Report - telego.online/ph/bx/

Report Overview

Submitted URL
telego.online/ph/bx/_chest
IP
109.235.66.99
ASN
#212531 UAB Interneto vizija
Submitted
2022-08-31 21:06:44
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-06T05:09:43Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-06T06:00:56Z	1.6 kB	3.7 kB	93.184.220.29
35.227.234.222	unknown	2019-02-15T13:35:24Z	2023-02-02T17:05:04Z	395 B	204 B	35.227.234.222
encore.scdn.co	25928	2020-07-15T16:12:23Z	2023-03-06T18:56:29Z	1.5 kB	264 kB	151.101.86.248
scripts.mediamathrdrt.com	273493	2021-06-01T11:41:40Z	2023-03-06T12:36:46Z	371 B	883 B	172.67.170.210
telego.online	unknown			691 B	720 B	109.235.66.99
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-06T05:09:12Z	594 B	127 B	35.163.147.190
media.megarushaffiliates.com	unknown	2020-12-30T15:36:06Z	2023-03-06T14:11:45Z	463 B	1.1 kB	23.36.79.9
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-06T05:09:35Z	3.7 kB	57 kB	34.120.237.76
i.scdn.co	1162	2017-01-30T06:00:06Z	2023-03-06T17:39:44Z	401 B	131 kB	151.101.86.248
sentry.io	2743	2016-08-31T07:38:44Z	2023-03-06T05:12:38Z	556 B	404 B	35.188.42.15
secure.quantserve.com	973	2012-05-22T22:26:25Z	2023-03-06T05:14:58Z	354 B	293 B	91.228.74.200
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-06T05:10:30Z	401 B	5.8 kB	143.204.55.49
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-06T05:59:33Z	328 B	963 B	172.64.155.188
d3mi6d1ao3fzsg.cloudfront.net	unknown	2020-12-17T19:47:52Z	2023-03-04T15:12:48Z	378 B	17 kB	54.230.245.125
megalotto-static.gigmagic.io	unknown	2020-11-23T08:59:35Z	2022-10-26T00:38:48Z	1.3 kB	2.1 MB	172.64.149.99
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-06T08:34:51Z	361 B	21 kB	142.250.74.174
graphql.datocms.com	163121	2018-06-26T15:09:32Z	2023-03-05T20:36:39Z	475 B	702 B	104.22.2.238
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-06T05:09:03Z	2.6 kB	7.1 kB	23.36.76.226
www.megarush.com	unknown	2020-11-23T08:59:35Z	2023-03-04T04:36:32Z	37 kB	959 kB	104.22.30.168
apresolve.spotify.com	753	2013-09-30T19:51:11Z	2023-03-06T21:04:19Z	816 B	826 B	34.98.74.57
track.adform.net	3564	2012-05-21T09:01:21Z	2023-03-06T05:28:36Z	1.2 kB	1.6 kB	37.157.2.234
rules.quantcount.com	877	2018-06-15T17:43:28Z	2023-03-06T05:15:00Z	369 B	938 B	54.230.111.33
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-06T05:10:42Z	1.0 kB	2.1 kB	142.250.74.3
whampamp.com	30947	2022-03-12T14:52:24Z	2023-02-26T01:59:36Z	1.4 kB	5.6 kB	139.45.197.236
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-06T06:50:28Z	370 B	51 kB	142.250.74.72
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-06T05:12:49Z	978 B	2.2 kB	23.36.76.226
s2.adform.net	4693	2013-04-18T13:49:52Z	2023-03-06T18:12:35Z	376 B	32 kB	37.157.2.249
megalotto-api.gigmagic.io	unknown	2020-09-09T20:17:35Z	2022-10-26T00:38:47Z	1.1 kB	1.0 kB	172.64.149.99
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-06T08:18:39Z	409 B	678 B	139.45.195.8
eu.can-get-so.me	unknown	2022-05-24T07:08:11Z	2023-03-05T18:12:34Z	527 B	338 B	157.90.33.74
edge.fullstory.com	2769	2019-10-31T14:31:26Z	2023-03-06T08:04:07Z	381 B	64 kB	35.201.112.186
gew4-spclient.spotify.com	unknown	2022-03-28T15:26:27Z	2023-03-06T17:39:08Z	2.0 kB	2.9 kB	35.186.224.17
pixel.quantserve.com	417	2012-05-21T21:45:06Z	2023-03-06T05:15:01Z	972 B	459 B	91.228.74.200
open.spotify.com	3062	2012-06-04T14:41:14Z	2023-03-06T23:19:46Z	491 B	827 B	35.186.224.25
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-06T05:09:34Z	758 B	2.7 kB	143.204.55.36
open.spotifycdn.com	unknown	2022-06-13T16:04:22Z	2023-03-06T18:56:29Z	1.3 kB	189 kB	151.101.86.249
pxl.qccerttest.com	unknown	2022-07-13T16:33:38Z	2023-01-04T02:37:45Z	859 B	747 B	143.204.55.93

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-08-31	medium	whampamp.com	Sinkholed
2022-08-31	medium	whampamp.com	Sinkholed
2022-08-31	medium	whampamp.com	Sinkholed

JavaScript (28)

	URL	Size	First Seen	Last Seen
	www.megarush.com/js/index.f6004837.js	1.4 MB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/index.f6004837.js IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 10:41:25 Times Seen1 Hash 29656764d9215dd0ee54a687c0dde912 2d8cde6a224dfb730b38d8b078a8d7b13708d43a 27bf76826c40231bc25de2fdf625873a48ec75bd38ccd2b6bc82a80770705763 Loading...

	secure.quantserve.com/quant.js	26 kB	2023-03-07	2023-03-17
Pretty URL secure.quantserve.com/quant.js IP 91.228.74.200 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:30 Last Seen2023-03-17 09:45:18 Times Seen1 Hash 4c58c8535ef85bc23b9dbbb50d5119a4 8ab054a81906c3b088aa2a6aea7600bd215917e8 8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9 Loading...

	whampamp.com/4/5087048?var=ed2	5.4 kB	2023-03-07	2023-03-07
Pretty URL whampamp.com/4/5087048?var=ed2 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:08 Last Seen2023-03-07 01:33:08 Times Seen1 Hash 5cd99c35c8f33925ab9d66035e6bedeb 7690458dff64f1d2d6d1344e48b4321919e32752 179233487e8fc5b48bbf072e0d0fefe1a41b7f9742bc4413e891258a7831f59f Loading...

	www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18	68 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 10:41:25 Times Seen1 Hash af5b39223b096b930002364d423b193e d5d01cb6360a3e2c39600c0d12417e0493b636c5 81aadbc80d96d34445e62e6db3131b530a8d6cd9eef339e17682d99029c6cea1 Loading...

	scripts.mediamathrdrt.com/scripts/b_megarush.js	805 B	2023-03-07	2024-03-29
Pretty URL scripts.mediamathrdrt.com/scripts/b_megarush.js IP 172.67.170.210 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2024-03-29 16:08:03 Times Seen301 Hash 515636fd468eb57dafca110b214b3161 2843400ad362c003c84b007091acd45c7ecf813f b89528e21d6f85cc11459c7b6ec733cb9f9775a351f6dda2597aa76eeca5b761 Loading...

	open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.2e7fdd93.js	735 kB	2023-03-07	2023-03-17
Pretty URL open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.2e7fdd93.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:04 Last Seen2023-03-17 10:41:25 Times Seen1 Hash e3303c7feb517f2ca562619510ab9f22 a79248b8424fc3203474d628f4fd450c404bc0d1 72b774319d4b20030d93704655eb1c3dd38fba0e790328d41f3c6b3aac077a14 Loading...

	track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=631181932419&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D67D753D7FB6449A8AD23CEDD5E9BC18	385 B	2023-03-07	2023-03-07
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=631181932419&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 37.157.2.234 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:08 Last Seen2023-03-07 01:33:08 Times Seen1 Hash e101b4aa18811596bf07e283f6744c16 bbedb5c0ec157304f3e5aa66a673c4a67e3f6a4d 1fec471220e3b55eca5d7c80c26add2872283d27b3c266050aab7bdc5ed4e93b Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1109823852&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D67D753D7FB6449A8AD23CEDD5E9BC18	542 B	2023-03-07	2023-03-17
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1109823852&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 37.157.2.234 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 2ccd12d03fad8f3e6cecde40cdd802ba 28d041241344c759642b1788adcf27b0582c7e04 56430687824251353e667ff24b449b626c78df2e3b7da8d829dd1a49b5a2708c Loading...

	www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18	373 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e94fe87cb0f9b191e8a2f2c0fa5e267a 3c2deb6b38f8cf76c90e2b6bd12161bccbc8ca9b 51c583bce95c19f63dcd7bc23d3cd1267ad6f710e77f1b946717d231c60dbc5f Loading...

	www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18	1.1 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 8d23e75026216948f6f5480cfec43614 19f79c45ee1364682a41bf32d9ed60000977c5e8 82cd2ac7e097cd8a40b29aacebcbdb07b414cf167a11c9c88af7e6733b712efc Loading...

	www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18	67 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 10:41:25 Times Seen1 Hash 537fe923f286c000e70d56a7302e79fa b74559f73a75fd34bd99d5933f8b3c6caf9903f1 66f7972cbf0b8e2a6870d4df103a28ee9592c99e04d114c62828e05f20d26bd2 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-05-09
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-09 01:40:26 Times Seen852 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	scripts.mediamathrdrt.com/safeframe	173 B	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash ed2ee4ac79bc7af5967acee3f32c0b7c ce88dc9a9fb3501823b374291671d5016581a8de 975e4354b54fbad37d4342e331a35b41188179551e25da7bd06bda1d5649fb76 Loading...

	rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js	271 B	2023-03-07	2023-03-17
Pretty URL rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 34e255255d25312b08a2cc8566b5bf38 56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85 1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23 Loading...

	www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18	244 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 251b3c4f175a3557d020af7276e3a62c 78d8f5a1fc8fa63a6b05f87b13beb475f68d065a b681075422c11c3cf1edf3e9aac4a0ac48bbe5f5302eeb45f3f63a82e779fe24 Loading...

	www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18	70 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 29c52dd8b94963ce070a831157ff78e6 e49e51244fd219ff2191d75aadd3be4bbb8adf35 98a9253151b22574fe7f11829de0f8b5de1f2f5985295cdffe7a3d56fa3dc716 Loading...

	s2.adform.net/banners/scripts/st/trackpoint-async.js	83 kB	2023-03-07	2024-04-11
Pretty URL s2.adform.net/banners/scripts/st/trackpoint-async.js IP 37.157.2.249 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-11 07:25:49 Times Seen5 Hash 552eeb5f0620fb6f56733d625b5e719e 4b82da5898c97f3db9b9311ab0109231f90cd6d8 ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3 Loading...

	open.spotifycdn.com/cdn/js/retargeting-pixels.1fa1ceda.js	615 B	2023-03-07	2024-02-10
Pretty URL open.spotifycdn.com/cdn/js/retargeting-pixels.1fa1ceda.js IP 151.101.86.249 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2024-02-10 00:45:43 Times Seen1003 Hash ae8ae9488ca80a35a8293985780e9b24 bbec238f4055903612fcc38773776c91e04fc90e c038ca53e8ede27d00975dcc66bb4d0250c2ff45e999b235c147d712b9c26835 Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1109823852&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D67D753D7FB6449A8AD23CEDD5E9BC18	729 B	2023-03-07	2023-03-07
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1109823852&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 37.157.2.234 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:08 Last Seen2023-03-07 01:33:08 Times Seen1 Hash f8a6086fc9d44ed92cca5d3e9196741d 1d4d4546eaf4fb7cbb56f774706ce57c2ecfefe1 f8b262459feb71f4b8d74852243eb8c574e79567cfe881c4f446946e89508c43 Loading...

	d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js	16 kB	2023-03-07	2023-03-17
Pretty URL d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js IP 54.230.245.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 9f2263de140cc78c0737d17051307016 0174dfe38c88f9e7043b002fb9131c7a71399d77 17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a Loading...

	edge.fullstory.com/s/fs.js	250 kB	2023-03-07	2023-03-17
Pretty URL edge.fullstory.com/s/fs.js IP 35.201.112.186 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:19 Last Seen2023-03-17 11:28:32 Times Seen1 Hash e27552c268a5fa7e46ba9edf7da6bb02 70d9fc337816011c6f562ed6f0c05afb1b19dca8 2f787511a2287aac4f97e8dfcc046c59a072d3ac320d031c89c256f62c204095 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K4GPX49	152 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K4GPX49 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:08 Last Seen2023-03-07 01:33:08 Times Seen1 Hash dc22cfd99d5782aa7aac3480f163c22b dbaed619575e74a8c24dc8dba65daaa45d3d36bb 89dc54af86f5d0cb26a84e591be9658690c79d8c563f8bd9b1eec9fe22fd7e8c Loading...

	www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18	409 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 1975ca962a84729519ec67c01b3b24a6 343814a3878553f938081eaca8e1acd975420b9d 750dd2532ed69312546d95f623a804e030b3d2d2c1e167be87c746a8c6c0cf14 Loading...

	www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18	1.2 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 4b845dcbe67dcf2f08884d22e61ca993 d5df2c0e8e2e49aef3881c2331cc8c2a601d6667 8df185c955c3ece045fce2017142562a3d3b8c678176d86faeab2c8f5307c791 Loading...

	scripts.mediamathrdrt.com/safeframe	3.6 kB	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash 94ddf5c543e810ada88812cdb346392a a4414d0d384c7d405d8f23fcaf18ee61d8895cce 513a33d7b370a1a09ffe81463bd0575c9d697b21a4f97ef09d25543ddf3bd1b1 Loading...

	open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.d5d0c434.js	624 kB	2023-03-07	2023-03-07
Pretty URL open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.d5d0c434.js IP 151.101.86.249 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:08 Last Seen2023-03-07 01:33:08 Times Seen1 Hash 656d39ed03f38ea176a2d19465e00cc2 4abde617e4318c7d405358ba8f129739e21f24d1 651741b41b1eb5fc016b0c653306b37da74e0f8d3b8091306eb64d7ff0c71c0c Loading...

	www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18	72 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 05767ea3358595f1121304133ca91186 9cc28d62d149415bc7708e7d4c65a0a679017c65 6c8e8873e5f00c38cae3d86f5fe172fe8d8192995d2b7180c9801bbf46d29c12 Loading...

	www.megarush.com/js/chunk-vendors.8490e2f1.js	326 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/chunk-vendors.8490e2f1.js IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 10:41:25 Times Seen1 Hash 78fd491720aa5d437f703c4838762588 bb52b22be9fd0861ddabc000608de8a9fec8c3d2 9f1fcecaeb51169288186dfb49457a06f9197d731c0c9b1fdd168522d3e0bb87 Loading...

HTTP Transactions (126)

URL IP Response Size

telego.online/ph/bx/_chest

109.235.66.99

301 Moved Permanently

242 B

URL HTTP/1.1
telego.online/ph/bx/_chest
IP
109.235.66.99:0
ASN
#212531 UAB Interneto vizija

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
242 B (242 bytes)
Hash
5928492eaf1813d8b809205b0978b52f
4f6c8a8072d4407b12798373f171271a0e37c2ba
765f468f6d7a938e3150d61ba212bec94b4aece3415f50497342f7322ddc9c3c

HTTP Headers

GET /ph/bx/_chest HTTP/1.1
Host: telego.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 31 Aug 2022 21:06:32 GMT
Server: Apache
Location: http://telego.online/ph/bx/_chest/
Content-Length: 242
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13224
Expires: Thu, 01 Sep 2022 00:46:56 GMT
Date: Wed, 31 Aug 2022 21:06:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 31 Aug 2022 20:22:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lIJmCDmFUcjALnmTRpPE9zahnqfSg8w1hmpOwHyxLiUEGXSml9OBDw==
Age: 2653

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 31 Aug 2022 02:27:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZW0hn-cF4YpmmX3uoD-DkPZH7b-rFZzWvyTsIAOGXuBgrUAs5JD9WA==
age: 67168
X-Firefox-Spdy: h2

telego.online/ph/bx/_chest/

109.235.66.99

302 Found

0 B

URL HTTP/1.1
telego.online/ph/bx/_chest/
IP
109.235.66.99:0
ASN
#212531 UAB Interneto vizija

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ph/bx/_chest/ HTTP/1.1
Host: telego.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 31 Aug 2022 21:06:32 GMT
Server: Apache
Location: //whampamp.com/4/5087048?var=ed2
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 21:06:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

whampamp.com/4/5087048?var=ed2

139.45.197.236

200 OK

2.9 kB

URL HTTP/1.1
whampamp.com/4/5087048?var=ed2
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5402)
Size
2.9 kB (2936 bytes)
Hash
f1315c8803d667a43cf0426f35a1c0ea
9d3dc3dfdbd9e92b70a0a09bc417e5ace3c372ef
51a7fc1c86d3a10b5e69ba1ed2915bffbf99eb2865bd5ba61504147fb247186a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/5087048?var=ed2 HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 Aug 2022 21:06:33 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 99cd45ef8e79d2357b42593cafbe3bf1
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=c8bfac6cfc2e4524ba03e13e2c450d0d; expires=Thu, 31 Aug 2023 21:06:33 GMT; path=/
oaidts=1661979993; expires=Thu, 31 Aug 2023 21:06:33 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip

whampamp.com/favicon.ico

139.45.197.236

204 No Content

0 B

URL HTTP/1.1
whampamp.com/favicon.ico
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ed2
Cookie: OAID=c8bfac6cfc2e4524ba03e13e2c450d0d; oaidts=1661979993

HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 31 Aug 2022 21:06:33 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 31 Aug 2022 20:17:12 GMT
Expires: Wed, 31 Aug 2022 20:48:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aJSQR-QLu3sRVnttiFD9oGzpOiYplJvXYYLyHHyQpPMdWzjs0zEvIA==
Age: 2961

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2473
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 21:06:33 GMT
Last-Modified: Wed, 31 Aug 2022 20:25:20 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9bff5b388e91cc067521e4269f699c96
d20d93c4ed1b30a5e65d3a37c8873836a2e5c291
3eea78d8113b58b2df1579c2b97582cfa5a3fe5617254666cf7dce18ae78ae8e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 21:06:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 06:25:19 GMT
Expires: Mon, 05 Sep 2022 06:25:18 GMT
Etag: "d20d93c4ed1b30a5e65d3a37c8873836a2e5c291"
Cache-Control: max-age=378524,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7438bb0e98c20af6-OSL

my.rtmark.net/img.gif?f=merge&userId=c8bfac6cfc2e4524ba03e13e2c450d0d

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=c8bfac6cfc2e4524ba03e13e2c450d0d
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=merge&userId=c8bfac6cfc2e4524ba03e13e2c450d0d HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c8bfac6cfc2e4524ba03e13e2c450d0d; expires=Thu, 31 Aug 2023 21:06:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.163.147.190

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.147.190:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rhTHNVC2VyMuB5qgZlf4tA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TB/oAGM7khcAe+20ORlBSwbmH4A=

whampamp.com/?z=5087048&syncedCookie=true&rhd=false

139.45.197.236

302 Found

0 B

URL HTTP/1.1
whampamp.com/?z=5087048&syncedCookie=true&rhd=false
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 447
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=c8bfac6cfc2e4524ba03e13e2c450d0d; oaidts=1661979993
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 31 Aug 2022 21:06:34 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 9ef70ed6b382cec0856681ba36aa2a4a
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=588949383110996206&subid1=5087048&cost=0.000754&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=c8bfac6cfc2e4524ba03e13e2c450d0d; expires=Thu, 31 Aug 2023 21:06:34 GMT; path=/
oaidts=1661979993; expires=Thu, 31 Aug 2023 21:06:34 GMT; path=/
syncedCookie=true; expires=Wed, 07 Sep 2022 21:06:34 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3a5390df2c1e2022b48782d55b7dcf2a
286cbc120ec14507e36ae4099066e7e7ec272446
dfcbd4f949ad8b4df190df292375504677c33827067cc3495d48d2208c9c7221

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFCBD4F949AD8B4DF190DF292375504677C33827067CC3495D48D2208C9C7221"
Last-Modified: Tue, 30 Aug 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16899
Expires: Thu, 01 Sep 2022 01:48:13 GMT
Date: Wed, 31 Aug 2022 21:06:34 GMT
Connection: keep-alive

eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=588949383110996206&subid1=5087048&cost=0.000754&rdk=rk3

157.90.33.74

302 Found

0 B

URL HTTP/2
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=588949383110996206&subid1=5087048&cost=0.000754&rdk=rk3
IP
157.90.33.74:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=588949383110996206&subid1=5087048&cost=0.000754&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 31 Aug 2022 21:06:34 GMT
content-length: 0
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=coWmIADRRsSfwzY3e_mwjA; expires=Thu, 31 Aug 2023 21:06:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop

35.227.234.222

302 Found

0 B

URL HTTP/1.1
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
IP
35.227.234.222:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 31 Aug 2022 21:06:34 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google

media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575

23.36.79.9

301 Moved Permanently

0 B

URL HTTP/2
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP
23.36.79.9:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 31 Aug 2022 21:06:34 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 31 Aug 2022 21:06:34 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661979994427)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C2022831216%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%223662908%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Fri, 31-Aug-3021 21:06:34 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=46
X-Firefox-Spdy: h2

www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18

104.22.30.168

200 OK

13 kB

URL HTTP/2
www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
13 kB (13194 bytes)
Hash
1e197848a2364939dce7da5a7b1cdbee
28f48476b69ad1a9a29257b2def83dacc33ecdbb
d4584c2f023d8158fbeff078acde4dff3d6f32e6ee9003f34260109f020b3e51

HTTP Headers

GET /nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: text/html
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-58d9bc46b7-c6rj2; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7438bb15897cb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/fonts/DS-Digital.woff2

104.22.30.168

200 OK

776 B

URL HTTP/2
www.megarush.com/fonts/DS-Digital.woff2
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Size
776 B (776 bytes)
Hash
789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248

HTTP Headers

GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: font/woff2
content-length: 776
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 5433
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb160a1bb4eb-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Regular.woff2

104.22.30.168

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Regular.woff2
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Size
10 kB (10108 bytes)
Hash
5ec57a5a91c67095e4a7e91ac375ffb1
23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5

HTTP Headers

GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: font/woff2
content-length: 10108
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 2958
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb160a19b4eb-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Bold.woff2

104.22.30.168

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Bold.woff2
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Size
10 kB (10508 bytes)
Hash
a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37

HTTP Headers

GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: font/woff2
content-length: 10508
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 860
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb160a18b4eb-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc8ab005623fccad97ec544c1b7ff472
afb4a818db5137fc07b986aa4e5a62ff0032096b
20e90eaeefc4c5e091fd10088cbd47d7774010d1ec9bfa9e00b023919ff47c76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 21:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-K4GPX49

142.250.74.72

200 OK

50 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (24751)
Size
50 kB (50447 bytes)
Hash
d9e14e4a8c21801b9ce58b64fc7d4866
9765dba40b29460b1e33718023498f94c53be42d
62e21ef6a143d072e9e6230a9d527edd2b8df000a67b144d1ea760aaba9a71c1

HTTP Headers

GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 31 Aug 2022 21:06:34 GMT
expires: Wed, 31 Aug 2022 21:06:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50447
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc8ab005623fccad97ec544c1b7ff472
afb4a818db5137fc07b986aa4e5a62ff0032096b
20e90eaeefc4c5e091fd10088cbd47d7774010d1ec9bfa9e00b023919ff47c76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 21:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.megarush.com/favicons/favicon-194x194.png

104.22.30.168

200 OK

12 kB

URL HTTP/2
www.megarush.com/favicons/favicon-194x194.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11668 bytes)
Hash
3bc9ecb2b8d9e78d83d49da52c0292fc
b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c

HTTP Headers

GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: image/png
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32190137
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb186d6ab4eb-OSL
X-Firefox-Spdy: h2

www.megarush.com/base.css

104.22.30.168

200 OK

1.8 kB

URL HTTP/2
www.megarush.com/base.css
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.8 kB (1794 bytes)
Hash
4c1acc9cf9b5a55e113a033df95eabee
666671fd203e2b6cfb2f7c8dbd7d7bb4481301f3
39df773bc3f8c6ebbf1880531ea707aff1966faec7d4153e4939a5a9fb79e938

HTTP Headers

GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-f49"
expires: Sun, 28 Aug 2022 07:31:03 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5510
server: cloudflare
cf-ray: 7438bb160a1eb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js

54.230.245.125

200 OK

16 kB

URL HTTP/1.1
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP
54.230.245.125:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (16536)
Size
16 kB (16537 bytes)
Hash
9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a

HTTP Headers

GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Date: Tue, 30 Aug 2022 21:33:35 GMT
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
ETag: "9f2263de140cc78c0737d17051307016"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vYGjvRidQDClA2jqOxvIeBN4OJhvPkrOKyklUuh-9n42mbaoT9SsYw==
Age: 84780

www.megarush.com/chunk-vendors.76e8e4d0.css

104.22.30.168

200 OK

571 B

URL HTTP/2
www.megarush.com/chunk-vendors.76e8e4d0.css
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1522), with no line terminators
Size
571 B (571 bytes)
Hash
131b2e5b8f84675c683411ed806dcc1f
c3b39dc4c1637502ec2487aa1a783ccf9bc9d074
f6cad9ce3fd3a1369d8af0add53d67f913817778564a1232632af6324dfca1d1

HTTP Headers

GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-5f3"
expires: Thu, 25 Aug 2022 15:25:15 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5590
server: cloudflare
cf-ray: 7438bb160a20b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/service-worker.js

104.22.30.168

200 OK

8.7 kB

URL HTTP/2
www.megarush.com/service-worker.js
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
8.7 kB (8684 bytes)
Hash
62dd6c80edfe7bdac55560edc9dcc6da
9f5381d3ea77f40a5dd510e68da20dc4cb29c98f
538219fa6f50d5510a93b5447e5b7b5b63cdf1089ea60cc996713a23f7460855

HTTP Headers

GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
etag: W/"63078847-64d2"
expires: Wed, 31 Aug 2022 21:07:05 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7438bb18cdd8b4eb-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4489
Expires: Wed, 31 Aug 2022 22:21:24 GMT
Date: Wed, 31 Aug 2022 21:06:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4489
Expires: Wed, 31 Aug 2022 22:21:24 GMT
Date: Wed, 31 Aug 2022 21:06:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4489
Expires: Wed, 31 Aug 2022 22:21:24 GMT
Date: Wed, 31 Aug 2022 21:06:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4489
Expires: Wed, 31 Aug 2022 22:21:24 GMT
Date: Wed, 31 Aug 2022 21:06:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8009 bytes)
Hash
6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 03y3JoF38R7gjBYS3gHyOsivob68ykKlwvAIFEwiat2FjYfKWh-afA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 22:47:54 GMT
age: 80321
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5911 bytes)
Hash
084c7b9f1244ec72236ab517787af1e2
18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb
2ea7697ebc332bec201ffeaed54a738869b6c64784916574db2c7e6a7990fb3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5911
x-amzn-requestid: ff3b12df-1798-40bb-bf02-ad198710da96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdcGHFGYoAMFw_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630873c0-00cd86e97d0687c702a49ecb;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:18:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bdUkkt8QyTXI_NN4R4tJ3pGrDwNpoLC_aS17xUIe7623fE5xNQucrw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:59:37 GMT
age: 83218
etag: "18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97b6b2d0-435f-4820-aacb-843f0a7a375e.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11115 bytes)
Hash
5f4b18b62ff275079a412349f454f66c
3638ba3ef38c4aaeb31a12bb61aaf90034915954
d825ce440863c9a53cee3a8d0f2ca2d41e2e9176ee1234d3dd0ae861f047b031

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97b6b2d0-435f-4820-aacb-843f0a7a375e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11115
x-amzn-requestid: 11b741c1-55f5-4c28-bbf9-bd828ed204b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xkns8G8cIAMFRAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b531f-1d56c9401b90dc206b010d08;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 11:35:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4CIqSMm5XXWISAncsk_wwHBlIO6Ll4BH3FT6tN7qEM1EDtFLr7_RLA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 04:01:00 GMT
age: 61535
etag: "3638ba3ef38c4aaeb31a12bb61aaf90034915954"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5079 bytes)
Hash
5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zYT0vF7Bxa5m84D12jI2w_A-MzR3wIMBOb0ubTEdNMlpYUes5aYdlQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:44:23 GMT
age: 84132
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F136de3c9-bb24-461a-b29f-fe7b7336b28c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7582 bytes)
Hash
db8548465788b6e73fc19c63575f7d32
0502c55da685e6a5bd3506b55cd96d639346ed82
c125a0828629e46996832fd04555f503e62c0dc0e8506f069487ba8ebb2db4a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F136de3c9-bb24-461a-b29f-fe7b7336b28c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7582
x-amzn-requestid: 65712628-13c0-42e2-a090-b21fde8bd026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xg0rgE_hIAMF1ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309ce49-5feadfad6c342ae96a5a26d7;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 07:56:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AaCY2PsUVPfvdDwb7itAqcRV9NZPkDxFs1QEiYZ_FjTNp9sH4bn5rg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 06:11:47 GMT
age: 53688
etag: "0502c55da685e6a5bd3506b55cd96d639346ed82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6266 bytes)
Hash
9843fcd5eb49c75b942e3dd042f3a931
ff6de19656bc0ee5649c1367448116a9576a690a
8e9679e05e1b2194e44a962a19f226793b5d7fc2334df64f8dd560498532ad3a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6266
x-amzn-requestid: 82231f45-328a-479a-b346-108fe6a0c190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjU6bEP5IAMFaGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630acea8-6545154a39b44bb04d3bc18c;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P_a-E2SVJUpYrlOzoX9kDtHoAeyEpcqEXau-5wDupR-9AAk3gQgaHQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 10:00:10 GMT
age: 39985
etag: "ff6de19656bc0ee5649c1367448116a9576a690a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/translations/no.json

172.64.149.99

200 OK

75 kB

URL HTTP/2
megalotto-static.gigmagic.io/translations/no.json
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Size
75 kB (75144 bytes)
Hash
bf20063ff80611f4c90722ee80079cc7
33b4e13c5ecdd4dd17d1da7cc62d7c2c6bfdb9a6
cd6c2e943ba34649dc851021827f2950cf3b346d74ad9c87fc7d5d8e40cdd448

HTTP Headers

GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: application/json; charset=utf-8
content-length: 75144
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 31 Aug 2022 11:28:51 GMT
etag: "bf20063ff80611f4c90722ee80079cc7"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7438bb1939a5b518-OSL
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
6731353ed119ff4fee050fb1f9d37b84
5196833dcd4d24502a1e07e8cadc12823bb9853a
bcf848eed5bac77cff18d2f4433559a60d4029483de990e8cc2cff54b8bca6ba

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BCF848EED5BAC77CFF18D2F4433559A60D4029483DE990E8CC2CFF54B8BCA6BA"
Last-Modified: Wed, 31 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8283
Expires: Wed, 31 Aug 2022 23:24:38 GMT
Date: Wed, 31 Aug 2022 21:06:35 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c7814480468d69914283bd76761e13d4
1be7d52d63cb70bba587172711506e4b2933deec
54cbd16dc4fc50274acebf1a8db4f9ef34cb229c6990b8fc164f215307276c01

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 21:06:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a86dcc8b531a60881615aace4c60a1d7
210bd1f15a4a941f2292ae76fd9ed2ade65f489a
81c40954fe6e2421414bcc11993d3d273658580bba2c24328b35433cf85c80c3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5972
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 21:06:35 GMT
Last-Modified: Wed, 31 Aug 2022 19:27:03 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 31 Aug 2022 20:41:12 GMT
expires: Wed, 31 Aug 2022 22:41:12 GMT
cache-control: public, max-age=7200
age: 1523
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

edge.fullstory.com/s/fs.js

35.201.112.186

200 OK

63 kB

URL HTTP/2
edge.fullstory.com/s/fs.js
IP
35.201.112.186:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65410)
Size
63 kB (62596 bytes)
Hash
5236e609e3c53efc1950e159bd75152a
ffc06f27aece0dea5a822deb1bbd5924f57ea454
92efe0c78c6fb028844d7ea839d2223d1bbf579fda99f8ba156d876c69a18a14

HTTP Headers

GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsmh-I6RjXiM0v7MKqXqOAAV1gDqIBBFlN6gMGTMOvB7ZqZ84Z5YaEeguSV7sSjxgcsCTVIBjRa9LYaj9Ojkn7pKi86vJwX
x-goog-generation: 1661954446968697
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 62596
content-encoding: br
x-goog-hash: crc32c=uai+sA==, md5=UjbmCePFPvwZUOFZvXUVKg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 62596
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 31 Aug 2022 21:05:00 GMT
expires: Wed, 31 Aug 2022 22:05:00 GMT
cache-control: public, max-age=3600,no-transform
age: 95
last-modified: Wed, 31 Aug 2022 14:00:47 GMT
etag: "5236e609e3c53efc1950e159bd75152a"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s2.adform.net/banners/scripts/st/trackpoint-async.js

37.157.2.249

200 OK

31 kB

URL HTTP/2
s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
37.157.2.249:0
ASN
#198622 Adform A/S

File type
data
Size
31 kB (31102 bytes)
Hash
b310485c7e9320bb07f4aa71948cfa87
a432e34e9c85dc4f4cd13af4cec41cc74cb54b8c
1c7607df8bf0f0883bd91123e4af0bd2dfc9e18ea1b62756cbe32dd3a805a53d

HTTP Headers

GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 May 2022 11:34:23 GMT
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-amz-request-id: tx0000000000000de285712-00630fc3ca-3233e7e3-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2e1130b8c9603f88e1799eec80f53a19
6f7e449e338b2b1e06510f212c87476b21727c37
2b9eed726ea574d7d559716745cfc736d8b2f41946d17ccab5ad60ff28a089fc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 21:06:35 GMT
Last-Modified: Wed, 31 Aug 2022 20:23:33 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2e1130b8c9603f88e1799eec80f53a19
6f7e449e338b2b1e06510f212c87476b21727c37
2b9eed726ea574d7d559716745cfc736d8b2f41946d17ccab5ad60ff28a089fc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 21:06:35 GMT
Last-Modified: Wed, 31 Aug 2022 20:23:33 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

www.megarush.com/img/icons/visa--white.svg

104.22.30.168

200 OK

1.2 kB

URL HTTP/2
www.megarush.com/img/icons/visa--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.2 kB (1162 bytes)
Hash
927d5bd91014a3251349b397fa925cdd
87c462256b683176c45b5a904bbccb2cd1aa4aa2
20de473b1ebc481fa1ffc47b95b52b0d0b16418ca3b99a216057fcaf91f09246

HTTP Headers

GET /img/icons/visa--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-279"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32190818
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d8bc8b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/search.svg

104.22.30.168

200 OK

2.1 kB

URL HTTP/2
www.megarush.com/img/icons/search.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.1 kB (2101 bytes)
Hash
9a166862e18c1a0dbf16c73fc546b913
56ad699fa03049ed19eaa455068d33361a1e834a
61a40e87f6a911877cbda2f20aa318c234a923f888439ee470f2deca81d2618e

HTTP Headers

GET /img/icons/search.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-212"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32190818
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d7bc6b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-clock-badge-new.svg

104.22.30.168

200 OK

64 kB

URL HTTP/2
www.megarush.com/img/icons/mega-clock-badge-new.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
64 kB (64427 bytes)
Hash
81dbf7c20a1e0e6b86d7cc9bd4503978
a1c6e0658e0c570ec0fdb6a62c829ae3cb648672
7f101e81a4c44d89cbaaac953a0e3c7659fa8b8d5537f4772b227e1374e58318

HTTP Headers

GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7415704
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d9beeb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mastercard--white.svg

104.22.30.168

200 OK

5.2 kB

URL HTTP/2
www.megarush.com/img/icons/mastercard--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.2 kB (5216 bytes)
Hash
9dbac8bfd6273affb724a5833b482d57
9dc03730effcb49cf04a322c6d686a31841235fb
214b762416db2da88d06945e49d0fbc14f58406a4c8765000b12829d39a58832

HTTP Headers

GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32190818
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d8bcbb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/jeton--white.svg

104.22.30.168

200 OK

4.9 kB

URL HTTP/2
www.megarush.com/img/icons/jeton--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.9 kB (4892 bytes)
Hash
1d643a1b2a802aadc9dab0173d8101a2
5531f0e49ee82cce096dc8b0c1c89bff5bbca137
7cb29877d36cde5a917aadb6b3e04e497e9b07e911e850f3ce41114c95a40049

HTTP Headers

GET /img/icons/jeton--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7426380
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d8bd5b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/flag-nb-no.svg

104.22.30.168

200 OK

10 kB

URL HTTP/2
www.megarush.com/img/icons/flag-nb-no.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
10 kB (10235 bytes)
Hash
7bd500da92b4771cc627e37f39d29d9a
769596f2a07f616831a68b912187734cc3b1e4df
6ac479033f2c83a023ce63cd22c31eec6596936725ef527a767c6b96343ddced

HTTP Headers

GET /img/icons/flag-nb-no.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32190818
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d9befb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-checked-badge-new.svg

104.22.30.168

200 OK

5.1 kB

URL HTTP/2
www.megarush.com/img/icons/mega-checked-badge-new.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.1 kB (5103 bytes)
Hash
8d52c2152fd71f3b7eb829fb008c4faf
2394bda01b1c9bbfe19216387c711f46e50aa7a6
f6451494392c3599400ef07f417b695039cd7fb0cff2a958e36b594da586c99e

HTTP Headers

GET /img/icons/mega-checked-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-66f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 27428237
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d9beab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/astropaycard--white.svg

104.22.30.168

200 OK

12 kB

URL HTTP/2
www.megarush.com/img/icons/astropaycard--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
12 kB (12277 bytes)
Hash
f2422f785cb8ff646bd290d059a95cbd
1b53df293b12992ff0db4f9e1baac9cbe99ecfe5
7b58c1274f09472c1ad3fdd936e685e1e8803c9bfdd056f4cd7c5fc46db3002b

HTTP Headers

GET /img/icons/astropaycard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5023192
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d8bccb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-phone-badge-new.svg

104.22.30.168

200 OK

22 kB

URL HTTP/2
www.megarush.com/img/icons/mega-phone-badge-new.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
22 kB (21715 bytes)
Hash
335bf88bb5eac154c61297d931ca180a
f1f978c64114525983d47561db329ad45074a4c5
d9f5339dc9f543555c89be291d0c91cf8f000a00a2d1f32cd407dfbd52ad3cbf

HTTP Headers

GET /img/icons/mega-phone-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 27428237
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d8be0b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/onlinedisputeresolution.svg

104.22.30.168

200 OK

5.2 kB

URL HTTP/2
www.megarush.com/img/icons/onlinedisputeresolution.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.2 kB (5242 bytes)
Hash
c84b0c972baae2022df49d7ade53b804
967b6c605795f63f454dee6d90ebcb63704ed244
ed273ad928c6e5c13372ffc6dab275ffa0b8cdffb7a3a4bf2bf56b0511f2793e

HTTP Headers

GET /img/icons/onlinedisputeresolution.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1a7e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6672590
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d9bf8b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/casino--side-nav.svg

104.22.30.168

200 OK

49 kB

URL HTTP/2
www.megarush.com/img/icons/casino--side-nav.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
49 kB (49435 bytes)
Hash
af0408f08dabe2a50dce5512609ed0dc
00ce043cd0aa3be64fc29291bc2f6cfdcf2f0607
2848a7b59269460a9f05907b9a86fd785ef7a9661e62304af4e7a983e9da40f6

HTTP Headers

GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 15938416
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d6b8fb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--yellow.svg

104.22.30.168

200 OK

15 kB

URL HTTP/2
www.megarush.com/img/icons/live-casino--yellow.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
15 kB (15188 bytes)
Hash
9879488c76997eae0d2317d7465b52b6
9027044af26917bdaf42511840bd4f59baf8cee9
3b19eba5c61555e8b4b64afb43a779dd2f831b4a8b55420f39a62ef5ad906c02

HTTP Headers

GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 15915690
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d6b96b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-bolt-badge-new.svg

104.22.30.168

200 OK

4.2 kB

URL HTTP/2
www.megarush.com/img/icons/mega-bolt-badge-new.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.2 kB (4158 bytes)
Hash
d7873f8858f92fa4f180d653f9194174
1fdf00472c4ae8990fa01f27798396387bfee6f2
94bf2aad48f35b73e6533c1bd7689e6701665d7bec9342d5dccfa37507ec48d8

HTTP Headers

GET /img/icons/mega-bolt-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-655"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 689695
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d8bd6b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/relaxGaming.svg

104.22.30.168

200 OK

17 kB

URL HTTP/2
www.megarush.com/img/icons/relaxGaming.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
17 kB (16876 bytes)
Hash
45383c8be58439f9b9385b90217b854a
58e3f34f13d9fb12f65a385ca1d3f9eddb1800ed
b48e2f6300d070256b8fbee88af873db5d8dfe13dc19bb3322a20b652b622d39

HTTP Headers

GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5022617
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d4b6db4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/trustly--white.svg

104.22.30.168

200 OK

5.0 kB

URL HTTP/2
www.megarush.com/img/icons/trustly--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.0 kB (5023 bytes)
Hash
c0274da7c2edaa8f05896f85a4ac7c79
73310e2d0160ac29bf5c1460aa7105b9d6f24014
95c97b983dd4b11505a6899f99432fe73846069a23ebdd7c25a56b1d926c7c78

HTTP Headers

GET /img/icons/trustly--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7427661
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d8bcfb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/promotions--updated.svg

104.22.30.168

200 OK

36 kB

URL HTTP/2
www.megarush.com/img/icons/promotions--updated.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
36 kB (35786 bytes)
Hash
2ecb1e146c5cb69215b3f370d489acd2
d27ccd0453a6757b3607b9d1e240e82d93d9c497
84a87eb69a9a48fa0fffe44dee111b30abb6b58ae1fd48bfc4d7f9427f58b9e7

HTTP Headers

GET /img/icons/promotions--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7422223
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d6ba3b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/smoke-2.png

104.22.30.168

200 OK

75 kB

URL HTTP/2
www.megarush.com/img/home-page/smoke-2.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1187 x 471, 8-bit/color RGBA, non-interlaced\012- data
Size
75 kB (74825 bytes)
Hash
b52d54230805a82ccdbc1484c6bde4aa
73fcb683ec6b5598a0b89138843c479d5f479fe0
97b1cfcdf70c6c432984de8f4c9350281c61d6503bd8cd1add15e46ea359eade

HTTP Headers

GET /img/home-page/smoke-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/png
content-length: 74825
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-12449"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7426380
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1edd92b4eb-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/question-mark-1.d872b1da.png

104.22.30.168

200 OK

54 kB

URL HTTP/2
www.megarush.com/img/question-mark-1.d872b1da.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 632 x 820, 8-bit colormap, non-interlaced\012- data
Size
54 kB (53566 bytes)
Hash
d872b1daeb19c1afe87b87c10de4343d
40c2dbf4eea216df495b10b6c039356432b41c4f
56d454faccb635efca719d35f33cd06b0131c75ee321a7f1fb6914099ebdcf96

HTTP Headers

GET /img/question-mark-1.d872b1da.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/png
content-length: 53566
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-d13e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6558332
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1edd9eb4eb-OSL
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

172.64.149.99

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:36 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=37cd76cd7b4434682f3f2d1b20ad6cb2; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7438bb1ee933b518-OSL
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/promotions/filter

172.64.149.99

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:36 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=cc622b2e104c3051230149c595c2e3ea; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7438bb1ee938b518-OSL
X-Firefox-Spdy: h2

www.megarush.com/video/arcade-game.webm

104.22.30.168

206 Partial Content

61 kB

URL HTTP/2
www.megarush.com/video/arcade-game.webm
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
61 kB (61172 bytes)
Hash
9aaef915ba1a5046a92ef8dfcc58cdba
c25acbf957571a53c4ca7cc5a910757e4cfffd66
565d4805821948f9740cd260a8da41b19189a2f3658867815af960a5a31f035a

HTTP Headers

GET /video/arcade-game.webm HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Range: bytes=0-
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
TE: trailers

HTTP/2 206 Partial Content
date: Wed, 31 Aug 2022 21:06:36 GMT
content-type: video/webm
content-length: 61172
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-eef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-range: bytes 0-61171/61172
cf-cache-status: BYPASS
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-58d9bc46b7-c6rj2; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
app_uid=CoAHgWMPzVwWSAAsBAwoAg==; expires=Fri, 30-Sep-22 21:06:36 GMT; domain=$host; path=/
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1efdccb4eb-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/games--flat.svg

104.22.30.168

200 OK

84 kB

URL HTTP/2
www.megarush.com/img/icons/games--flat.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
84 kB (84468 bytes)
Hash
1d8cbdebfc3659ba7e6ef7a535b8cb2a
fc9d697bd2ec1a1434b9467981ae11994b3f1c62
95e6eb9f24cb4425d99854dcaa14372e3584a9b11e8fefbcb9232b6cdff3e093

HTTP Headers

GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32190818
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d7bc1b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/pragmaticPlay.svg

104.22.30.168

200 OK

36 kB

URL HTTP/2
www.megarush.com/img/icons/pragmaticPlay.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
36 kB (35653 bytes)
Hash
8a21c18510baade3091b9a67874778ac
85880ef8bb2168b2282c595b342df13c384c57fd
e8fd472a825146deec30412af41eee7f962e465afa61b3c3a4e3bbd8992f4cca

HTTP Headers

GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7259014
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d5b75b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/games/no_NO.json

172.64.149.99

200 OK

713 kB

URL HTTP/2
megalotto-static.gigmagic.io/games/no_NO.json
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
713 kB (713442 bytes)
Hash
a0b00db38fe6cec9071251cd729d7ab9
231d882f806fce7654c5a0e261d17ee047091a3a
bda273d421c0442a5cb6f57efbc6bd8cc993e47333057777fd79ec4dc6dcb43f

HTTP Headers

GET /games/no_NO.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:36 GMT
content-type: application/json; charset=utf-8
content-length: 713442
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Mon, 29 Aug 2022 13:00:08 GMT
etag: "a0b00db38fe6cec9071251cd729d7ab9"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7438bb1e98d2b518-OSL
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/js/retargeting-pixels.1fa1ceda.js

151.101.86.249

200 OK

341 B

URL HTTP/1.1
open.spotifycdn.com/cdn/js/retargeting-pixels.1fa1ceda.js
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text
Size
341 B (341 bytes)
Hash
b1e05d596f20403deddf27dd10571f9f
8e3b2fc8d58812be2767f96be1049ccad184f7d3
61c93415dd40644e430f5b4de605db6351d75a0bccce32289ebc02774f2f3175

HTTP Headers

GET /cdn/js/retargeting-pixels.1fa1ceda.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 341
Last-Modified: Mon, 01 Aug 2022 09:59:03 GMT
ETag: "b1e05d596f20403deddf27dd10571f9f"
x-goog-generation: 1659347943292449
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 341
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Wed, 31 Aug 2022 21:06:36 GMT
Age: 2574202
X-Served-By: cache-chi-klot8100099-CHI, cache-bma1636-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3066, 8611
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

www.megarush.com/img/iso.fc5b238b.svg

104.22.30.168

200 OK

4.0 kB

URL HTTP/2
www.megarush.com/img/iso.fc5b238b.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (23516)
Size
4.0 kB (4041 bytes)
Hash
6f9b94fa0bf67e39c761d527a0c16e89
df04521fdc4a8884a502eff510f17ab69efa6d15
9656361d6d5a23a912a5a718b29927e6b94ec4ff04f807a41e47ccd58430abc3

HTTP Headers

GET /img/iso.fc5b238b.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-363"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32190818
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1eedb6b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d319d911.woff2

151.101.86.249

200 OK

57 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d319d911.woff2
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 56996, version 1.0\012- data
Size
57 kB (56996 bytes)
Hash
3b7bbfac9ed3e75d426728e900579aa9
baff27e32807b7c8c558e2102aa2e034a47c1561
d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1

HTTP Headers

GET /cdn/fonts/spoticon_regular_2.d319d911.woff2 HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 56996
Last-Modified: Mon, 13 Jun 2022 14:00:42 GMT
ETag: "3b7bbfac9ed3e75d426728e900579aa9"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Date: Wed, 31 Aug 2022 21:06:36 GMT
Age: 6850978
X-Served-By: cache-ord1736-ORD, cache-chi-kigq8000054-CHI, cache-bma1679-BMA
X-Cache: MISS, HIT, HIT
X-Cache-Hits: 0, 1, 47674
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.d5d0c434.js

151.101.86.249

200 OK

130 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.d5d0c434.js
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
130 kB (129826 bytes)
Hash
54c8b4cc7161fe34e93d55fabb6c7cd2
1f81735e39a5f44d74029c1017ecfdd0e28c170b
0b0ea4e696c8a04098fce51212aa3df205fbaf67119cd9a416a2f5da49962532

HTTP Headers

GET /cdn/build/embed-legacy/embed-legacy.d5d0c434.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 129826
Last-Modified: Wed, 31 Aug 2022 20:39:55 GMT
ETag: "54c8b4cc7161fe34e93d55fabb6c7cd2"
x-goog-generation: 1661978395657972
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 129826
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Wed, 31 Aug 2022 21:06:36 GMT
Age: 1383
X-Served-By: cache-chi-klot8100111-CHI, cache-bma1641-BMA
X-Cache: MISS, HIT
X-Cache-Hits: 0, 43
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

www.megarush.com/img/home-page/glows/blue-jackpot.svg

104.22.30.168

200 OK

84 kB

URL HTTP/2
www.megarush.com/img/home-page/glows/blue-jackpot.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- data
Size
84 kB (84408 bytes)
Hash
1328259c0c8b1dd89bf66d84ca00efe1
eaff91df5e1743e033934ea9d394b6712ea3776e
acb6344b32bcd92e1f182276da33dbd4867c1ed3519cbc7aaa5182c40594a7ca

HTTP Headers

GET /img/home-page/glows/blue-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 27944425
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1edd9cb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/grid-new-2.svg

104.22.30.168

200 OK

221 kB

URL HTTP/2
www.megarush.com/img/home-page/grid-new-2.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (52844)
Size
221 kB (221240 bytes)
Hash
540262fda4df07e2bacf61d5e327fcd7
4220b0ab47b77c8127ec9b44976bcad1bf05e5f5
75e67729f1889d18a14f4c689c6c3d4172f8bcccf9504bbb721bef3aabfd127b

HTTP Headers

GET /img/home-page/grid-new-2.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:20:15 GMT
etag: W/"616d4a5f-3194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 27427327
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1eedb3b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2

151.101.86.248

200 OK

87 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 87350, version 1.66\012- data
Size
87 kB (87344 bytes)
Hash
db1a27b35e26398fef4be920ea96078d
436a76d889fe34eaf1c213447d3d94a5dc3adedd
847a8377ef2e424408f08c04f34697edd3ceca9f8a6455678493dd69e5d0bd47

HTTP Headers

GET /fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 87344
Last-Modified: Thu, 19 May 2022 07:59:23 GMT
ETag: "db1a27b35e26398fef4be920ea96078d"
x-goog-generation: 1652947162999500
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 87344
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Wed, 31 Aug 2022 21:06:36 GMT
Age: 4878484
X-Served-By: cache-ord1746-ORD, cache-chi-klot8100076-CHI, cache-bma1637-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 93730
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2

151.101.86.248

200 OK

86 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 85622, version 1.66\012- data
Size
86 kB (85585 bytes)
Hash
0e196bce574e01f42fc686e3e6dc4f76
330b633667a9533638955e725e53a760904170eb
94591008ecb9d40b575e52b72bd30dc31bab0b064ba132766fb80f95f85d27aa

HTTP Headers

GET /fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 85585
Last-Modified: Thu, 19 May 2022 07:59:22 GMT
ETag: "0e196bce574e01f42fc686e3e6dc4f76"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Wed, 31 Aug 2022 21:06:36 GMT
Age: 4878485
X-Served-By: cache-ord1740-ORD, cache-chi-kigq8000179-CHI, cache-bma1678-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 10550
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2

151.101.86.248

200 OK

90 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 89536, version 1.66\012- data
Size
90 kB (89529 bytes)
Hash
216b12b5a9657850b1b324e158454f8e
b02b14e1ed70d323167efa295ceb8ba156a37fab
81c0ae5eb7c7ea1bca274d51be67818e3f2577e63c9f2ee766b20e8964335db9

HTTP Headers

GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89529
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: "216b12b5a9657850b1b324e158454f8e"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Wed, 31 Aug 2022 21:06:36 GMT
Age: 4433381
X-Served-By: cache-ord1735-ORD, cache-chi-klot8100109-CHI, cache-bma1657-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 90280
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

109 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
109 B (109 bytes)
Hash
b9cfac45737830dcf831de519781ff58
3d98efacfa8b1e0f86b8942e9fe89d4f8362cea0
2a89285f8fe89c4ac9312f49c9853d541070a85d60b2f26a5f3c840402f3ed71

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 109
date: Wed, 31 Aug 2022 21:06:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/purple-jackpot.svg

104.22.30.168

200 OK

1.5 kB

URL HTTP/2
www.megarush.com/img/home-page/glows/purple-jackpot.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5195), with CRLF, LF line terminators
Size
1.5 kB (1522 bytes)
Hash
690304aa596ab15132e176be29f22620
608d6690af146a86ef250135fa5286d4e903c453
f874f26699434ddec5b2f7ac6833314e3467d22da77713e0c4a6740f11a65513

HTTP Headers

GET /img/home-page/glows/purple-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7399518
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1edd97b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8

151.101.86.248

200 OK

131 kB

URL HTTP/1.1
i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Size
131 kB (130780 bytes)
Hash
ccb11204819dd6617e4e1fba9eeb5a84
3f5233f01c8ce71ffddde8694d269ee834964b93
f3fa391ba021ceb98c27ff44f743db4d6a4073c0faf83ebf9f030d82bf4e6111

HTTP Headers

GET /image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 130780
Last-Modified: Fri, 30 Apr 2021 15:10:01 GMT
ETag: "ccb11204819dd6617e4e1fba9eeb5a84"
x-goog-generation: 1619795401707780
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 130780
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Wed, 31 Aug 2022 21:06:36 GMT
Age: 739522
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000120-CHI, cache-bma1650-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2749466b2ba37815fcf143defcec2b9
4a7918ce58d38335cf0c7a4bbbc34c300acd2057
e3114f30b528554680e36167059de3ee8d987e6bbba429026bc86d8433c41d6c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3114F30B528554680E36167059DE3EE8D987E6BBBA429026BC86D8433C41D6C"
Last-Modified: Tue, 30 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8757
Expires: Wed, 31 Aug 2022 23:32:33 GMT
Date: Wed, 31 Aug 2022 21:06:36 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
525f9e8c9dc4bd32dd69c7720b3ad4ad
ba2fae455ce49a7f8b05175a1fa4e3e392d4a191
098192a37b97b8211f17347193607c89628393c31fd30a65f98e9ed4364b7725

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "098192A37B97B8211F17347193607C89628393C31FD30A65F98E9ED4364B7725"
Last-Modified: Tue, 30 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8647
Expires: Wed, 31 Aug 2022 23:30:43 GMT
Date: Wed, 31 Aug 2022 21:06:36 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
525f9e8c9dc4bd32dd69c7720b3ad4ad
ba2fae455ce49a7f8b05175a1fa4e3e392d4a191
098192a37b97b8211f17347193607c89628393c31fd30a65f98e9ed4364b7725

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "098192A37B97B8211F17347193607C89628393C31FD30A65F98E9ED4364B7725"
Last-Modified: Tue, 30 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8647
Expires: Wed, 31 Aug 2022 23:30:43 GMT
Date: Wed, 31 Aug 2022 21:06:36 GMT
Connection: keep-alive

graphql.datocms.com/

104.22.2.238

200 OK

0 B

URL HTTP/2
graphql.datocms.com/
IP
104.22.2.238:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:36 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.megarush.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7438bb24de2a1c16-OSL
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=631181932419&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D67D753D7FB6449A8AD23CEDD5E9BC18

37.157.2.234

302 Found

422 B

URL HTTP/2
track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=631181932419&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D67D753D7FB6449A8AD23CEDD5E9BC18
IP
37.157.2.234:0
ASN
#198622 Adform A/S

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (301), with CRLF, LF line terminators
Size
422 B (422 bytes)
Hash
b0d703c216d587b0c02f7fcfe76e0a2d
fa1b18ba57416723b015087466c90928ebfaa444
741f7feaff4b0d6e7ad0383a0f2340b0f766b86163df1fa1d7cc4de9540df008

HTTP Headers

GET /Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=631181932419&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D67D753D7FB6449A8AD23CEDD5E9BC18 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive

HTTP/2 302 Found
server: nginx
date: Wed, 31 Aug 2022 21:06:36 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=631181932419&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D67D753D7FB6449A8AD23CEDD5E9BC18
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Fri, 30-Sep-2022 21:06:36 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0ef2bcb6aacce5842a4458299b4f6190
aa745bc220e21e280693204c62c1082a3c033097
ed79282a82a8ba2dd414d6f9424ed66946edf54a5748f35e9ad2afdbb2a01602

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3014
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 21:06:37 GMT
Last-Modified: Wed, 31 Aug 2022 20:16:23 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Wed, 31 Aug 2022 21:06:36 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Wed, 31 Aug 2022 21:06:36 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2749466b2ba37815fcf143defcec2b9
4a7918ce58d38335cf0c7a4bbbc34c300acd2057
e3114f30b528554680e36167059de3ee8d987e6bbba429026bc86d8433c41d6c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3114F30B528554680E36167059DE3EE8D987E6BBBA429026BC86D8433C41D6C"
Last-Modified: Tue, 30 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8756
Expires: Wed, 31 Aug 2022 23:32:33 GMT
Date: Wed, 31 Aug 2022 21:06:37 GMT
Connection: keep-alive

rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js

54.230.111.33

200 OK

271 B

URL HTTP/2
rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
271 B (271 bytes)
Hash
34e255255d25312b08a2cc8566b5bf38
56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23

HTTP Headers

GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Wed, 31 Aug 2022 20:36:40 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m0drZ5GWEzeavtsReG1yTWMnMgMz0ugtyj5s-QcNGV51LGen2C5VOQ==
age: 1798
X-Firefox-Spdy: h2

pxl.qccerttest.com/pixel?r=953782039;fpan=1;fpa=P0-479945806-1661979996796;pbc=;ns=1;ce=0;qjs=1;qv=223cf405-20220825122038;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1661979996796;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1109823852%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D67D753D7FB6449A8AD23CEDD5E9BC18;ogl=

143.204.55.93

200 OK

35 B

URL HTTP/2
pxl.qccerttest.com/pixel?r=953782039;fpan=1;fpa=P0-479945806-1661979996796;pbc=;ns=1;ce=0;qjs=1;qv=223cf405-20220825122038;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1661979996796;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1109823852%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D67D753D7FB6449A8AD23CEDD5E9BC18;ogl=
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel?r=953782039;fpan=1;fpa=P0-479945806-1661979996796;pbc=;ns=1;ce=0;qjs=1;qv=223cf405-20220825122038;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1661979996796;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1109823852%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D67D753D7FB6449A8AD23CEDD5E9BC18;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 31 Aug 2022 05:55:33 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NFhYL91bl5-X9Wk-TxBWhAxP8u0O9yAxZnIlV3XN3QqQ3drYPbP00A==
age: 54665
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

pixel.quantserve.com/pixel;r=1607361005;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1109823852%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D67D753D7FB6449A8AD23CEDD5E9BC18;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-479945806-1661979996796;pbc=;ns=1;ce=0;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;d=track.adform.net;dst=0;et=1661979996798;tzo=0;ogl=;ses=abd5abad-5469-4def-893b-25bd07d3b9ff

91.228.74.200

200 OK

35 B

URL HTTP/2
pixel.quantserve.com/pixel;r=1607361005;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1109823852%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D67D753D7FB6449A8AD23CEDD5E9BC18;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-479945806-1661979996796;pbc=;ns=1;ce=0;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;d=track.adform.net;dst=0;et=1661979996798;tzo=0;ogl=;ses=abd5abad-5469-4def-893b-25bd07d3b9ff
IP
91.228.74.200:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel;r=1607361005;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1109823852%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D67D753D7FB6449A8AD23CEDD5E9BC18;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-479945806-1661979996796;pbc=;ns=1;ce=0;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;d=track.adform.net;dst=0;et=1661979996798;tzo=0;ogl=;ses=abd5abad-5469-4def-893b-25bd07d3b9ff HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:37 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=630fcd5d-1da34-1d96e-5667a; expires=Sun, 01-Oct-2023 21:06:37 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 31 Aug 2022 21:06:36 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 31 Aug 2022 21:06:36 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/video/header-video-720p.webm

172.64.149.99

206 Partial Content

1.3 MB

URL HTTP/2
megalotto-static.gigmagic.io/video/header-video-720p.webm
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.3 MB (1336865 bytes)
Hash
63177b286fe4cb8a5431377710ad3715
e762daea246c011e634a226f6062a9a27a344f80
ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817

HTTP Headers

GET /video/header-video-720p.webm HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=0-
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 206 Partial Content
date: Wed, 31 Aug 2022 21:06:37 GMT
content-type: video/webm
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Thu, 01 Sep 2022 01:06:37 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 7438bb24d838b518-OSL
X-Firefox-Spdy: h2

sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1

35.188.42.15

200 OK

2 B

URL HTTP/1.1
sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
IP
35.188.42.15:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 Aug 2022 21:06:37 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5910 bytes)
Hash
7dcb5acc5186b678254184c5dac12079
d7c84b42a0dd5b86a0668127698fd5f25b647fcb
8173103eda58bf2f1af2d077fc90c2c1b6d2a93265092a9c3152b686e05a4f9d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5910
x-amzn-requestid: 935b97da-1473-4863-bad2-a732709de9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslNHEfTIAMFWrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e8253-150847db7280350c19e2e464;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0RN7uc1rCMPWabmuO7QRLxIQ2mv0PFqTfL-dF7a6a3i1gFn0TtF8Nw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:45:19 GMT
age: 84082
etag: "d7c84b42a0dd5b86a0668127698fd5f25b647fcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

107 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
107 B (107 bytes)
Hash
f55ebaf8fa173f10d3392c1156149fbe
904dedcf2b6e63966d4be78a398475ba30312cb9
a1dae9a9f247d07f8e50162bebbb3c4860033126f410669276bf7585ab3ad957

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 107
date: Wed, 31 Aug 2022 21:06:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/img/icons/netent.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/netent.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7427661
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d5b72b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/askgamblers.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/askgamblers.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/askgamblers.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-126e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7422223
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1dac13b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/loader.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/loader.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/loader.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32189711
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1dac16b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

scripts.mediamathrdrt.com/scripts/b_megarush.js

172.67.170.210

200 OK

0 B

URL HTTP/2
scripts.mediamathrdrt.com/scripts/b_megarush.js
IP
172.67.170.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 1bd88b13-f4bb-4785-a38c-bd7769948408
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.004030
expires: 2022-08-01 21:06:35 UTC
x-powered-by: Phusion Passenger(R) 6.0.10
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFJPU7SK%2BJyxlFgp4U1i1%2BrVyoykC0MrekCggBrsGOg7EbWeUwa56pVL673TkK7tdzdEBmpkF5d17%2Fi3G6TAwG0MfpdcP0MCqUEq7JXVx3ueQ5H1XnZc2EdRfodjjctLr5q74ss%2BPqE7GNN8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7438bb191962b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.megarush.com/js/index.f6004837.js

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/js/index.f6004837.js
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/index.f6004837.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-160eb4"
expires: Thu, 25 Aug 2022 14:39:00 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1248
server: cloudflare
cf-ray: 7438bb161a32b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/help-round.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/help-round.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/help-round.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32190818
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d7bc0b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/logo.4c52d90d.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/logo.4c52d90d.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/logo.4c52d90d.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-931"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7422223
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1eedbeb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mga.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mga.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mga.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-74d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7426379
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d9bf2b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/playAndGo.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/playAndGo.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 28965222
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d4b6ab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/megaclub--updated.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/megaclub--updated.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7427969
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d6b9fb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1109823852&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D67D753D7FB6449A8AD23CEDD5E9BC18

37.157.2.234

200 OK

0 B

URL HTTP/2
track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1109823852&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D67D753D7FB6449A8AD23CEDD5E9BC18
IP
37.157.2.234:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1109823852&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D67D753D7FB6449A8AD23CEDD5E9BC18 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 21:06:36 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

www.megarush.com/index.30053c2cd5717880348c.css

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/index.30053c2cd5717880348c.css
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.30053c2cd5717880348c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228336
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-37bf0"
expires: Thu, 25 Aug 2022 14:39:00 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1237
server: cloudflare
cf-ray: 7438bb160a21b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/js/chunk-vendors.8490e2f1.js

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/js/chunk-vendors.8490e2f1.js
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/chunk-vendors.8490e2f1.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:34 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-4f9e5"
expires: Thu, 25 Aug 2022 14:39:00 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1248
server: cloudflare
cf-ray: 7438bb161a29b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/promotions--flat.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/promotions--flat.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 15915690
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d7bc5b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gambleaware18.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/gambleaware18.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/gambleaware18.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7420080
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1dac0ab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

secure.quantserve.com/quant.js

91.228.74.200

200 OK

0 B

URL HTTP/2
secure.quantserve.com/quant.js
IP
91.228.74.200:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:37 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "TFjIU174W8I7nbu1DVEZpA=="
expires: Wed, 07 Sep 2022 21:06:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gamblersanonymous.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/gamblersanonymous.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/gamblersanonymous.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5023192
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d9c07b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gamcare.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/gamcare.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/gamcare.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-dd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32190818
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d9c02b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/palms.1f322dbc.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/palms.1f322dbc.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/palms.1f322dbc.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-33a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5023191
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1edda3b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--flat.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/live-casino--flat.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/live-casino--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32190818
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d7bc3b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/payments.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/payments.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7426380
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d7bbeb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/menu.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/menu.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/menu.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-c6rj2; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=ce9b33b85ec97421fa7db232ed6ef05c; btag=656126_D67D753D7FB6449A8AD23CEDD5E9BC18; _ga=GA1.2.1330230964.1661979995; _gid=GA1.2.1754870928.1661979995; _gat_UA-143790984-2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Mar 2022 09:55:04 GMT
etag: W/"62330578-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 14197577
vary: Accept-Encoding
server: cloudflare
cf-ray: 7438bb1d7bc7b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi

35.186.224.25

302 Found

0 B

URL HTTP/2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP
35.186.224.25:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 31 Aug 2022 21:06:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=3663db73a8f64c18ad9bffb8778d911e; path=/; expires=Thu, 31 Aug 2023 21:06:35 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D3663db73a8f64c18ad9bffb8778d911e%26device%3Ddesktop; path=/; expires=Thu, 01 Sep 2022 21:06:35 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: c700cee768245acf
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations