623d81d39cdc
fcf3332eee49d915a21d8f6e5d09b9fd9790bcc6
0507c4756671fac87360f60326d681a7ee448a1a9a44235fbd12b62f76c0464b

HTTP Headers

GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 13:57:19 GMT
expires: Sat, 24 Sep 2022 13:57:19 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.megarush.com/base.css

172.67.22.147

200 OK

1.8 kB

URL HTTP/2
www.megarush.com/base.css
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.8 kB (1828 bytes)
Hash
522c6eda0c54f54a317f51e4818aca05
7254775da5315a5c69dbd870d8be5e4e3ec21db0
232745ac6ae47c9c1d49c7ca199a5ee05b71bbae3bd853e7f2fdacb211aaa5eb

HTTP Headers

GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Tue, 20 Sep 2022 19:46:31 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 96
server: cloudflare
cf-ray: 74fc074d09edb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.41.98.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.98.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qTj2oO5rBZA5mCppzSIOZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Yoo8uYTgoggbGa8mozn07Oiete4=

www.megarush.com/index.3e5fca25e481a764411c.css

172.67.22.147

200 OK

34 kB

URL HTTP/2
www.megarush.com/index.3e5fca25e481a764411c.css
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
34 kB (33577 bytes)
Hash
ad2c7b279c2e86447af42035b3f18fef
4c6f652ec35c5bbb305d390d7b4eabea9fcb6f51
875568fd661905ba7699f62b98fd40fa0cf16f11c73f7c3e791bde9118623526

HTTP Headers

GET /index.3e5fca25e481a764411c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 308
server: cloudflare
cf-ray: 74fc074d09f4b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/js/index.94a008e8.js

172.67.22.147

200 OK

284 kB

URL HTTP/2
www.megarush.com/js/index.94a008e8.js
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
284 kB (284020 bytes)
Hash
24c0a531f310f793ebf1ba5d187e382f
c196860ef8269e6b2d3382b2072ccb6374fbac03
82634896921d6cd9a0b5cb7ec136a7b01efc6e95e39493e00dec697984bbdca5

HTTP Headers

GET /js/index.94a008e8.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 308
server: cloudflare
cf-ray: 74fc074d1a04b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/favicons/favicon-194x194.png

172.67.22.147

200 OK

12 kB

URL HTTP/2
www.megarush.com/favicons/favicon-194x194.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11668 bytes)
Hash
3bc9ecb2b8d9e78d83d49da52c0292fc
b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c

HTTP Headers

GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: image/png
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34237982
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc074fdcf2b511-OSL
X-Firefox-Spdy: h2

www.megarush.com/favicons/favicon-16x16.png

172.67.22.147

200 OK

437 B

URL HTTP/2
www.megarush.com/favicons/favicon-16x16.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
437 B (437 bytes)
Hash
914b291e561aafc860f86bc23c4065f1
b47bda2b8d530bbaead0fbcba219ac18247d1410
08f8a35ac0dda8a81618b381bfc0747ac80e022c0ff44dcb4d8d153dad724b45

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: image/png
content-length: 437
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-1b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7071423
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc074fdcf3b511-OSL
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 24 Sep 2022 12:41:09 GMT
expires: Sat, 24 Sep 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 4571
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
82db53eefc48dfca8cb998427a0bcc8e
7174a3d479ad51c7a0acac5a804cadbd1b0c16d8
b7f270699334895cd526e18412d366dcb647492e03cef6f1f3f76b41e0841bca

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:57:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3434a19a96aa1878bf16f9d6a4778751
83d3faa48a298ad98616fadcc0840e27d6714acd
abd868eed9cbdd0978cb884df547dd64e7e18c186be6b1bfddc8100905468c6e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:57:20 GMT
Last-Modified: Sat, 24 Sep 2022 13:08:06 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js

108.156.13.188

200 OK

16 kB

URL HTTP/1.1
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP
108.156.13.188:0
ASN
#0

File type
ASCII text, with very long lines (16536)
Size
16 kB (16537 bytes)
Hash
9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a

HTTP Headers

GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 11:24:13 GMT
ETag: "9f2263de140cc78c0737d17051307016"
X-Cache: Hit from cloudfront
Via: 1.1 a64b49e5551565c12c7314b5e4419ba4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL51-P1
X-Amz-Cf-Id: 2LYhGtMZExbCWRlSyesMeuzxqT3_neEQ9y6C_IEdldeh8ftB2gzecA==
Age: 9188

edge.fullstory.com/s/fs.js

35.201.112.186

200 OK

63 kB

URL HTTP/2
edge.fullstory.com/s/fs.js
IP
35.201.112.186:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65410)
Size
63 kB (63203 bytes)
Hash
edaddb07c1ac69eeace0618371748121
d6a2dd58b9b4d56425a1391e0ce2354b85d27b13
2853842ec4546df8fa58052aa6715ea4b8321bbbaea78b32d1682a93b009b44b

HTTP Headers

GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycds0BocG3zG_AfkFsJeewFTSSJPORtlda8_2aMT7XyrhDO_2IX1NOMuL0Ju253dzDnE2Lvzz7jTLcP68v1yQordOTg
x-goog-generation: 1663785557634490
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 63203
content-encoding: br
x-goog-hash: crc32c=S3DyuA==, md5=7a3bB8Gsae6s4GGDcXSBIQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 63203
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Sat, 24 Sep 2022 13:53:54 GMT
expires: Sat, 24 Sep 2022 14:53:54 GMT
cache-control: public, max-age=3600,no-transform
age: 206
last-modified: Wed, 21 Sep 2022 18:39:17 GMT
etag: "edaddb07c1ac69eeace0618371748121"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j97&a=1531344283&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEBAAEABAAAAAC~&jid=1577727875&gjid=1351870088&cid=921293711.1664027839&tid=UA-143790984-2&_gid=2098096337.1664027839&_r=1&gtm=2wg9l0K4GPX49&z=1880007775

142.250.74.174

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j97&a=1531344283&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEBAAEABAAAAAC~&jid=1577727875&gjid=1351870088&cid=921293711.1664027839&tid=UA-143790984-2&_gid=2098096337.1664027839&_r=1&gtm=2wg9l0K4GPX49&z=1880007775
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j97&a=1531344283&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&ul=en-us&de=UTF-8&dt=MegaRush&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&ec=undefined&ea=undefined&_u=YEBAAEABAAAAAC~&jid=1577727875&gjid=1351870088&cid=921293711.1664027839&tid=UA-143790984-2&_gid=2098096337.1664027839&_r=1&gtm=2wg9l0K4GPX49&z=1880007775 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.megarush.com
date: Sat, 24 Sep 2022 13:57:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
82db53eefc48dfca8cb998427a0bcc8e
7174a3d479ad51c7a0acac5a804cadbd1b0c16d8
b7f270699334895cd526e18412d366dcb647492e03cef6f1f3f76b41e0841bca

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:57:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632f0cbe06b03420a86dd374

172.64.149.99

101 Switching Protocols

0 B

URL HTTP/1.1
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632f0cbe06b03420a86dd374
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632f0cbe06b03420a86dd374 HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eKaB+5prB6IpmXf9ZLXvRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Sat, 24 Sep 2022 13:57:20 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: duC/08IgBGp2drdiMGKW2PZc930=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=ec165fe678b48342d2debd4134e1852b; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fc07500a54b4eb-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d9eff21729a0c32955af875ed373b4b0
308b854f40b1f64aa2acfd290d19949530d44c34
46894d8a5b637e4f3bb5e22980e12cd28d07c484f89999ef99917f8371d0491c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46894D8A5B637E4F3BB5E22980E12CD28D07C484F89999EF99917F8371D0491C"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5638
Expires: Sat, 24 Sep 2022 15:31:18 GMT
Date: Sat, 24 Sep 2022 13:57:20 GMT
Connection: keep-alive

rs.fullstory.com/rec/page

35.186.194.58

202 Accepted

76 B

URL HTTP/2
rs.fullstory.com/rec/page
IP
35.186.194.58:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
76 B (76 bytes)
Hash
483ffa09cea154d304956a80f8b6b0cc
8c4675aeda7de53c381d4027ac239f0ea83a82ca
39cd29318acd06252db1fc7edf14ce35ebbd083cf672cd371bb0e40340370f08

HTTP Headers

POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 375
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 13:57:20 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d9eff21729a0c32955af875ed373b4b0
308b854f40b1f64aa2acfd290d19949530d44c34
46894d8a5b637e4f3bb5e22980e12cd28d07c484f89999ef99917f8371d0491c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46894D8A5B637E4F3BB5E22980E12CD28D07C484F89999EF99917F8371D0491C"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5638
Expires: Sat, 24 Sep 2022 15:31:18 GMT
Date: Sat, 24 Sep 2022 13:57:20 GMT
Connection: keep-alive

megalotto-static.gigmagic.io/translations/no.json

104.18.38.157

200 OK

75 kB

URL HTTP/2
megalotto-static.gigmagic.io/translations/no.json
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Size
75 kB (75076 bytes)
Hash
c2bbcc94bb88bd8501e783cb5309f53a
0866706258d25179ff9f25f1185d54e8a9222eec
dc6d64b029ac273b3bfb1434db5f41e784532e7896343388fc5635fdbbd91cd2

HTTP Headers

GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: application/json; charset=utf-8
content-length: 75076
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 20 Sep 2022 12:59:05 GMT
etag: "c2bbcc94bb88bd8501e783cb5309f53a"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fc0750d90fb4ee-OSL
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=278079453505&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&Set1=en-US%7Cen-US%7C1280x1024%7C24

37.157.5.142

200 OK

389 B

URL HTTP/2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=278079453505&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
37.157.5.142:0
ASN
#198622 Adform A/S

File type
ASCII text, with CRLF line terminators
Size
389 B (389 bytes)
Hash
5a74017103df4d39794cc8c72bfa131f
b277bb2fea9d6f2f72874dbcfa1dc93bb2eee8c2
0e23ab2e64a803eed74830dae35b6b0296f53c216d74301bafe7f9cadebd6537

HTTP Headers

GET /Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=278079453505&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: text/javascript; charset=utf-8
content-length: 389
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-4.png

172.67.22.147

200 OK

786 B

URL HTTP/2
www.megarush.com/img/home-page/coin-2-4.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Size
786 B (786 bytes)
Hash
dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09

HTTP Headers

GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31013236
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752b894b511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-2.png

172.67.22.147

200 OK

2.2 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-2.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Size
2.2 kB (2192 bytes)
Hash
c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca

HTTP Headers

GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7070462
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752b895b511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-3.png

172.67.22.147

200 OK

1.8 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-3.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1807 bytes)
Hash
fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680

HTTP Headers

GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9474225
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752b89db511-OSL
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

104.18.38.157

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=a97e9b23ef57e88ea120d9331828b0a7; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fc07526b18b4ee-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-1.png

172.67.22.147

200 OK

3.5 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-2-1.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Size
3.5 kB (3452 bytes)
Hash
09e800f81a52a109cbf3a8b2f8e727bf
d44509cdbddce4991b70f10276c47786e9993d0b
8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376

HTTP Headers

GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31013236
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752d8d7b511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/mega-jackpots.png

172.67.22.147

200 OK

64 kB

URL HTTP/2
www.megarush.com/img/home-page/mega-jackpots.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Size
64 kB (63747 bytes)
Hash
b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d

HTTP Headers

GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9467766
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752d8ceb511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-2.png

172.67.22.147

200 OK

2.6 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-2-2.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 61 x 69, 8-bit colormap, non-interlaced\012- data
Size
2.6 kB (2616 bytes)
Hash
bba9175cb7f05129ab03029f757b73ec
3efab582d082e5eb7f9ad9106f564c6f95e1fcc0
5ec2a2d82d3f356dcda627c1858e64278702b9c348f707287c9e72d0cbe05ad7

HTTP Headers

GET /img/home-page/coin-2-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 2616
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-a38"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9470068
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752d8d9b511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-1.png

172.67.22.147

200 OK

4.4 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-1.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4434 bytes)
Hash
3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6

HTTP Headers

GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31013236
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752d8dbb511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/relaxGaming.svg

172.67.22.147

200 OK

24 kB

URL HTTP/2
www.megarush.com/img/icons/relaxGaming.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
24 kB (24066 bytes)
Hash
5bb968bfe72e9e26155dbc32c2bede58
39b4e058c716a17382c7cec9410a2eb27ba742e3
6fcb85b7703b937704272e3a4c3481a16768f0695b9f3443569a4c1151b1891b

HTTP Headers

GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7070462
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752c8b0b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-1-1.png

172.67.22.147

200 OK

4.3 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-1-1.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4257 bytes)
Hash
214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0

HTTP Headers

GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31013236
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752d8d1b511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/benefits/loyalty.png

172.67.22.147

200 OK

9.7 kB

URL HTTP/2
www.megarush.com/img/benefits/loyalty.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Size
9.7 kB (9659 bytes)
Hash
df4d6dc1ebb3bbbace8d15ec77486d46
287e7185a17258c716cbf616aa95287c0db255a9
a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8

HTTP Headers

GET /img/benefits/loyalty.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 9659
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9470068
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752e8e0b511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/pragmaticPlay.svg

172.67.22.147

200 OK

13 kB

URL HTTP/2
www.megarush.com/img/icons/pragmaticPlay.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
13 kB (12998 bytes)
Hash
cb4bb6f6b783f3e3e59ecbfd6abdf3d8
314c4a958e4da321668e71d9a06de773dcd72976
9dff01d6755618191aca6e26e828a5ca3f8ae86acf96b7b489fb3f0b54e330a6

HTTP Headers

GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9306859
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752d8cbb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/feel-the-rush.png

172.67.22.147

200 OK

49 kB

URL HTTP/2
www.megarush.com/img/home-page/feel-the-rush.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data
Size
49 kB (48691 bytes)
Hash
141c6d0e374b086cf1d604173cb607c8
9e5531e6e26ad4cb621dd35d9521b167ce99ca53
c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2

HTTP Headers

GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 48691
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31013236
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752f8f3b511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/affiliates/norges-casino.png

172.67.22.147

200 OK

12 kB

URL HTTP/2
www.megarush.com/img/affiliates/norges-casino.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data
Size
12 kB (12111 bytes)
Hash
453efb7650d4c514229ddc7cb4b5d04f
f00e51876a720516521db90908019e5ccebe0397
d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e

HTTP Headers

GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 12111
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34238664
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752f8fcb511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/affiliates/online-gamblers.png

172.67.22.147

200 OK

14 kB

URL HTTP/2
www.megarush.com/img/affiliates/online-gamblers.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14178 bytes)
Hash
9c612bb3dbe37436b86ec881eecb90c4
45722b1f16d3b61f2803fa3bb78403414bd3a442
e92c2f751a6eddbd489bf745193c6af18af7d1f270396f0a0d40efc778c5672c

HTTP Headers

GET /img/affiliates/online-gamblers.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 14178
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-3762"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34238664
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752f8fbb511-OSL
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/promotions/filter

104.18.38.157

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=a97e9b23ef57e88ea120d9331828b0a7; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fc07529b55b4ee-OSL
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=|&ord=278079453505&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&Set1=en-US%7Cen-US%7C1280x1024%7C24

37.157.5.142

302 Found

714 kB

URL HTTP/2
track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=|&ord=278079453505&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
37.157.5.142:0
ASN
#198622 Adform A/S

File type
data
Size
714 kB (714379 bytes)
Hash
31e48b5ab18b81775f3047e221b83a60
69ef3b410296afef5beb898258ca5189a6be489a
811da45845e590afcd24bfce99d427afea3f5b9f51a3c6b4b34b61232a7a9e6b

HTTP Headers

GET /Serving/TrackPoint/?pm=2381934&ADFdivider=|&ord=278079453505&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=278079453505&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_48C5271B963F44EF9ECB3BE682F69039&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Mon, 24-Oct-2022 13:57:20 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ff6e4a98d51a75aff0b68e04df533756
3e0f980f4494884e178b3698e9cfad77e7c010a3
56bbd6ddf21bed45e41622b35a8eb48727a542eec8ea73a6425d33e9c439bb79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:57:20 GMT
Last-Modified: Sat, 24 Sep 2022 12:45:44 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png

172.64.149.99

200 OK

31 kB

URL HTTP/2
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, AVIF Image\012- data
Size
31 kB (30644 bytes)
Hash
a120f99e6d07b9526d8720e520942423
57edcb554c28a5787dd54c7f64b12ce9b7007d9b
c006a30b946ca1a403a8eaca8cdf20fa22b9ea6912b59023689f6aa65c83b137

HTTP Headers

GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 06 Sep 2022 09:45:02 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 66cd5b3423986c504740641be9f0a18ddd2feace
x-imgix-render-farm: 01.1072
age: 1570338
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-ams12777-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fc07534aa7b505-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/promotions--flat.svg

172.67.22.147

200 OK

6.7 kB

URL HTTP/2
www.megarush.com/img/icons/promotions--flat.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.7 kB (6749 bytes)
Hash
990f23f7f76b18fd52ff1fc528774f45
1250a5b70cea1c05c1327375b3c737462c968b8d
dd6aadcf95932de1f5d40b2d62dc02093639da0d2edab2c755c58701c137cbb0

HTTP Headers

GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17963535
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0753a9d7b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/smoke-2-small.png

172.67.22.147

200 OK

4.2 kB

URL HTTP/2
www.megarush.com/img/home-page/smoke-2-small.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 316 x 126, 4-bit colormap, non-interlaced\012- data
Size
4.2 kB (4245 bytes)
Hash
8361a76edf079ca44cd5c81d537c4ba0
b653ecb4ecaef4df2658c460be005f762ae203fb
e57046600ea12b7c2803f5d01c02595de1e29dca15981a2a278b916a9f62a5b0

HTTP Headers

GET /img/home-page/smoke-2-small.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 4245
last-modified: Mon, 11 Jul 2022 12:54:28 GMT
etag: "62cc1d84-1095"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6366761
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0754db0db511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/smoke-1-medium.png

172.67.22.147

200 OK

35 kB

URL HTTP/2
www.megarush.com/img/home-page/smoke-1-medium.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 317, 8-bit gray+alpha, non-interlaced\012- data
Size
35 kB (35333 bytes)
Hash
109f267221e2cee94514a7efaebd29a9
a2e8d66e2f36d10fbdb7e78e42aefaffdfdbf7f2
72d4591ac99f7e8c9d7bbd20af81a880c6b66a6632772d6f0f085656afb3b801

HTTP Headers

GET /img/home-page/smoke-1-medium.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 35333
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: "61656602-8a05"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29992243
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0754db1ab511-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/smoke-2.png

172.67.22.147

200 OK

75 kB

URL HTTP/2
www.megarush.com/img/home-page/smoke-2.png
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1187 x 471, 8-bit/color RGBA, non-interlaced\012- data
Size
75 kB (74825 bytes)
Hash
b52d54230805a82ccdbc1484c6bde4aa
73fcb683ec6b5598a0b89138843c479d5f479fe0
97b1cfcdf70c6c432984de8f4c9350281c61d6503bd8cd1add15e46ea359eade

HTTP Headers

GET /img/home-page/smoke-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/png
content-length: 74825
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-12449"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9474225
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0754db1db511-OSL
X-Firefox-Spdy: h2

www.megarush.com/js/chunk-vendors.25e1a372.js

172.67.22.147

200 OK

159 kB

URL HTTP/2
www.megarush.com/js/chunk-vendors.25e1a372.js
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
159 kB (159148 bytes)
Hash
a9d5a4af20888245694f423f4f8a5be7
3dbb79f16a7ae157342f8503dbd74321d1354daa
181151212a84208d22ce2caf5cc8c45a5806f852dd1414d52b368d8dc515a79b

HTTP Headers

GET /js/chunk-vendors.25e1a372.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 371
server: cloudflare
cf-ray: 74fc074d09f9b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/netent.svg

172.67.22.147

200 OK

84 kB

URL HTTP/2
www.megarush.com/img/icons/netent.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
84 kB (84380 bytes)
Hash
f7b62c279c9d910bd02a3157f5f57038
b487151865f43019d49cf17644f85a500f2e81ce
ee931b040d0a2d8157fa9d5f47b6fe5f8b9a63718db98622fac10c637fa18448

HTTP Headers

GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9475506
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752d8c9b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12573
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 13:57:20 GMT
Connection: keep-alive

megalotto-api.gigmagic.io/igc/megalotto/promotions/filter

104.18.38.157

200 OK

2.5 kB

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.5 kB (2468 bytes)
Hash
d5a12964c4e1e5fb268c3cf4e010a4c5
bb357c947ec58e9fca297936579dec2ccf156d5a
382f32454c8fcc7660402ffeb83b6bc9d4fd5575b53a4305ddfc3453832bdea4

HTTP Headers

POST /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 632f0cbe06b03420a86dd374
Origin: https://www.megarush.com
Content-Length: 47
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=a97e9b23ef57e88ea120d9331828b0a7; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fc07531bf9b4ee-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/chunk-vendors.76e8e4d0.css

172.67.22.147

200 OK

5.8 kB

URL HTTP/2
www.megarush.com/chunk-vendors.76e8e4d0.css
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.8 kB (5825 bytes)
Hash
9960f253b27d44a6e2c94f9d73bfc3d1
b97785e7ec33ba693eb985288dc7105f3b4dd6be
a1cc4036a87f281efce1446010d1819d1cb3f50c2601e44caeaf2c633a130a9d

HTTP Headers

GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 371
server: cloudflare
cf-ray: 74fc074d09f3b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/logo.4c52d90d.svg

172.67.22.147

200 OK

1.6 kB

URL HTTP/2
www.megarush.com/img/logo.4c52d90d.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.6 kB (1578 bytes)
Hash
78010f3ca129ab4daff4dc8f16ec76c1
6f7ea2af199ad4191a51da5e3afbc75eca17d6b9
c68d6bbf80f941ae9c4b4e44656d8c92a4bc48b01e3d685196565e3e73c46e46

HTTP Headers

GET /img/logo.4c52d90d.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-931"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9470068
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0754eb36b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9935 bytes)
Hash
55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 57810
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/blue-jackpot.svg

172.67.22.147

200 OK

11 kB

URL HTTP/2
www.megarush.com/img/home-page/glows/blue-jackpot.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
11 kB (10660 bytes)
Hash
be8c86b7a14d84181f8b55aa6e0d7912
c0718e778efcef3819dc6db2a7064c5f9aa10c70
600e762d4f7fd27a0fe91f429f5cb36503e33c8f528cd0b84dc504e2a7935956

HTTP Headers

GET /img/home-page/glows/blue-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29992270
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0754eb20b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10032 bytes)
Hash
aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 57624
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6386 bytes)
Hash
d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 57884
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.megarush.com/img/icons/askgamblers.svg

172.67.22.147

200 OK

12 kB

URL HTTP/2
www.megarush.com/img/icons/askgamblers.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
12 kB (11705 bytes)
Hash
1ea7f61df7229156884eb3aed2e7a43a
74f4054fec5b29ef3f2baeb1ca0eaed173ca7f76
6f57d011cf0eea4093f5ec1f7ea7fe00c86c84c86c44ceb2e9369728a2ae54e7

HTTP Headers

GET /img/icons/askgamblers.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-126e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9470068
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc07542a51b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8354 bytes)
Hash
e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dXqPCGTGK8gW86McTltPuNYKXQgUuSqcL_XbyRQitinH5LsUscmU2w==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 58171
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/grid-new-1.svg

172.67.22.147

200 OK

66 kB

URL HTTP/2
www.megarush.com/img/home-page/grid-new-1.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
66 kB (66321 bytes)
Hash
bcbf08a2f69ac752877cbf97c5743e17
666271a91ef2f9b89340ae4575d4d6b0ff10c2a1
ca39a9a52b25347bdd92228b4c75804dc4d13d12aaa22109cd3ab895cfcbeae9

HTTP Headers

GET /img/home-page/grid-new-1.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-31bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9474225
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0754db1cb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css

151.101.86.249

200 OK

3.5 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (23516), with no line terminators
Size
3.5 kB (3509 bytes)
Hash
9d04a5c053836e9cdaaed792e0e6a744
95a0d88c66706407a87daf0b82296ef68ea01444
7977dfdb15f2ab9ea2d9c3822a180b63428e43b5d199617d7a4d3e5fa741341c

HTTP Headers

GET /cdn/build/embed-legacy/embed-legacy.831fa035.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3509
Last-Modified: Mon, 25 Jul 2022 10:32:22 GMT
ETag: "9d04a5c053836e9cdaaed792e0e6a744"
x-goog-generation: 1658745142507438
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3509
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sat, 24 Sep 2022 13:57:20 GMT
Age: 5282486
X-Served-By: cache-chi-kigq8000063-CHI, cache-bma1665-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 19236
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.0bd2e6ee.js

151.101.86.249

200 OK

128 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.0bd2e6ee.js
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
128 kB (128502 bytes)
Hash
7df9c0e817e6c590d425318e45cc7018
75b39efa29d69ed2be22d8fd194bb40c6407fec5
cf21f0bce2562d0c21fb677b9ad35bcabb3f4730e7edf3963b32d2798fd24f73

HTTP Headers

GET /cdn/build/embed-legacy/embed-legacy.0bd2e6ee.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 128502
Last-Modified: Sat, 24 Sep 2022 06:54:26 GMT
ETag: "7df9c0e817e6c590d425318e45cc7018"
x-goog-generation: 1664002466831402
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 128502
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sat, 24 Sep 2022 13:57:20 GMT
Age: 25095
X-Served-By: cache-chi-kigq8000173-CHI, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 28
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js

151.101.86.249

200 OK

216 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
216 kB (216408 bytes)
Hash
6cfb055add86ca9eaec1ea804e296841
2428216fd79584b06b3ff68babf3af39ac66bd60
771e7bc985b7d1826034161d255037b8ecdb3d693379ade56e24664712d7d3c8

HTTP Headers

GET /cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 216408
Last-Modified: Fri, 23 Sep 2022 13:58:28 GMT
ETag: "6cfb055add86ca9eaec1ea804e296841"
x-goog-generation: 1663941508891823
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 216408
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sat, 24 Sep 2022 13:57:20 GMT
Age: 86118
X-Served-By: cache-chi-klot8100040-CHI, cache-bma1631-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 4
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ae581badf3b61d74e3e25f90aed4257
8cdd715c29f4c9d69aaa2f58a317e4d09c6c1f89
9a6823b6c08d35ba73194b49f9e8c70a3bf676527e47af22c4c267c34e07367a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:57:21 GMT
Last-Modified: Sat, 24 Sep 2022 12:17:56 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

www.megarush.com/img/icons/playAndGo.svg

172.67.22.147

200 OK

1.9 kB

URL HTTP/2
www.megarush.com/img/icons/playAndGo.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.9 kB (1914 bytes)
Hash
4702eaab64152223814e2bc418fd007f
07a340f8c9308bd95bf92621e3f63bbf1c75bf13
c3338f94d477554677b1270b523776f486040c1303860861317fbdb1c2edc22c

HTTP Headers

GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31013067
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0752b8a0b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
3bfa23872531b78193bc68ec913de72f
abd700287c8e9edcf4656b6c9bd34d02895b10fb
42aab877f9c25df9eb99949657431e7198a4db9bdf6c3fe06b025db8577bead7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "42AAB877F9C25DF9EB99949657431E7198A4DB9BDF6C3FE06B025DB8577BEAD7"
Last-Modified: Fri, 23 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1194
Expires: Sat, 24 Sep 2022 14:17:15 GMT
Date: Sat, 24 Sep 2022 13:57:21 GMT
Connection: keep-alive

graphql.datocms.com/

104.22.2.238

200 OK

0 B

URL HTTP/2
graphql.datocms.com/
IP
104.22.2.238:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:21 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.megarush.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74fc0758ec5c1c02-OSL
X-Firefox-Spdy: h2

encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2

151.101.86.248

200 OK

84 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
data
Size
84 kB (84088 bytes)
Hash
4eaffdf96f4c6f984686e93d5d9cb325
8c576f620ae00a66282d8eb10dc2eb580888aaf1
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6

HTTP Headers

GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 84088
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: W/"f7b12903dd7a2d536ceb2b7cd1dba2c1"
x-goog-generation: 1652441931211351
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 84027
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Sat, 24 Sep 2022 13:57:21 GMT
Age: 394612
X-Served-By: cache-chi-klot8100099-CHI, cache-bma1637-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 4, 29
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

109 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
109 B (109 bytes)
Hash
b28fb9adde8e1862478c9fdcca06cedf
0bd9ebc4a3e9635a9a38464b2b68d6ce86a3a96e
06c304863764dc9a79303a9c1abf4257930418f7486817e3f8a9ac4a2d5f6b6e

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 109
date: Sat, 24 Sep 2022 13:57:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2

151.101.86.248

200 OK

90 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
data
Size
90 kB (89536 bytes)
Hash
fe1cfc14b7498b187c78fa72fb72d148
6bec8ce832951162e0ebc4b257e3ee850fe7aade
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879

HTTP Headers

GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Sat, 24 Sep 2022 13:57:21 GMT
Age: 1105862
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1637-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 4
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

graphql.datocms.com/

104.22.2.238

200 OK

132 kB

URL HTTP/2
graphql.datocms.com/
IP
104.22.2.238:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
132 kB (131473 bytes)
Hash
0a0beb358f4f21ca23131a5f791a0258
52daa6d54687b82532427438e4bce02fb66eddbd
8f8b8b6395dc6232b333ae0dab15bb8a4bb90932f9600649e4257b1c5c8fb006

HTTP Headers

POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
authorization: Bearer 35d777e787abbc619166a62135c433
Content-Length: 151
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:21 GMT
content-type: application/json; charset=utf-8
cf-ray: 74fc0758fc691c02-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 1591049
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 39
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4336-DUB, cache-bma1633-BMA
x-timer: S1664027841.458973,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2

rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js

54.192.137.18

200 OK

271 B

URL HTTP/2
rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
IP
54.192.137.18:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
271 B (271 bytes)
Hash
34e255255d25312b08a2cc8566b5bf38
56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23

HTTP Headers

GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sat, 24 Sep 2022 13:20:27 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e7d7493b05b69b0a79cf885a2853ae6e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C5
x-amz-cf-id: pjGSyEqWWMWgZ-07xMS_Ct1b6I2vqyp4lj7xJ0IJy8kMt_aoaV2DDA==
age: 2253
X-Firefox-Spdy: h2

pxl.qccerttest.com/pixel?r=1258954181;fpan=1;fpa=P0-130054827-1664027840564;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664027840564;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1002313751%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_48C5271B963F44EF9ECB3BE682F69039;ogl=

13.224.245.20

200 OK

35 B

URL HTTP/2
pxl.qccerttest.com/pixel?r=1258954181;fpan=1;fpa=P0-130054827-1664027840564;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664027840564;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1002313751%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_48C5271B963F44EF9ECB3BE682F69039;ogl=
IP
13.224.245.20:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel?r=1258954181;fpan=1;fpa=P0-130054827-1664027840564;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664027840564;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1002313751%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_48C5271B963F44EF9ECB3BE682F69039;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 06:11:47 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 dc0383f8a7f988bb3d615f033fbb4aac.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: jAFG-RqvivnESjjPiTAoFJOeWcKTnaHYG5wUSW3qqhRx9ydPd6Cp-g==
age: 29364
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

pixel.quantserve.com/pixel;r=1514759492;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1002313751%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_48C5271B963F44EF9ECB3BE682F69039;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-130054827-1664027840564;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664027840566;tzo=0;ogl=;ses=7c96c3ee-0021-4cff-a5f2-6bdd4d38e3a1

91.228.74.166

200 OK

35 B

URL HTTP/2
pixel.quantserve.com/pixel;r=1514759492;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1002313751%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_48C5271B963F44EF9ECB3BE682F69039;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-130054827-1664027840564;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664027840566;tzo=0;ogl=;ses=7c96c3ee-0021-4cff-a5f2-6bdd4d38e3a1
IP
91.228.74.166:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel;r=1514759492;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1002313751%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_48C5271B963F44EF9ECB3BE682F69039;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-130054827-1664027840564;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1664027840566;tzo=0;ogl=;ses=7c96c3ee-0021-4cff-a5f2-6bdd4d38e3a1 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:21 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=632f0cc1-bbef9-2bf76-e6016; expires=Wed, 25-Oct-2023 13:57:21 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Sat, 24 Sep 2022 13:57:21 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Sat, 24 Sep 2022 13:57:21 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Sat, 24 Sep 2022 13:57:21 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1

35.188.42.15

200 OK

2 B

URL HTTP/1.1
sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1
IP
35.188.42.15:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 13:57:21 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Sat, 24 Sep 2022 13:57:21 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/video/header-video-720p.webm

104.18.38.157

206 Partial Content

1.3 MB

URL HTTP/2
megalotto-static.gigmagic.io/video/header-video-720p.webm
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.3 MB (1336865 bytes)
Hash
63177b286fe4cb8a5431377710ad3715
e762daea246c011e634a226f6062a9a27a344f80
ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817

HTTP Headers

GET /video/header-video-720p.webm HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Sat, 24 Sep 2022 13:57:22 GMT
content-type: video/webm
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Sat, 24 Sep 2022 17:57:22 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 74fc075b5d51b4ee-OSL
X-Firefox-Spdy: h2

www.megarush.com/service-worker.js

172.67.22.147

200 OK

8.4 kB

URL HTTP/2
www.megarush.com/service-worker.js
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
8.4 kB (8373 bytes)
Hash
36155028009d943510e8e74a9a051563
c4f746b8a1cebc46d4fb3e5934441c2aced3796a
219f0efdcdcdb82e7c1e2e140b16c8cb99d38f9d2684b6f46a112fc989fbb674

HTTP Headers

GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:22 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Sat, 24 Sep 2022 13:57:52 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fc075d2c4cb511-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8557 bytes)
Hash
33edd8fdf7032227386d1514f99b2c4a
9fa34e0e3d456ed38d6e94911bf24990ed33ab0c
1d8ebbea41da3fbb5bd6784635f176bce0697a290635808166d269202bd3defa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8557
x-amzn-requestid: 51f41597-b094-47d7-b372-4c4c0236577f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tAXEO3oAMFTWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2868-30ad6e877ee82fcc4d17a7e6;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:43:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: KfRlAHaZjrBNyxoYsUtQZ0TgMGD99mnrC3GViYCTRcHPtDfgYbLczg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:02:30 GMT
age: 57297
etag: "9fa34e0e3d456ed38d6e94911bf24990ed33ab0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

107 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
107 B (107 bytes)
Hash
5bb2be89c0476816e36ad80e99b53b89
73764f465fd0c465f846f070ca74d1911f654a5c
d14ee5dd19858b6696b67ad54c464d34b9df0bc81359918731656747f428aad1

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 107
date: Sat, 24 Sep 2022 13:57:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ungroudonchan.com/4/4598789?ymid=SQStAjm7QhvYjLR54PM9TE&var=074b5bba-80ab-4a33-86df-edbd736e35eb

139.45.197.238

200 OK

0 B

URL HTTP/2
ungroudonchan.com/4/4598789?ymid=SQStAjm7QhvYjLR54PM9TE&var=074b5bba-80ab-4a33-86df-edbd736e35eb
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/4598789?ymid=SQStAjm7QhvYjLR54PM9TE&var=074b5bba-80ab-4a33-86df-edbd736e35eb HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:57:18 GMT
content-type: text/html; charset=utf8
x-trace-id: 7c1f4724832836935b897fac0d965899
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-credentials: true
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=69e0c5b7f40b4263a451d0a61c5eabb7; expires=Sun, 24 Sep 2023 13:57:18 GMT; path=/; secure; SameSite=None
oaidts=1664027838; expires=Sun, 24 Sep 2023 13:57:18 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

scripts.mediamathrdrt.com/scripts/b_megarush.js

172.67.129.58

200 OK

0 B

URL HTTP/2
scripts.mediamathrdrt.com/scripts/b_megarush.js
IP
172.67.129.58:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 02f9ab32-6aca-45e1-9971-5199c2ac6072
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.003262
expires: 2022-08-25 13:57:19 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCdQkeo8tajRU8pKkIEQ2mTDgtxFFp54rKQ68VAi%2BPtQ19Udq%2Fc4uetySCpnHsj5%2Bjw459vBhUfisKKUNcvRHeNSHJ4FCF6J4SsBZ3ASx86LAghxa4Ddt28xGH%2FvLdUV%2B%2BwdicGF87wbtLmI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fc074e7e24b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

104.18.38.157

200 OK

0 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 632f0cbe06b03420a86dd374
Origin: https://www.megarush.com
Content-Length: 18
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=ec165fe678b48342d2debd4134e1852b; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fc0752ebcbb4ee-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/trustly--white.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/trustly--white.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/trustly--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9475506
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0753b9f3b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/ibas.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/ibas.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/ibas.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f8e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34238663
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc07541a44b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gamblersanonymous.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/gamblersanonymous.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/gamblersanonymous.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7071037
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc07542a4bb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/iso.fc5b238b.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/iso.fc5b238b.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/iso.fc5b238b.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-363"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34238663
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0754eb2eb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi

35.186.224.25

302 Found

0 B

URL HTTP/2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP
35.186.224.25:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=75037e7ff0649fdd4bc57c2308bd8f49; path=/; expires=Sun, 24 Sep 2023 13:57:20 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D75037e7ff0649fdd4bc57c2308bd8f49%26device%3Ddesktop; path=/; expires=Sun, 25 Sep 2022 13:57:20 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: 8bdf1d12936631fd
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s2.adform.net/banners/scripts/st/trackpoint-async.js

37.157.6.235

200 OK

0 B

URL HTTP/2
s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
37.157.6.235:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 11:35:31 GMT
etag: W/"64271612f9771203ff18d1de033d1b31"
x-amz-request-id: tx0000000000000b52486e7-00632ef0df-3233e6c5-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/casino--side-nav.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/casino--side-nav.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17986261
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0753697db511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/megaclub--updated.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/megaclub--updated.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9475814
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0753798ab511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-clock-badge-new.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mega-clock-badge-new.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9463549
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0753ea15b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:19 GMT
content-type: text/html
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-497zf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fc074c896eb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--yellow.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/live-casino--yellow.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17963535
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0753697fb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/promotions--updated.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/promotions--updated.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/promotions--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9470068
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc07537994b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/astropaycard--white.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/astropaycard--white.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/astropaycard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_48C5271B963F44EF9ECB3BE682F69039
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7071037
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0753b9f2b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/purple-jackpot.svg

172.67.22.147

200 OK

0 B

URL HTTP/2
www.megarush.com/img/home-page/glows/purple-jackpot.svg
IP
172.67.22.147:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/home-page/glows/purple-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.921293711.1664027839; _gid=GA1.2.2098096337.1664027839; _gat_UA-143790984-2=1; btag=656126_48C5271B963F44EF9ECB3BE682F69039
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:57:20 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9447363
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc0754db1fb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations