telego.online/bg/bx/vegg/
109.235.66.99302 Found 0 B URL HTTP/1.1 telego.online/bg/bx/vegg/
IP 109.235.66.99:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /bg/bx/vegg/ HTTP/1.1
Host: telego.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 15 Sep 2022 08:39:04 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ed2
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 08:10:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pH2JDDXfMHdW8aSuJYC-yO7zQV5mmckRJiMxQdH32MTd28AnUfVXJw==
Age: 1722
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8457
Expires: Thu, 15 Sep 2022 11:00:01 GMT
Date: Thu, 15 Sep 2022 08:39:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lf6HdGBS5RBWolNGkyNXEz-GzHSOBCk7tndX9L6bHp7RYnD60BVoMg==
age: 14629
X-Firefox-Spdy: h2
whampamp.com/4/5087048?var=ed2
139.45.197.236200 OK 2.9 kB URL HTTP/1.1 whampamp.com/4/5087048?var=ed2
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5402)
Hash 7b2e67583f30c4515fa9792ee4bc0ca0
d841036b456a440620c0b5ec401df32f792bfc89
f70fa9b36fd54241211aee3d21d7737b7df01ae4baa45189b6dc8d941112314d
Analyzer Verdict Alert quad9 Sinkholed
GET /4/5087048?var=ed2 HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:39:04 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 9ba9edecbc7ecbb4352eb98281d30db0
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=db80dda388f0468a8d6f07825d4b95ee; expires=Fri, 15 Sep 2023 08:39:04 GMT; path=/
oaidts=1663231144; expires=Fri, 15 Sep 2023 08:39:04 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 08:39:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
whampamp.com/favicon.ico
139.45.197.236204 No Content 0 B IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ed2
Cookie: OAID=db80dda388f0468a8d6f07825d4b95ee; oaidts=1663231144
HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 15 Sep 2022 08:39:04 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 41f9179e59a25f47d57ee44aedba74e7
0fc36a87fcedb98f3748739cc0718470de2f59c2
b4a615e3b1606fa2e99cbfca9a7a7b93257ebcf5957c308cfbaf7f8d4f37415a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 08:39:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 01:21:26 GMT
Expires: Tue, 20 Sep 2022 01:21:25 GMT
Etag: "0fc36a87fcedb98f3748739cc0718470de2f59c2"
Cache-Control: max-age=405140,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b00cbfaa3e1c12-OSL
my.rtmark.net/img.gif?f=merge&userId=db80dda388f0468a8d6f07825d4b95ee
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=db80dda388f0468a8d6f07825d4b95ee
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=db80dda388f0468a8d6f07825d4b95ee HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 08:39:05 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=db80dda388f0468a8d6f07825d4b95ee; expires=Fri, 15 Sep 2023 08:39:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
whampamp.com/?z=5087048&syncedCookie=true&rhd=false
139.45.197.236302 Found 0 B URL HTTP/1.1 whampamp.com/?z=5087048&syncedCookie=true&rhd=false
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 435
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=db80dda388f0468a8d6f07825d4b95ee; oaidts=1663231144
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 15 Sep 2022 08:39:05 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 215cea2087a62f37ae0169bcc8c04e71
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=594197086279574432&subid1=5087048&cost=0.000519&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=db80dda388f0468a8d6f07825d4b95ee; expires=Fri, 15 Sep 2023 08:39:05 GMT; path=/
oaidts=1663231144; expires=Fri, 15 Sep 2023 08:39:05 GMT; path=/
syncedCookie=true; expires=Thu, 22 Sep 2022 08:39:05 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 08:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 15 Sep 2022 08:54:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F8Mib1bItCDCgGzJZ50MVv3eq9EAGa87S4Kau6iJHbaKpFzAtr4TcA==
Age: 2143
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a113694c67339c551c77077752ffa540
3027db22fec221b7919c7627d5dd1f819fdf6f49
36b3d907c0194f6cb8598dd9ca65f5b0cac7de21ba03b81172180b245ee77859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B3D907C0194F6CB8598DD9CA65F5B0CAC7DE21BA03B81172180B245EE77859"
Last-Modified: Wed, 14 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11312
Expires: Thu, 15 Sep 2022 11:47:37 GMT
Date: Thu, 15 Sep 2022 08:39:05 GMT
Connection: keep-alive
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=594197086279574432&subid1=5087048&cost=0.000519&rdk=rk3
157.90.33.73302 Found 0 B URL HTTP/2 eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=594197086279574432&subid1=5087048&cost=0.000519&rdk=rk3
IP 157.90.33.73:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=594197086279574432&subid1=5087048&cost=0.000519&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 15 Sep 2022 08:39:05 GMT
content-length: 0
x-trace: 6c64c4f35cce7818ff7918e5aa39400f
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=8HL8s8FcSOySiWRNy5r8tg; expires=Fri, 15 Sep 2023 08:39:05 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:39:05 GMT
Last-Modified: Thu, 15 Sep 2022 07:15:10 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
35.227.234.222302 Found 0 B URL HTTP/1.1 35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
IP 35.227.234.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 15 Sep 2022 08:39:05 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
23.36.79.9301 Moved Permanently 0 B URL HTTP/2 media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Thu, 15 Sep 2022 08:39:05 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 15 Sep 2022 08:39:05 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663231145519)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C2022915839%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224483464%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Sat, 15-Sep-3021 08:39:05 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=47
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j46TjdEByL4qk6R5dn/bCg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: APBr2yvMZmkOFTTP/nMhH+c4Ssk=
www.megarush.com/fonts/DS-Digital.woff2
104.22.31.168200 OK 776 B URL HTTP/2 www.megarush.com/fonts/DS-Digital.woff2
IP 104.22.31.168:0
File type Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Hash 789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248
GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:05 GMT
content-type: font/woff2
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cc49f90b523-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/Inter-Bold.woff2
104.22.31.168200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-Bold.woff2
IP 104.22.31.168:0
File type Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Hash a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37
GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:05 GMT
content-type: font/woff2
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cc49f86b523-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed1a966e9770807ef8b4f57a5113d29a
d843a3d371ee0424004f68ccc32ce06e6bc6e6c7
4932c01d3db39a9ac2f0f7e2693af95e5a334697edfd8d078fd52e421ba43721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.megarush.com/fonts/Inter-ExtraBold.woff2
104.22.31.168200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-ExtraBold.woff2
IP 104.22.31.168:0
File type Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Hash d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c
GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:05 GMT
content-type: font/woff2
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cc49f85b523-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
142.250.74.72200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP 142.250.74.72:0
File type ASCII text, with very long lines (23513)
Hash b020c2dffb3473f4ed8e54eaf5787961
c3dac4ef1303b63982b7ff7b35da363db8c3edb5
e592804e1850d436e7c90a1b4d5be9d89c5ac964952460220990c0cbbe0ee0a0
GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Sep 2022 08:39:05 GMT
expires: Thu, 15 Sep 2022 08:39:05 GMT
cache-control: private, max-age=900
last-modified: Thu, 15 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed1a966e9770807ef8b4f57a5113d29a
d843a3d371ee0424004f68ccc32ce06e6bc6e6c7
4932c01d3db39a9ac2f0f7e2693af95e5a334697edfd8d078fd52e421ba43721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.megarush.com/index.3e5fca25e481a764411c.css
104.22.31.168200 OK 34 kB URL HTTP/2 www.megarush.com/index.3e5fca25e481a764411c.css
IP 104.22.31.168:0
Hash 93424cd0de2681a1bb85e987db40ebc4
eca30f7c5c0685fdd8da1358b4dfd1cecaf23027
472d4766b34258ac756ca88faf5903c69716604d426864bf0ddee94805a691d1
GET /index.3e5fca25e481a764411c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Wed, 14 Sep 2022 14:55:10 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6195
server: cloudflare
cf-ray: 74b00cc4af96b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
scripts.mediamathrdrt.com/scripts/b_megarush.js
172.67.170.210200 OK 597 B URL HTTP/2 scripts.mediamathrdrt.com/scripts/b_megarush.js
IP 172.67.170.210:0
Hash fe7cf5460e96c249b3fbbf93e1dc4c2a
f6f1b9b7fa4c7d96b47afbe4dd6aac049f34454f
566235c9327d204f043caf4503a72675e16a5ea87ea3885194cdcc6cfd380d2e
GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 0afa1528-53e8-42fc-9c65-fc3e7616a4c4
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.004111
expires: 2022-08-16 08:39:06 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdemFIJDYjixxa0z%2FhCemuB%2BPsxuOLmXVRe38OaEZBZL8%2FDBbMn00HYxLabGfCP3GTywzXde%2FwIP8rmvpuyRifydKHEUk%2FNCPXMcxvod96ntHr6htryVIu6HyYuUgXYN549qZyPH9XNF5sHf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74b00cc65fe1b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.megarush.com/favicons/favicon-16x16.png
104.22.31.168200 OK 437 B URL HTTP/2 www.megarush.com/favicons/favicon-16x16.png
IP 104.22.31.168:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 914b291e561aafc860f86bc23c4065f1
b47bda2b8d530bbaead0fbcba219ac18247d1410
08f8a35ac0dda8a81618b381bfc0747ac80e022c0ff44dcb4d8d153dad724b45
GET /favicons/favicon-16x16.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 437
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-1b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6274730
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cc78b6cb523-OSL
X-Firefox-Spdy: h2
www.megarush.com/favicons/favicon-194x194.png
104.22.31.168200 OK 12 kB URL HTTP/2 www.megarush.com/favicons/favicon-194x194.png
IP 104.22.31.168:0
File type PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Hash 3bc9ecb2b8d9e78d83d49da52c0292fc
b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c
GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33441289
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cc78b6bb523-OSL
X-Firefox-Spdy: h2
www.megarush.com/chunk-vendors.76e8e4d0.css
104.22.31.168200 OK 17 kB URL HTTP/2 www.megarush.com/chunk-vendors.76e8e4d0.css
IP 104.22.31.168:0
Hash ad8ab2bacc4b651e83697e04b1ada232
431e0520849f04c92048b624726b2066fcf06489
7403e2652fde8d9b50402b84aa9296647154d056011bb2a760ff53ac67398dc4
GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Wed, 14 Sep 2022 16:50:19 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6475
server: cloudflare
cf-ray: 74b00cc4af93b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5490768cb6087d9cd95bc809969d2eed
ab7243c0da9505ee816d0aab4808e664bdeb06e7
da2a09796a2cccf07057b019939f285f458757f46b7e0ffa0daadea838ff56cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1241
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:39:06 GMT
Last-Modified: Thu, 15 Sep 2022 08:18:25 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP 142.250.74.3:0
Hash 7b4fe4bf5e4f6c037f2d4b626e80a199
01b5766fb3d4b63ae1686b03b94eb168d3bd2f35
edaf7fb222b598ff47763c56084de81932982c62d0f6838b88d98b5f80d53f91
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:39:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.megarush.com/js/chunk-vendors.25e1a372.js
104.22.31.168200 OK 126 kB URL HTTP/2 www.megarush.com/js/chunk-vendors.25e1a372.js
IP 104.22.31.168:0
File type ASCII text, with very long lines (49824)
Size 126 kB (125588 bytes)
Hash 402eb20ab5cc76efa75b4fd548ec2f5b
c5eb4bc29af53f6edd0771fe3a3842e6744d35d9
9d3f8cdb79f7668fb0eeda7edf2397931d94d508aec3281242eedcdb86c321e4
GET /js/chunk-vendors.25e1a372.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Wed, 14 Sep 2022 14:55:10 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6195
server: cloudflare
cf-ray: 74b00cc4af97b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
edge.fullstory.com/s/fs.js
35.201.112.186200 OK 63 kB URL HTTP/2 edge.fullstory.com/s/fs.js
IP 35.201.112.186:0
File type ASCII text, with very long lines (65410)
Hash d720d9c7a26941dcca38a469673b2863
4c985e903ece1d84cca14d3dd12166b8e7b6925b
7ed116dc750bcbf3290fbf478332c0208ee4b914b64b44b6e49bccfa417f3014
GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduN77iMKGv9TOrxs8TuzsADe5gTy8IXu73lwXLw1tHtLKcVQOtQu0mCaoxLB3sq7itjS-nva-R9EGnTYjCS3NRVWFoXj4wZ
x-goog-generation: 1663163967982920
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 62929
content-encoding: br
x-goog-hash: crc32c=S62c9A==, md5=1yDZx6JpQdzKOKRpZzsoYw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 62929
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 15 Sep 2022 07:45:19 GMT
expires: Thu, 15 Sep 2022 08:45:19 GMT
cache-control: public, max-age=3600,no-transform
age: 3227
last-modified: Wed, 14 Sep 2022 13:59:28 GMT
etag: "d720d9c7a26941dcca38a469673b2863"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP 142.250.74.3:0
Hash 7b4fe4bf5e4f6c037f2d4b626e80a199
01b5766fb3d4b63ae1686b03b94eb168d3bd2f35
edaf7fb222b598ff47763c56084de81932982c62d0f6838b88d98b5f80d53f91
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:39:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6322e49b26682eec99408a0f
104.18.38.157101 Switching Protocols 0 B URL HTTP/1.1 megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6322e49b26682eec99408a0f
IP 104.18.38.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6322e49b26682eec99408a0f HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bWnIl+zRu8eDtgXWCUc6kw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 15 Sep 2022 08:39:06 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: J0ui6jS5hg3tgIMnJ71hIlQb924=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=7a940f64164fea3dfa16feb3497281e5; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b00cc7ec68b524-OSL
track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=674638321804&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_9BDA3557C2724031925ECA4FC4D66D96
37.157.6.241200 OK 389 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=674638321804&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_9BDA3557C2724031925ECA4FC4D66D96
IP 37.157.6.241:0
File type ASCII text, with CRLF line terminators
Hash 5df4458f2b5f8186712791824e83b5c0
661eb6d7cd5450176a75d8bfa47584f35b70fa5f
3a8794a8cccff99610998acbe6b1009110d7542ab92150f8755efce1e13950a0
GET /Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=674638321804&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_9BDA3557C2724031925ECA4FC4D66D96 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: text/javascript; charset=utf-8
content-length: 389
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2daa3a1d65ed3376735381ef1ae45583
7e24b5c47ebce920b41ce7aaaa18a119abc5449f
15071b03516cf898e79ef45c2fda2db719230a68948599a560eab223e190df68
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15071B03516CF898E79EF45C2FDA2DB719230A68948599A560EAB223E190DF68"
Last-Modified: Wed, 14 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9432
Expires: Thu, 15 Sep 2022 11:16:18 GMT
Date: Thu, 15 Sep 2022 08:39:06 GMT
Connection: keep-alive
megalotto-static.gigmagic.io/translations/no.json
172.64.149.99200 OK 75 kB URL HTTP/2 megalotto-static.gigmagic.io/translations/no.json
IP 172.64.149.99:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Hash c65c57dc0700025bf90a1adde1aff75b
32292b13109ae3c175acc85eb5c042e3433f2cbb
4063d90c64b9268398cff98e82b3b3b825d7dede0f4572000134d9d163feda84
GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: application/json; charset=utf-8
content-length: 75078
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Thu, 08 Sep 2022 13:34:10 GMT
etag: "c65c57dc0700025bf90a1adde1aff75b"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b00cc8993eb512-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0e27c41fe19ab494a8f730eb07bfa385
3570fc1e915751b73c2ae5a70f50a089d0245c6a
42933a399cd30d4777859addfefeba29659341254970421ed699dfcde251ec8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4896
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:39:06 GMT
Last-Modified: Thu, 15 Sep 2022 07:17:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1667394352&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_9BDA3557C2724031925ECA4FC4D66D96
37.157.6.241200 OK 11 kB URL HTTP/2 track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1667394352&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_9BDA3557C2724031925ECA4FC4D66D96
IP 37.157.6.241:0
Hash 8ea169dbb24e8687b8378e9aea55b36e
eae9705b681654bafca29b14832558fb6d8cd716
b0f06e0ac720670698fccef99e49f6e484a85f6ef1ccc3b25d31e5eca5a21c5e
GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1667394352&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_9BDA3557C2724031925ECA4FC4D66D96 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
rs.fullstory.com/rec/page
35.186.194.58202 Accepted 76 B URL HTTP/2 rs.fullstory.com/rec/page
IP 35.186.194.58:0
File type JSON data\012- , ASCII text
Hash 483ffa09cea154d304956a80f8b6b0cc
8c4675aeda7de53c381d4027ac239f0ea83a82ca
39cd29318acd06252db1fc7edf14ce35ebbd083cf672cd371bb0e40340370f08
POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 377
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Thu, 15 Sep 2022 08:39:06 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2daa3a1d65ed3376735381ef1ae45583
7e24b5c47ebce920b41ce7aaaa18a119abc5449f
15071b03516cf898e79ef45c2fda2db719230a68948599a560eab223e190df68
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15071B03516CF898E79EF45C2FDA2DB719230A68948599A560EAB223E190DF68"
Last-Modified: Wed, 14 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9432
Expires: Thu, 15 Sep 2022 11:16:18 GMT
Date: Thu, 15 Sep 2022 08:39:06 GMT
Connection: keep-alive
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
172.64.149.99200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 172.64.149.99:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=85a547835eae4c636738facab771bd81; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b00cca7c03b512-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-4.png
104.22.31.168200 OK 786 B URL HTTP/2 www.megarush.com/img/home-page/coin-2-4.png
IP 104.22.31.168:0
File type PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Hash dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09
GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30216542
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccabf53b523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-2.png
104.22.31.168200 OK 2.2 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-2.png
IP 104.22.31.168:0
File type PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Hash c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca
GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6273768
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccabf56b523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-3.png
104.22.31.168200 OK 1.8 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-3.png
IP 104.22.31.168:0
File type PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Hash fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680
GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8677531
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccabf5cb523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/mega-jackpots.png
104.22.31.168200 OK 64 kB URL HTTP/2 www.megarush.com/img/home-page/mega-jackpots.png
IP 104.22.31.168:0
File type PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Hash b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d
GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8671072
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccacf6cb523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-1-1.png
104.22.31.168200 OK 4.3 kB URL HTTP/2 www.megarush.com/img/home-page/coin-1-1.png
IP 104.22.31.168:0
File type PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Hash 214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0
GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30216542
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccacf6fb523-OSL
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
172.64.149.99200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 172.64.149.99:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=34fdca89e4fd66eb7f1ce63e4291fa5e; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b00ccaac30b512-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-1.png
104.22.31.168200 OK 3.5 kB URL HTTP/2 www.megarush.com/img/home-page/coin-2-1.png
IP 104.22.31.168:0
File type PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Hash 09e800f81a52a109cbf3a8b2f8e727bf
d44509cdbddce4991b70f10276c47786e9993d0b
8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376
GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30216542
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccacf72b523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-1.png
104.22.31.168200 OK 4.4 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-1.png
IP 104.22.31.168:0
File type PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Hash 3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6
GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30216542
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccadf7bb523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/playAndGo.svg
104.22.31.168200 OK 4.2 kB URL HTTP/2 www.megarush.com/img/icons/playAndGo.svg
IP 104.22.31.168:0
Hash 80b8731b148c3b0fe14e212160b6ee24
303bc6ceccbaf7230a51c74eb13833475e4563d1
14c9b2594032ce1cc99e075fd0c0d6123c51ebcf0a20299b673122bb95ced486
GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30216373
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccabf5eb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/promotions.png
104.22.31.168200 OK 21 kB URL HTTP/2 www.megarush.com/img/benefits/promotions.png
IP 104.22.31.168:0
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d9863db2ba8c87a673de9ea91482d5e
daca14014aeb80e137b6682a8c816cdd92639b2c
131582b1399fc62d9464a553a37bf6938d29fa48852a4d2564a3f6315f366911
GET /img/benefits/promotions.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 21005
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-520d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1792829
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccadf7fb523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/loyalty.png
104.22.31.168200 OK 9.7 kB URL HTTP/2 www.megarush.com/img/benefits/loyalty.png
IP 104.22.31.168:0
File type PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Hash df4d6dc1ebb3bbbace8d15ec77486d46
287e7185a17258c716cbf616aa95287c0db255a9
a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8
GET /img/benefits/loyalty.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 9659
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8673374
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccadf89b523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/megaclub.png
104.22.31.168200 OK 11 kB URL HTTP/2 www.megarush.com/img/benefits/megaclub.png
IP 104.22.31.168:0
File type PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Hash 6a13cb2219f5d42d2a9c95d9104ef8b2
7fcbf688a27942e5fc89d5796144c17095336a41
02796f7fee25c816673368b88fae179a1d4ac8210b8c1dd5198825e56e592e66
GET /img/benefits/megaclub.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 10578
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1898352
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccaef8cb523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/feel-the-rush.png
104.22.31.168200 OK 49 kB URL HTTP/2 www.megarush.com/img/home-page/feel-the-rush.png
IP 104.22.31.168:0
File type PNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data
Hash 141c6d0e374b086cf1d604173cb607c8
9e5531e6e26ad4cb621dd35d9521b167ce99ca53
c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2
GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 48691
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30216542
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccaef92b523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/netent.svg
104.22.31.168200 OK 15 kB URL HTTP/2 www.megarush.com/img/icons/netent.svg
IP 104.22.31.168:0
Hash 0a74055bb3f601c1f49d6147c2a6ad73
ea06b465e9c33192d14534c79cb665e14991fea4
2c9af8479899040a67e88f4a8594c46cfeaf7247f9ca995654bb208dffe85a7e
GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8678812
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccacf66b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/affiliates/norges-casino.png
104.22.31.168200 OK 12 kB URL HTTP/2 www.megarush.com/img/affiliates/norges-casino.png
IP 104.22.31.168:0
File type PNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data
Hash 453efb7650d4c514229ddc7cb4b5d04f
f00e51876a720516521db90908019e5ccebe0397
d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e
GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/png
content-length: 12111
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33441970
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccaff9cb523-OSL
X-Firefox-Spdy: h2
megalotto-static.gigmagic.io/games/no_NO.json
172.64.149.99200 OK 714 kB URL HTTP/2 megalotto-static.gigmagic.io/games/no_NO.json
IP 172.64.149.99:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 714 kB (714008 bytes)
Hash 2b8d7eb8d9f56918e231833888a022c4
38aa421f60d49dc4f204d473c435e34529e2e9e8
b3fe1abb3128d08ba81a2de1ae727dba1fc4fec2f829a44dceeb23a219dfc3f9
GET /games/no_NO.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: application/json; charset=utf-8
content-length: 714008
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 06 Sep 2022 08:13:41 GMT
etag: "2b8d7eb8d9f56918e231833888a022c4"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b00cca6bf2b512-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/megaclub--updated.svg
104.22.31.168200 OK 1.3 kB URL HTTP/2 www.megarush.com/img/icons/megaclub--updated.svg
IP 104.22.31.168:0
Hash 5944d70f8563ddeeee531eee527d0253
afc6494fa663ebb24d752358956dd356c253a4b5
c63241cb6e5be8a28633d7d8b2a0f01fd07eaf06823382a659e4e717356813be
GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8679120
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccb6851b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
104.18.38.157200 OK 31 kB URL HTTP/2 megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP 104.18.38.157:0
File type ISO Media, AVIF Image\012- data
Hash a120f99e6d07b9526d8720e520942423
57edcb554c28a5787dd54c7f64b12ce9b7007d9b
c006a30b946ca1a403a8eaca8cdf20fa22b9ea6912b59023689f6aa65c83b137
GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 06 Sep 2022 09:45:02 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 66cd5b3423986c504740641be9f0a18ddd2feace
x-imgix-render-farm: 01.1072
age: 773644
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-ams12749-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b00ccb3fb8b51e-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mga.svg
104.22.31.168200 OK 1.4 kB URL HTTP/2 www.megarush.com/img/icons/mga.svg
IP 104.22.31.168:0
Hash f7fabedc53506ddb6810d412e800efd1
1b36f4541bc9a3fd2ec414307a524ecaeb8161fd
95ff19ea9a3e8b743c606bb1fd6d4427d31eacee80befe295a4a6ffb7e70f2f8
GET /img/icons/mga.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-74d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8677530
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc698cb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/begambleaware.svg
104.22.31.168200 OK 3.1 kB URL HTTP/2 www.megarush.com/img/icons/begambleaware.svg
IP 104.22.31.168:0
Hash 2cf482e52db349341e6525b0c3b56e6e
a0e6e2d3173e9d4bcc33d8439404cd870f2f370b
83f497b35896711dee9c3b8769b529689aec6963440bdcce55633b27ed21baf8
GET /img/icons/begambleaware.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-18df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33441969
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc698fb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15223
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 08:39:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 419d9299d6ceb207d58ad1df6f142ab2
433c9a96ad1e2a7243db5cc6aae769fdfe432599
341af5ad79551de1648463bb5cf77d78e8f728d14c9d2621359b13e8a492134e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6460
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:39:07 GMT
Last-Modified: Thu, 15 Sep 2022 06:51:27 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 3237c2fa-bc17-4b8d-8afd-bacfaa90ca71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FypF7KIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145010-7052273b184685c83569c712;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzi_WnjJW5XjIfj8kyVL4LcQEjcuw1_zwrDiJegEZ2r8GOZcQahPEw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 39142
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.megarush.com/img/icons/games--flat.svg
104.22.31.168200 OK 7.3 kB URL HTTP/2 www.megarush.com/img/icons/games--flat.svg
IP 104.22.31.168:0
Hash 6903527ae6ea2284ba11977aef67d65e
b6f6d68bea8dc8dc8bd6a59b67b8720ffb39e350
82758b0c53fe0e6482a13dae0199a072c2b9e8453a36194d2ce92eb9bca504e1
GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33441969
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccb989fb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/help-round.svg
104.22.31.168200 OK 12 kB URL HTTP/2 www.megarush.com/img/icons/help-round.svg
IP 104.22.31.168:0
Hash 74ed0d9b7fcaa66094a53b0bc3eb1c66
7ecb7e5e7a317e11d66ca6877d740f986543ef93
ced218f6977c988529a06d450d60ba1730a0e498b31c450318b12ec3732aed61
GET /img/icons/help-round.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33441969
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccb989eb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/promotions--updated.svg
104.22.31.168200 OK 11 kB URL HTTP/2 www.megarush.com/img/icons/promotions--updated.svg
IP 104.22.31.168:0
Hash 80d71a9fc0984e7384ca3764383b7041
5375ba3182b62a08ec8f839a460acb4acc65b2e6
fb3a85684bf781b94b0d87661bb3bfe0511633bc1443803fe4675b371d143b52
GET /img/icons/promotions--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8673374
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccb685cb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--flat.svg
104.22.31.168200 OK 11 kB URL HTTP/2 www.megarush.com/img/icons/live-casino--flat.svg
IP 104.22.31.168:0
Hash 7920ff8372b5ced3fec29d2577690e68
ba92f6cc3c0f0c2363566116581bbb90501b66ca
6c5c92e9ce48ebeaa42a4a705c65f8f4fa923c12d2aedb9119ee23ac09b87650
GET /img/icons/live-casino--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33441969
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccb98a1b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aaf675adec05212317877a5f479d11a7
cab4d850cd2bc5b3e1570ae837a58382e6eae5ec
cb4eb5b406f1ec01e3094d0519d8e4e7a469056bb898e2c47d48378e4b2b261d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3951
x-amzn-requestid: 65c15365-1bff-4dd2-a651-33683a033e05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE9_oHP_oAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184397-148253910e5cd21b0e436b09;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:09:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _BTSN2zHd-FiETAJVrQhk9Odsn_M3GGs0nU0QpLrE9Rpin0VQPzy2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:19:41 GMT
age: 37166
etag: "cab4d850cd2bc5b3e1570ae837a58382e6eae5ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/smoke-2-small.png
104.22.31.168200 OK 4.2 kB URL HTTP/2 www.megarush.com/img/home-page/smoke-2-small.png
IP 104.22.31.168:0
File type PNG image data, 316 x 126, 4-bit colormap, non-interlaced\012- data
Hash 8361a76edf079ca44cd5c81d537c4ba0
b653ecb4ecaef4df2658c460be005f762ae203fb
e57046600ea12b7c2803f5d01c02595de1e29dca15981a2a278b916a9f62a5b0
GET /img/home-page/smoke-2-small.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: image/png
content-length: 4245
last-modified: Mon, 11 Jul 2022 12:54:28 GMT
etag: "62cc1d84-1095"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5570068
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cccea15b523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/smoke-1-medium.png
104.22.31.168200 OK 35 kB URL HTTP/2 www.megarush.com/img/home-page/smoke-1-medium.png
IP 104.22.31.168:0
File type PNG image data, 800 x 317, 8-bit gray+alpha, non-interlaced\012- data
Hash 109f267221e2cee94514a7efaebd29a9
a2e8d66e2f36d10fbdb7e78e42aefaffdfdbf7f2
72d4591ac99f7e8c9d7bbd20af81a880c6b66a6632772d6f0f085656afb3b801
GET /img/home-page/smoke-1-medium.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: image/png
content-length: 35333
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: "61656602-8a05"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29195550
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cccea2db523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/smoke-2.png
104.22.31.168200 OK 75 kB URL HTTP/2 www.megarush.com/img/home-page/smoke-2.png
IP 104.22.31.168:0
File type PNG image data, 1187 x 471, 8-bit/color RGBA, non-interlaced\012- data
Hash b52d54230805a82ccdbc1484c6bde4aa
73fcb683ec6b5598a0b89138843c479d5f479fe0
97b1cfcdf70c6c432984de8f4c9350281c61d6503bd8cd1add15e46ea359eade
GET /img/home-page/smoke-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: image/png
content-length: 74825
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-12449"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8677532
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cccfa30b523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/question-mark-1.d872b1da.png
104.22.31.168200 OK 54 kB URL HTTP/2 www.megarush.com/img/question-mark-1.d872b1da.png
IP 104.22.31.168:0
File type PNG image data, 632 x 820, 8-bit colormap, non-interlaced\012- data
Hash d872b1daeb19c1afe87b87c10de4343d
40c2dbf4eea216df495b10b6c039356432b41c4f
56d454faccb635efca719d35f33cd06b0131c75ee321a7f1fb6914099ebdcf96
GET /img/question-mark-1.d872b1da.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: image/png
content-length: 53566
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-d13e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7809484
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cccfa3ab523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/gamblersanonymous.svg
104.22.31.168200 OK 84 kB URL HTTP/2 www.megarush.com/img/icons/gamblersanonymous.svg
IP 104.22.31.168:0
Hash b543d36ed576a0ea85fa49409a74d658
ce296abd7536787640fec1198d0a51c448920041
a14d50835d50e164cfe7656c52f52abab23678214901303b30021ba4ef7f5623
GET /img/icons/gamblersanonymous.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6274343
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc6994b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/grid-new-2.svg
104.22.31.168200 OK 5.4 kB URL HTTP/2 www.megarush.com/img/home-page/grid-new-2.svg
IP 104.22.31.168:0
Hash 144ffb997b41bab9dedb7f622e10cdc6
e21dfa6bb5cecc1db94e5a5d1f28ef55b32a1d68
54e03831a8bb4189303111aa7da8867aca87cfe30cc34d1322b820c37651f79e
GET /img/home-page/grid-new-2.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:20:15 GMT
etag: W/"616d4a5f-3194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 28678479
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cccfa42b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
pxl.qccerttest.com/pixel?r=1863086117;fpan=1;fpa=P0-2105738233-1663231132201;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663231132201;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1667394352%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_9BDA3557C2724031925ECA4FC4D66D96;ogl=
143.204.55.35200 OK 35 B URL HTTP/2 pxl.qccerttest.com/pixel?r=1863086117;fpan=1;fpa=P0-2105738233-1663231132201;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663231132201;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1667394352%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_9BDA3557C2724031925ECA4FC4D66D96;ogl=
IP 143.204.55.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=1863086117;fpan=1;fpa=P0-2105738233-1663231132201;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663231132201;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1667394352%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_9BDA3557C2724031925ECA4FC4D66D96;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 02:11:33 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PA-BlN6jSo0sMi_kP_bVsDmcHB8rZhATaH5MeBG4-uWTO7XNc0S6qQ==
age: 23255
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=2095476076;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1667394352%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_9BDA3557C2724031925ECA4FC4D66D96;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-2105738233-1663231132201;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663231132204;tzo=0;ogl=;ses=c0d42f94-2b35-415f-b64f-da9c5d9621da
91.228.74.206200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=2095476076;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1667394352%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_9BDA3557C2724031925ECA4FC4D66D96;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-2105738233-1663231132201;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663231132204;tzo=0;ogl=;ses=c0d42f94-2b35-415f-b64f-da9c5d9621da
IP 91.228.74.206:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=2095476076;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1667394352%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_9BDA3557C2724031925ECA4FC4D66D96;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-2105738233-1663231132201;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663231132204;tzo=0;ogl=;ses=c0d42f94-2b35-415f-b64f-da9c5d9621da HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=6322e4ab-204f0-0a614-2aa13; expires=Mon, 16-Oct-2023 08:39:07 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
www.megarush.com/video/arcade-game.webm
104.22.31.168206 Partial Content 61 kB URL HTTP/2 www.megarush.com/video/arcade-game.webm
IP 104.22.31.168:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 9aaef915ba1a5046a92ef8dfcc58cdba
c25acbf957571a53c4ca7cc5a910757e4cfffd66
565d4805821948f9740cd260a8da41b19189a2f3658867815af960a5a31f035a
GET /video/arcade-game.webm HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: video/webm
content-length: 61172
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-eef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-range: bytes 0-61171/61172
cf-cache-status: BYPASS
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-k8xcf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
app_uid=CoMD12Mi5Ku6jAAqA0MeAg==; expires=Sat, 15-Oct-22 08:39:07 GMT; domain=$host; path=/
server: cloudflare
cf-ray: 74b00ccd2a7bb523-OSL
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
151.101.86.249200 OK 3.5 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
IP 151.101.86.249:0
File type ASCII text, with very long lines (23516), with no line terminators
Hash 9d04a5c053836e9cdaaed792e0e6a744
95a0d88c66706407a87daf0b82296ef68ea01444
7977dfdb15f2ab9ea2d9c3822a180b63428e43b5d199617d7a4d3e5fa741341c
GET /cdn/build/embed-legacy/embed-legacy.831fa035.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3509
Last-Modified: Mon, 25 Jul 2022 10:32:22 GMT
ETag: "9d04a5c053836e9cdaaed792e0e6a744"
x-goog-generation: 1658745142507438
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3509
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:39:07 GMT
Age: 4485791
X-Served-By: cache-chi-kigq8000063-CHI, cache-bma1659-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 50206
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
35.186.224.25200 OK 152 kB URL HTTP/2 open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
IP 35.186.224.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Size 152 kB (152305 bytes)
Hash 0eed0dd6c42353c95680d8161f90096f
adf6cfac610f9515e2029dee388a7323f2191ae0
b3369c63880a7393750f5f5af3d4d0e2bc91c7ffee9708b290cb7c3b0ea3da94
GET /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Cookie: sp_t=8f0353f950dc96d7c0382b9aaff76709; sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D8f0353f950dc96d7c0382b9aaff76709%26device%3Ddesktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
set-cookie: sp_t=8f0353f950dc96d7c0382b9aaff76709; path=/; expires=Fri, 15 Sep 2023 08:39:06 GMT; domain=.spotify.com; samesite=none; secure
content-encoding: gzip
sp-trace-id: cb152c530aa9d6d4
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js
151.101.86.249200 OK 216 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js
IP 151.101.86.249:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 216 kB (216461 bytes)
Hash 7e2514e9bc34d8a3de8cad16b3583170
49e70f24621b8939352c100f2ab2285c25e0413f
8507f3301310702977f9f1a095b99cbf0d6f5c0d47f5a56514fe579e72cb16e1
GET /cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 216461
Last-Modified: Wed, 14 Sep 2022 19:13:16 GMT
ETag: "7e2514e9bc34d8a3de8cad16b3583170"
x-goog-generation: 1663182795945010
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 216461
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:39:07 GMT
Age: 48156
X-Served-By: cache-chi-klot8100084-CHI, cache-bma1666-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 268
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d0fd68a0b25454cf41fd18dd6b26623d
9feb3c676766c68231bcdf50898a3293ef59a537
f0b624df55f84bfca5754c795ffe907b6592efb5583375c734fd9d5d86e07aa2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F0B624DF55F84BFCA5754C795FFE907B6592EFB5583375C734FD9D5D86E07AA2"
Last-Modified: Tue, 13 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16544
Expires: Thu, 15 Sep 2022 13:14:51 GMT
Date: Thu, 15 Sep 2022 08:39:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d0fd68a0b25454cf41fd18dd6b26623d
9feb3c676766c68231bcdf50898a3293ef59a537
f0b624df55f84bfca5754c795ffe907b6592efb5583375c734fd9d5d86e07aa2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F0B624DF55F84BFCA5754C795FFE907B6592EFB5583375C734FD9D5D86E07AA2"
Last-Modified: Tue, 13 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16544
Expires: Thu, 15 Sep 2022 13:14:51 GMT
Date: Thu, 15 Sep 2022 08:39:07 GMT
Connection: keep-alive
graphql.datocms.com/
104.22.3.238200 OK 0 B IP 104.22.3.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.megarush.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74b00cd0dad5b4f4-OSL
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 108 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 044797b84554016b8427808e4aa159a5
f2f479bf0031f64199e2792f715d1d2204865c2f
b0c8ccf6a7371c271fbac74269648f57e7a6fbd525f76efa402a08d7673827b4
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 108
date: Thu, 15 Sep 2022 08:39:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megalotto-static.gigmagic.io/video/header-video-720p-av1.mp4
172.64.149.99206 Partial Content 1.4 MB URL HTTP/2 megalotto-static.gigmagic.io/video/header-video-720p-av1.mp4
IP 172.64.149.99:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 1.4 MB (1434504 bytes)
Hash ef2fd3c75c04534c25fdac482c7ee8c6
699d8354bca6eec10a42dfc09d487bcb0799b7be
eec8813f008ea69f721a64821f756be51ba974494d160b12d9b3cd6bda7bb39b
GET /video/header-video-720p-av1.mp4 HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: video/mp4
content-length: 981973
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 27 Oct 2021 09:33:08 GMT
etag: "2afd3c14d9a3bb96572c32fd6858f451"
cf-cache-status: HIT
age: 100
expires: Thu, 15 Sep 2022 12:39:07 GMT
cache-control: public, max-age=14400
content-range: bytes 0-981972/981973
server: cloudflare
cf-ray: 74b00cd10e09b512-OSL
X-Firefox-Spdy: h2
i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8
151.101.86.248200 OK 131 kB URL HTTP/1.1 i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Size 131 kB (130780 bytes)
Hash ccb11204819dd6617e4e1fba9eeb5a84
3f5233f01c8ce71ffddde8694d269ee834964b93
f3fa391ba021ceb98c27ff44f743db4d6a4073c0faf83ebf9f030d82bf4e6111
GET /image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 130780
Last-Modified: Fri, 30 Apr 2021 15:10:01 GMT
ETag: "ccb11204819dd6617e4e1fba9eeb5a84"
x-goog-generation: 1619795401707780
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 130780
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:39:08 GMT
Age: 776206
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000160-CHI, cache-bma1659-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 258
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
151.101.86.248200 OK 84 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
IP 151.101.86.248:0
Hash 4eaffdf96f4c6f984686e93d5d9cb325
8c576f620ae00a66282d8eb10dc2eb580888aaf1
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6
GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 84088
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: W/"f7b12903dd7a2d536ceb2b7cd1dba2c1"
x-goog-generation: 1652441931211351
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 84027
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:39:08 GMT
Age: 1911034
X-Served-By: cache-chi-klot8100167-CHI, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 3
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
151.101.86.248200 OK 90 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP 151.101.86.248:0
Hash fe1cfc14b7498b187c78fa72fb72d148
6bec8ce832951162e0ebc4b257e3ee850fe7aade
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:39:08 GMT
Age: 309169
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1661-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 3
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Thu, 15 Sep 2022 08:39:07 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Thu, 15 Sep 2022 08:39:07 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
graphql.datocms.com/
104.22.3.238200 OK 695 B IP 104.22.3.238:0
Hash 1f387409e0dc658b724deda516017833
42e9c963f55e598ddf3aaecdee01dc76d0165a88
60cca85bd7836e07af1445adc618effb4fe481e552af3694c69a5430905a5502
POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
authorization: Bearer 35d777e787abbc619166a62135c433
Content-Length: 151
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: application/json; charset=utf-8
cf-ray: 74b00cd0faffb4f4-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 794354
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 3
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4336-DUB, cache-bma1655-BMA
x-timer: S1663231148.690883,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Thu, 15 Sep 2022 08:39:08 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Thu, 15 Sep 2022 08:39:08 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 112 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 65acbb9b08bf66b5a4fd1ee1363efd02
c27ba75e9bff1ee592a7064267ad6a5a2e727373
42883683d782bc70ba2bc860108b21fc73fe7f51e9412702839fdddd59446bf6
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 112
date: Thu, 15 Sep 2022 08:39:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-phone-badge-new.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-phone-badge-new.svg
IP 104.22.31.168:0
GET /img/icons/mega-phone-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 28679388
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc6988b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/onlinedisputeresolution.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/onlinedisputeresolution.svg
IP 104.22.31.168:0
GET /img/icons/onlinedisputeresolution.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1a7e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7923741
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc698db523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
IP 104.22.31.168:0
GET /nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:05 GMT
content-type: text/html
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-k8xcf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b00cc3ee1fb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/base.css
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/base.css
IP 104.22.31.168:0
GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Wed, 14 Sep 2022 16:50:19 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6475
server: cloudflare
cf-ray: 74b00cc4af91b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--yellow.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/live-casino--yellow.svg
IP 104.22.31.168:0
GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17166841
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccb684bb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
172.64.149.99200 OK 0 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 172.64.149.99:0
POST /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 6322e49b26682eec99408a0f
Origin: https://www.megarush.com
Content-Length: 47
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=85a547835eae4c636738facab771bd81; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b00ccaec75b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/glows/blue-jackpot.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/home-page/glows/blue-jackpot.svg
IP 104.22.31.168:0
GET /img/home-page/glows/blue-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29195577
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cccfa34b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/askgamblers.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/askgamblers.svg
IP 104.22.31.168:0
GET /img/icons/askgamblers.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-126e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8673374
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc89a9b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-bolt-badge-new.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-bolt-badge-new.svg
IP 104.22.31.168:0
GET /img/icons/mega-bolt-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-655"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1940846
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc6987b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/ibas.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/ibas.svg
IP 104.22.31.168:0
GET /img/icons/ibas.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f8e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33441969
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc698eb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/loader.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/loader.svg
IP 104.22.31.168:0
GET /img/icons/loader.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33440862
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc89aab523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/logo.4c52d90d.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/logo.4c52d90d.svg
IP 104.22.31.168:0
GET /img/logo.4c52d90d.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-931"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8673375
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cccfa47b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/relaxGaming.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/relaxGaming.svg
IP 104.22.31.168:0
GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6273768
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccacf63b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/gambleaware18.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/gambleaware18.svg
IP 104.22.31.168:0
GET /img/icons/gambleaware18.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8671231
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc79a5b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=674638321804&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_9BDA3557C2724031925ECA4FC4D66D96
37.157.6.241302 Found 0 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=674638321804&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_9BDA3557C2724031925ECA4FC4D66D96
IP 37.157.6.241:0
GET /Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=674638321804&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_9BDA3557C2724031925ECA4FC4D66D96 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=674638321804&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_9BDA3557C2724031925ECA4FC4D66D96
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Sat, 15-Oct-2022 08:39:06 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.megarush.com/js/index.94a008e8.js
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/js/index.94a008e8.js
IP 104.22.31.168:0
GET /js/index.94a008e8.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:05 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Wed, 14 Sep 2022 14:55:10 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6195
server: cloudflare
cf-ray: 74b00cc4af98b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
172.64.149.99200 OK 0 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 172.64.149.99:0
POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 6322e49b26682eec99408a0f
Origin: https://www.megarush.com
Content-Length: 18
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=85a547835eae4c636738facab771bd81; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b00ccaac37b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/gamcare.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/gamcare.svg
IP 104.22.31.168:0
GET /img/icons/gamcare.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-dd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33441969
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc6993b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/flag-nb-no.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/flag-nb-no.svg
IP 104.22.31.168:0
GET /img/icons/flag-nb-no.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33441969
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc698bb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/pragmaticPlay.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/pragmaticPlay.svg
IP 104.22.31.168:0
GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8510165
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccacf6ab523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/payments.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/payments.svg
IP 104.22.31.168:0
GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8677531
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccb989ab523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/service-worker.js
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/service-worker.js
IP 104.22.31.168:0
GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:08 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Thu, 15 Sep 2022 08:39:38 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b00cd41c2ab523-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/casino--side-nav.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/casino--side-nav.svg
IP 104.22.31.168:0
GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17189567
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccb582bb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
35.186.224.25302 Found 0 B URL HTTP/2 open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP 35.186.224.25:0
GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=8f0353f950dc96d7c0382b9aaff76709; path=/; expires=Fri, 15 Sep 2023 08:39:06 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D8f0353f950dc96d7c0382b9aaff76709%26device%3Ddesktop; path=/; expires=Fri, 16 Sep 2022 08:39:06 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: 25c36a296bdce4c1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/palms.1f322dbc.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/palms.1f322dbc.svg
IP 104.22.31.168:0
GET /img/palms.1f322dbc.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:07 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-33a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6274343
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00cccfa3bb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-clock-badge-new.svg
104.22.31.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-clock-badge-new.svg
IP 104.22.31.168:0
GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1440906679.1663231131; _gid=GA1.2.375938882.1663231131; _gat_UA-143790984-2=1; btag=656126_9BDA3557C2724031925ECA4FC4D66D96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 08:39:06 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8666855
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b00ccc698ab523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2