Report - safe-guard.site/id/env/tokopedia

Report Overview

Submitted URL
safe-guard.site/id/env/tokopedia
IP
212.237.233.86
ASN
#212531 UAB Interneto vizija
Submitted
2022-09-19 04:57:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
i.scdn.co	1162	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	131 kB	151.101.86.248
pixel.quantserve.com	417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	973 B	459 B	91.228.74.166
gew4-spclient.spotify.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	1.6 kB	35.186.224.17
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
eu.can-get-so.me	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	527 B	338 B	157.90.33.71
d3mi6d1ao3fzsg.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	17 kB	54.230.245.125
graphql.datocms.com	163121	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	971 B	2.9 kB	172.67.11.48
open.spotify.com	3062	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.4 kB	35.186.224.25
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.5 kB	23.36.77.32
megalotto-img.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	881 B	116 kB	172.64.149.99
apresolve.spotify.com	753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	816 B	826 B	34.98.74.57
35.227.234.222	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	204 B	35.227.234.222
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	40 kB	34.120.237.76
s2.adform.net	4693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	41 kB	37.157.2.249
www.megarush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	54 kB	2.8 MB	104.22.30.168
megalotto-api.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	3.1 kB	172.64.149.99
sentry.io	2743	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	556 B	404 B	35.188.42.15
secure.quantserve.com	973	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	293 B	91.228.74.166
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.208.31.97
track.adform.net	3564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	543 B	715 kB	37.157.6.245
rules.quantcount.com	877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	937 B	54.230.111.47
safe-guard.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	703 B	732 B	212.237.233.86
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.4 kB	93.184.220.29
scripts.mediamathrdrt.com	273493	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	857 B	4.1 kB	172.67.170.210
megalotto-static.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	76 kB	172.64.149.99
media.megarushaffiliates.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	1.1 kB	23.36.79.18
rs.fullstory.com	2455	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	417 B	35.186.194.58
pxl.qccerttest.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	746 B	143.204.55.93
encore.scdn.co	25928	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	485 B	90 kB	151.101.86.248
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
whampamp.com	30947	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	5.5 kB	139.45.197.236
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	104.18.32.68
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	678 B	139.45.195.8

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-19	medium	safe-guard.site/id/env/tokopedia	Phishing
2022-09-19	medium	safe-guard.site/id/env/tokopedia/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-19	medium	whampamp.com	Sinkholed
2022-09-19	medium	whampamp.com	Sinkholed
2022-09-19	medium	whampamp.com	Sinkholed

JavaScript (26)

	URL	Size	First Seen	Last Seen
	whampamp.com/4/5087048?var=ag2	5.4 kB	2023-03-07	2023-03-07
Pretty URL whampamp.com/4/5087048?var=ag2 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:28:52 Last Seen2023-03-07 18:28:52 Times Seen1 Hash b47d169feeeaa4cf74a145b3c35d0a51 65d6a1d2dd79e63175ce93e737823567c0c7b3f7 38baf00ef4de0e087aa69e4f7d10c59c84b98e254d5d49ae196e51a2340d2571 Loading...

	www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151	72 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 05767ea3358595f1121304133ca91186 9cc28d62d149415bc7708e7d4c65a0a679017c65 6c8e8873e5f00c38cae3d86f5fe172fe8d8192995d2b7180c9801bbf46d29c12 Loading...

	www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151	1.1 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 8d23e75026216948f6f5480cfec43614 19f79c45ee1364682a41bf32d9ed60000977c5e8 82cd2ac7e097cd8a40b29aacebcbdb07b414cf167a11c9c88af7e6733b712efc Loading...

	track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=799004089382&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_1128B47F00DE4FC29041558C24ADB151	385 B	2023-03-07	2023-03-07
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=799004089382&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_1128B47F00DE4FC29041558C24ADB151 IP 37.157.6.245 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:28:52 Last Seen2023-03-07 18:28:52 Times Seen1 Hash dafb8f8e0dbe2e058030efa21f769288 64bc19c8022cf0da4a31076b89b73c3c1f418c24 42e4f83680f0524c795018da0b7a46d2dac4fee05982c73124d660c134af5223 Loading...

	secure.quantserve.com/quant.js	27 kB	2023-03-07	2023-03-17
Pretty URL secure.quantserve.com/quant.js IP 91.228.74.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:49:11 Last Seen2023-03-17 12:55:49 Times Seen1 Hash 78ddecc5281a6afd31e701cbc4607581 91f15c2f3080ddccb4aaddcbaceeb6cfc462771b 34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745 Loading...

	rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js	271 B	2023-03-07	2023-03-17
Pretty URL rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js IP 54.230.111.47 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 34e255255d25312b08a2cc8566b5bf38 56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85 1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23 Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1685911480&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_1128B47F00DE4FC29041558C24ADB151	542 B	2023-03-07	2023-03-17
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1685911480&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_1128B47F00DE4FC29041558C24ADB151 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 2ccd12d03fad8f3e6cecde40cdd802ba 28d041241344c759642b1788adcf27b0582c7e04 56430687824251353e667ff24b449b626c78df2e3b7da8d829dd1a49b5a2708c Loading...

	www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151	373 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e94fe87cb0f9b191e8a2f2c0fa5e267a 3c2deb6b38f8cf76c90e2b6bd12161bccbc8ca9b 51c583bce95c19f63dcd7bc23d3cd1267ad6f710e77f1b946717d231c60dbc5f Loading...

	www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151	244 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 251b3c4f175a3557d020af7276e3a62c 78d8f5a1fc8fa63a6b05f87b13beb475f68d065a b681075422c11c3cf1edf3e9aac4a0ac48bbe5f5302eeb45f3f63a82e779fe24 Loading...

	www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151	68 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e239a24babf5dcada90d18e249730189 a03c92a556330ca1c9611eb6d488aacc7889df2e a1e90c45f22ab45026fe49d18aa82a55e295ec4efa4aaf16e3f04365567bc0e2 Loading...

	www.megarush.com/js/index.94a008e8.js	1.4 MB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/index.94a008e8.js IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:35:30 Last Seen2023-03-17 12:45:42 Times Seen1 Hash f00870c1f312d6ce57cd7201de92a418 c33eb3a71a78416d53cd8ba09b505e181aacf22a 7a5cb32a27e1b23ef27215c5960ea8364d85fea97b2d5b6dc96d98d7e947040f Loading...

	edge.fullstory.com/s/fs.js	251 kB	2023-03-07	2023-03-17
Pretty URL edge.fullstory.com/s/fs.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:50:46 Times Seen1 Hash f3e4c056a560d0a69450b1bcf8e21b7b 69e4e577d43b77da007f0bb0ca11d305ec907bc6 647c61b085ea098e8b5d6c0498c18e97bd9cc858ec3e6763cd16cb64d61c47f8 Loading...

	s2.adform.net/banners/scripts/st/trackpoint-async.js	83 kB	2023-03-07	2024-04-11
Pretty URL s2.adform.net/banners/scripts/st/trackpoint-async.js IP 37.157.2.249 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-11 07:25:49 Times Seen5 Hash 552eeb5f0620fb6f56733d625b5e719e 4b82da5898c97f3db9b9311ab0109231f90cd6d8 ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3 Loading...

	scripts.mediamathrdrt.com/scripts/b_megarush.js	805 B	2023-03-07	2024-03-29
Pretty URL scripts.mediamathrdrt.com/scripts/b_megarush.js IP 172.67.170.210 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2024-03-29 16:08:03 Times Seen301 Hash 515636fd468eb57dafca110b214b3161 2843400ad362c003c84b007091acd45c7ecf813f b89528e21d6f85cc11459c7b6ec733cb9f9775a351f6dda2597aa76eeca5b761 Loading...

	open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js	742 kB	2023-03-07	2023-03-17
Pretty URL open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:35:30 Last Seen2023-03-17 12:45:00 Times Seen1 Hash e2c1f7007e3e0736755c5d6a759b2169 276a669ea417934419a460db6babd4efc57ec3c1 adb439745c010da06612603d814f28d530f1563feafeb7900900b7a6341dedeb Loading...

	scripts.mediamathrdrt.com/safeframe	173 B	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 172.67.170.210 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash ed2ee4ac79bc7af5967acee3f32c0b7c ce88dc9a9fb3501823b374291671d5016581a8de 975e4354b54fbad37d4342e331a35b41188179551e25da7bd06bda1d5649fb76 Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1685911480&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_1128B47F00DE4FC29041558C24ADB151	729 B	2023-03-07	2023-03-07
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1685911480&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_1128B47F00DE4FC29041558C24ADB151 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:28:52 Last Seen2023-03-07 18:28:52 Times Seen1 Hash 94cdc8b21aec7b8bc9f91c3d77a83bc7 ca09be42a1e7232411a1775b19fc8e783772fab1 d2308b20658edc267f716d5b8c31c8c82228df2bc0a35c7d009849e8a6d9b368 Loading...

	scripts.mediamathrdrt.com/safeframe	3.6 kB	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 172.67.170.210 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash 94ddf5c543e810ada88812cdb346392a a4414d0d384c7d405d8f23fcaf18ee61d8895cce 513a33d7b370a1a09ffe81463bd0575c9d697b21a4f97ef09d25543ddf3bd1b1 Loading...

	www.megarush.com/js/chunk-vendors.25e1a372.js	326 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/chunk-vendors.25e1a372.js IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 794d5dedcb45f2d9e25097986de4b2d8 a7e6eccff06fea3094cf113b276a0e8ca408eb8a f8063bd1bb6c5549795d3eea5d60aab8e94688fb1b67901a60d4ce921790b4fd Loading...

	www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151	70 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 29c52dd8b94963ce070a831157ff78e6 e49e51244fd219ff2191d75aadd3be4bbb8adf35 98a9253151b22574fe7f11829de0f8b5de1f2f5985295cdffe7a3d56fa3dc716 Loading...

	www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151	1.2 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 4b845dcbe67dcf2f08884d22e61ca993 d5df2c0e8e2e49aef3881c2331cc8c2a601d6667 8df185c955c3ece045fce2017142562a3d3b8c678176d86faeab2c8f5307c791 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K4GPX49	152 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K4GPX49 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:28:52 Last Seen2023-03-07 18:28:52 Times Seen1 Hash f6eed1a4c84226e4462560014759e83c 30966cd7d7a78afd15c602f017a6a918a96e9b0f 4bbb0e528facc113b08d9006018c327ebc1d6d79e47a78a8e43c288266ffb1e2 Loading...

	d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js	16 kB	2023-03-07	2023-03-17
Pretty URL d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js IP 54.230.245.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 9f2263de140cc78c0737d17051307016 0174dfe38c88f9e7043b002fb9131c7a71399d77 17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a Loading...

	www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151	409 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 1975ca962a84729519ec67c01b3b24a6 343814a3878553f938081eaca8e1acd975420b9d 750dd2532ed69312546d95f623a804e030b3d2d2c1e167be87c746a8c6c0cf14 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-13
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-13 18:55:10 Times Seen838 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.a00b968f.js	620 kB	2023-03-07	2023-03-07
Pretty URL open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.a00b968f.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:57:10 Last Seen2023-03-07 18:28:52 Times Seen1 Hash d117247f05c47ea6b37196e726b21355 445833d2e188dd2a824bcf8418c8717fbe2052d8 5c5462a9674e1bdffecd695ed3c086c5f7bfb79d195de5ac9e31b121b264ced6 Loading...

HTTP Transactions (140)

URL IP Response Size

safe-guard.site/id/env/tokopedia

212.237.233.86

301 Moved Permanently

248 B

URL HTTP/1.1
safe-guard.site/id/env/tokopedia
IP
212.237.233.86:0
ASN
#212531 UAB Interneto vizija

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
248 B (248 bytes)
Hash
71735a58f5855cc13f2466b3762e6f4e
bfcd62119e0672699bcf64a2e89e0a5040e1b8e7
c4f731cb06995147dd3342fb219aa1896f530adc179f4b77f5b57174b7427656

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /id/env/tokopedia HTTP/1.1
Host: safe-guard.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 04:57:27 GMT
Server: Apache
Location: http://safe-guard.site/id/env/tokopedia/
Content-Length: 248
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 04:12:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gW4z8yo9cCRaXinn-kKzCqXTCsTB3_q7UbaEr-rpP6l72jxQG9JLlA==
Age: 2689

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2874
Expires: Mon, 19 Sep 2022 05:45:21 GMT
Date: Mon, 19 Sep 2022 04:57:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X5woU7FYJNXTRcr2FxLdJWQb6_fQJ5cwn1cQjlT_3bevxksrOvg01A==
age: 1334
X-Firefox-Spdy: h2

safe-guard.site/id/env/tokopedia/

212.237.233.86

302 Found

0 B

URL HTTP/1.1
safe-guard.site/id/env/tokopedia/
IP
212.237.233.86:0
ASN
#212531 UAB Interneto vizija

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /id/env/tokopedia/ HTTP/1.1
Host: safe-guard.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Mon, 19 Sep 2022 04:57:27 GMT
Server: Apache
Location: //whampamp.com/4/5087048?var=ag2
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 04:57:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

whampamp.com/4/5087048?var=ag2

139.45.197.236

200 OK

2.9 kB

URL HTTP/1.1
whampamp.com/4/5087048?var=ag2
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5402)
Size
2.9 kB (2923 bytes)
Hash
531d9fb12c8dcc759f0484fe8f403d23
580bd3eb8d6b8b9b8e1a5f6f74d3dd08b9fb8dc0
333e6cfe871a6154a78c4ebb52bc5810feb5a5a4c945774da6e1d47e6f794566

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/5087048?var=ag2 HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 04:57:27 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: a745271ee32bced36834f9bc61175510
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=1bda0be06ecd4518b8e838d2e4356408; expires=Tue, 19 Sep 2023 04:57:27 GMT; path=/
oaidts=1663563447; expires=Tue, 19 Sep 2023 04:57:27 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip

whampamp.com/favicon.ico

139.45.197.236

204 No Content

0 B

URL HTTP/1.1
whampamp.com/favicon.ico
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ag2
Cookie: OAID=1bda0be06ecd4518b8e838d2e4356408; oaidts=1663563447

HTTP/1.1 204 No Content
Server: nginx
Date: Mon, 19 Sep 2022 04:57:27 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 04:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 04:26:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UjY9Lf4I980DFNW-3Gh9O364x4kPfLKHPGiEqChKut78aPWx8nJLCQ==
Age: 3245

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
c5f23f94270a39081bb9d749a97d5704
97e18938c56b7d7c43bddac19abc7dbd2eccc952
dfefc859840a50bfc0eaa8e38dadae38a65514f0060af98cad8c1ab0892b1330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 04:57:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=307071,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cfbd9c7cde9927-ARN

my.rtmark.net/img.gif?f=merge&userId=1bda0be06ecd4518b8e838d2e4356408

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=1bda0be06ecd4518b8e838d2e4356408
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=merge&userId=1bda0be06ecd4518b8e838d2e4356408 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 04:57:27 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1bda0be06ecd4518b8e838d2e4356408; expires=Tue, 19 Sep 2023 04:57:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

whampamp.com/?z=5087048&syncedCookie=true&rhd=false

139.45.197.236

302 Found

0 B

URL HTTP/1.1
whampamp.com/?z=5087048&syncedCookie=true&rhd=false
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 435
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=1bda0be06ecd4518b8e838d2e4356408; oaidts=1663563447
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Mon, 19 Sep 2022 04:57:28 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 889d2f38d384aef187dded1287c6c376
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595590869130940579&subid1=5087048&cost=0.000731&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=1bda0be06ecd4518b8e838d2e4356408; expires=Tue, 19 Sep 2023 04:57:28 GMT; path=/
oaidts=1663563447; expires=Tue, 19 Sep 2023 04:57:28 GMT; path=/
syncedCookie=true; expires=Mon, 26 Sep 2022 04:57:28 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5892
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:28 GMT
Last-Modified: Mon, 19 Sep 2022 03:19:16 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e4af8f904bd872ebfcf16bd59c85c11
e78ad51acb90d2ed0c6e05f926722f2b8e8c6426
7c0df159e6a36a1b297cbc46dc0fcc37a7dacad17f923ff4d7be1582d707576b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C0DF159E6A36A1B297CBC46DC0FCC37A7DACAD17F923FF4D7BE1582D707576B"
Last-Modified: Fri, 16 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17449
Expires: Mon, 19 Sep 2022 09:48:17 GMT
Date: Mon, 19 Sep 2022 04:57:28 GMT
Connection: keep-alive

eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595590869130940579&subid1=5087048&cost=0.000731&rdk=rk3

157.90.33.71

302 Found

0 B

URL HTTP/2
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595590869130940579&subid1=5087048&cost=0.000731&rdk=rk3
IP
157.90.33.71:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595590869130940579&subid1=5087048&cost=0.000731&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Mon, 19 Sep 2022 04:57:28 GMT
content-length: 0
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=w5JxTPznSeG71w2WtE0S7Q; expires=Tue, 19 Sep 2023 04:57:28 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop

35.227.234.222

302 Found

0 B

URL HTTP/1.1
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
IP
35.227.234.222:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 19 Sep 2022 04:57:28 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google

push.services.mozilla.com/

34.208.31.97

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.31.97:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H/6QLMgip2pB1QAw+V1TTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fQJhB4wzlGbwUxDkYB7Q+ytE/4M=

media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575

23.36.79.18

301 Moved Permanently

0 B

URL HTTP/2
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP
23.36.79.18:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Mon, 19 Sep 2022 04:57:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 19 Sep 2022 04:57:28 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663563448437)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C2022919457%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224754634%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Wed, 19-Sep-3021 04:57:28 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=36
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a7fa280164f7b3c1d57e372556a8bd86
9cda2758eb1bc8657ac63d9fe7336c72637aad7f
570486fd34d10de57391e5ca0710cd6ef9985eb7d9067af4fc9bb2f3e6dffaa0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:28 GMT
Server: ECS (amb/6B89)
Content-Length: 279

www.megarush.com/fonts/Inter-ExtraBold.woff2

104.22.30.168

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-ExtraBold.woff2
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Size
10 kB (10484 bytes)
Hash
d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c

HTTP Headers

GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: font/woff2
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4238
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbda2edaa9921-ARN
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Bold.woff2

104.22.30.168

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Bold.woff2
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Size
10 kB (10508 bytes)
Hash
a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37

HTTP Headers

GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: font/woff2
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4238
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbda2fdb29921-ARN
X-Firefox-Spdy: h2

www.megarush.com/fonts/DS-Digital.woff2

104.22.30.168

200 OK

776 B

URL HTTP/2
www.megarush.com/fonts/DS-Digital.woff2
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Size
776 B (776 bytes)
Hash
789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248

HTTP Headers

GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: font/woff2
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4007
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbda2fdb69921-ARN
X-Firefox-Spdy: h2

www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151

104.22.30.168

200 OK

13 kB

URL HTTP/2
www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
13 kB (12844 bytes)
Hash
d2ea0e4bd413463649106a6fecd63fcd
06969a5d94ac7094e0c61738e603f04fc1df9ddf
dddbf86b211156fb431b612fb82813bd0b578fc59c4d76209a9091d0b1bb5cb2

HTTP Headers

GET /nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: text/html
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-497zf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbda20cce9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.megarush.com/base.css

104.22.30.168

200 OK

52 kB

URL HTTP/2
www.megarush.com/base.css
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
52 kB (52153 bytes)
Hash
b124791dadaf5fae1e47778152ab4168
4ed6df0ea166842d2227b1f35dfe5120830c4a2c
b03e24a137bcbb0ce437133da12b7d4630a76b3518102659a12a9f3bfb3fb214

HTTP Headers

GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Wed, 14 Sep 2022 16:42:54 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4644
server: cloudflare
cf-ray: 74cfbda2fdb79921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js

54.230.245.125

200 OK

16 kB

URL HTTP/1.1
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP
54.230.245.125:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (16536)
Size
16 kB (16537 bytes)
Hash
9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a

HTTP Headers

GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 20:01:01 GMT
ETag: "9f2263de140cc78c0737d17051307016"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0pSCzcac753v-VL2PYgza_p3oO2_CV9sfqtYRR_T4TJmkZTF43Is8g==
Age: 32189

www.megarush.com/favicons/favicon-194x194.png

104.22.30.168

200 OK

12 kB

URL HTTP/2
www.megarush.com/favicons/favicon-194x194.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11668 bytes)
Hash
3bc9ecb2b8d9e78d83d49da52c0292fc
b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c

HTTP Headers

GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: image/png
content-length: 11668
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 940047
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbda5a8539921-ARN
X-Firefox-Spdy: h2

www.megarush.com/favicons/favicon-16x16.png

104.22.30.168

200 OK

437 B

URL HTTP/2
www.megarush.com/favicons/favicon-16x16.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
437 B (437 bytes)
Hash
914b291e561aafc860f86bc23c4065f1
b47bda2b8d530bbaead0fbcba219ac18247d1410
08f8a35ac0dda8a81618b381bfc0747ac80e022c0ff44dcb4d8d153dad724b45

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: image/png
content-length: 437
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-1b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2270131
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbda5a8589921-ARN
X-Firefox-Spdy: h2

www.megarush.com/js/index.94a008e8.js

104.22.30.168

200 OK

304 kB

URL HTTP/2
www.megarush.com/js/index.94a008e8.js
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
304 kB (303681 bytes)
Hash
da5a6b42b917ba5472b9bc3e604f2fc8
ca9b26e92fea581fd88437f9c409318a5bf45a2d
9b642c07739b25980b53e31765b2bb28582469ab26814a7aaa8c1c6060f5d09b

HTTP Headers

GET /js/index.94a008e8.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Wed, 14 Sep 2022 14:57:16 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6909
server: cloudflare
cf-ray: 74cfbda2fdbb9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9aa2e2ad348c576d17b320261fdd5002
2c552d0f7bc6ef9c4df4b9abdc1e2dbcd23a06a8
9688bc5095efa1456db60656310f626888cc8552d6cb0f40876e13ac71aeec51

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
172e6df78fa7441e7da500bb9a5b23b3
3a2956f971f71a8aa8a2820ddab723269a497eee
798229c01f011a42689b326d7d0c21771371319edb48e58466190e54126e25e6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "798229C01F011A42689B326D7D0C21771371319EDB48E58466190E54126E25E6"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11942
Expires: Mon, 19 Sep 2022 08:16:31 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
896bff52d8e6754a724da99230caabd6
bb053af2fcbeae7045f94d66baedc852abd3d663
7e0302d513ca6a7b370cc58c86c9a39a85578a9def775c20e3ede5b3402bc7cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1644
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:29 GMT
Last-Modified: Mon, 19 Sep 2022 04:30:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

www.megarush.com/js/chunk-vendors.25e1a372.js

104.22.30.168

200 OK

168 kB

URL HTTP/2
www.megarush.com/js/chunk-vendors.25e1a372.js
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
168 kB (168511 bytes)
Hash
9dc3de476a453e7b7a8ec2ab040982b4
7e9109c512e1b694b913edf994e08df043576052
ee93d6276cf631ae5be8f07aab8407ba117c3d7cde60f6189766ee16b3c21716

HTTP Headers

GET /js/chunk-vendors.25e1a372.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Wed, 14 Sep 2022 14:57:16 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6909
server: cloudflare
cf-ray: 74cfbda2fdba9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6327f6a6fa7e40b6c360a683

172.64.149.99

101 Switching Protocols

0 B

URL HTTP/1.1
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6327f6a6fa7e40b6c360a683
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6327f6a6fa7e40b6c360a683 HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Zx8m8RSe/9cCMWxVM1MgBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: VsOZdOSDR55sBp0PW7d5Kd7MCqE=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=34fdca89e4fd66eb7f1ce63e4291fa5e; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cfbda65ae415e0-ARN

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9aa2e2ad348c576d17b320261fdd5002
2c552d0f7bc6ef9c4df4b9abdc1e2dbcd23a06a8
9688bc5095efa1456db60656310f626888cc8552d6cb0f40876e13ac71aeec51

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive

scripts.mediamathrdrt.com/scripts/b_megarush.js

172.67.170.210

200 OK

755 B

URL HTTP/2
scripts.mediamathrdrt.com/scripts/b_megarush.js
IP
172.67.170.210:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
755 B (755 bytes)
Hash
3b861bb277617e8ae5c7712dbcab19db
df35aa87ba327e8c824493d1a5d4e675de9c46da
69f598eae171f6b6b2e8f23f261f64739e6cb86ef59e2530c4a4bb5262863b0d

HTTP Headers

GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 286f44e8-81b1-4947-8ebc-75f12b2bf699
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.016281
expires: 2022-08-20 04:57:29 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqB94VOn68PW8hFOxOnnCvwaQMf7awASDYRn1jBZCGjyjx8ikXtXBqxuyIUV2EVSmN%2FHP5p4P%2B2uODWOqV8eZK0iaeFSmHrg0vaSvvRNfn7thP27zw9F%2Fu3apLVL4Vbwmi1PBBqTw4Ss8xuF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74cfbda6ba9972a0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5064 bytes)
Hash
e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
age: 25216
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3375 bytes)
Hash
dcd68f4f4d0188a96a06b1793abf38e1
df40b195d24c1b58123c40f8b01294035c9076a5
6c8d53d76269c3f945cc28f3005bcdbbaf1a748a65a166db6c7161f382a47609

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3375
x-amzn-requestid: 4827cdf6-5641-44cd-a076-d8b29bb34ffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSyFO0IAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790de-45acc6fe6064eb3f23e4ea77;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4PMLN0oWbDY1eqvGzUzXRC3u1gaJqh-uyYa9vKtcoXFqgbSO48R6dQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:56:42 GMT
age: 25247
etag: "df40b195d24c1b58123c40f8b01294035c9076a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11712 bytes)
Hash
65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
age: 25430
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

s2.adform.net/banners/scripts/st/trackpoint-async.js

37.157.2.249

200 OK

40 kB

URL HTTP/2
s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
37.157.2.249:0
ASN
#198622 Adform A/S

File type
data
Size
40 kB (40532 bytes)
Hash
bce60b3a35f5743879700bce8958181c
410f757e88cf9d16933274d60b45f7d570ce9f6e
efe027adfef11f163279787f7ffafe2e3a3fccedf1afbd4fbf286f123c9a3ef5

HTTP Headers

GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 May 2022 11:34:23 GMT
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-amz-request-id: tx0000000000000aa08f15c-006327f026-3233e6c5-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10721 bytes)
Hash
87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10721
x-amzn-requestid: 5c3a2647-0af8-4cd2-8b68-df6606c6362e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yi1NMHVfoAMF-3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63243587-2b73a75b69570a1a144a5f73;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 08:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SpK-J7OfVkg8Gn_-wiaIKrqVl6t14P13ax8TPtsKDRXAVtHj9GWSwg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:43:59 GMT
age: 4410
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4c47761-c610-4f71-a8f3-772d76380bc1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3538 bytes)
Hash
462834e36cc7d5121bad2761027522cd
e4884280d3e689c334c07e70eae59bb17c0a9d31
66c8c668434c712e8efa2cebfa68f5025b334185664b120fdcfc7a4a8939469c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4c47761-c610-4f71-a8f3-772d76380bc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3538
x-amzn-requestid: 438111ef-a7cf-427c-b3e1-ae551c7cce13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvYxEI7IAMFe7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c37-6818efee4a1c0fc82d516d8a;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bXZq1mluA--mQCgQJAxvb6SKNhcqPyv43-J9tPnkhe9SZcCCUnQ_fw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:47:58 GMT
age: 25771
etag: "e4884280d3e689c334c07e70eae59bb17c0a9d31"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
172e6df78fa7441e7da500bb9a5b23b3
3a2956f971f71a8aa8a2820ddab723269a497eee
798229c01f011a42689b326d7d0c21771371319edb48e58466190e54126e25e6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "798229C01F011A42689B326D7D0C21771371319EDB48E58466190E54126E25E6"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11942
Expires: Mon, 19 Sep 2022 08:16:31 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive

megalotto-static.gigmagic.io/translations/no.json

172.64.149.99

200 OK

75 kB

URL HTTP/2
megalotto-static.gigmagic.io/translations/no.json
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Size
75 kB (75078 bytes)
Hash
c65c57dc0700025bf90a1adde1aff75b
32292b13109ae3c175acc85eb5c042e3433f2cbb
4063d90c64b9268398cff98e82b3b3b825d7dede0f4572000134d9d163feda84

HTTP Headers

GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: application/json; charset=utf-8
content-length: 75078
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Thu, 08 Sep 2022 13:34:10 GMT
etag: "c65c57dc0700025bf90a1adde1aff75b"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbda74df7993e-ARN
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a28fab6062c0fae84f84b957fd23fa6c
231b9878bd1ea0984ec4106ecfb7ecb0bd486d25
e0155887947b255a256c70c8209dce7348a59c876c8485361272cc104b21437a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0155887947B255A256C70C8209DCE7348A59C876C8485361272CC104B21437A"
Last-Modified: Sat, 17 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8803
Expires: Mon, 19 Sep 2022 07:24:12 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive

rs.fullstory.com/rec/page

35.186.194.58

202 Accepted

76 B

URL HTTP/2
rs.fullstory.com/rec/page
IP
35.186.194.58:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
76 B (76 bytes)
Hash
483ffa09cea154d304956a80f8b6b0cc
8c4675aeda7de53c381d4027ac239f0ea83a82ca
39cd29318acd06252db1fc7edf14ce35ebbd083cf672cd371bb0e40340370f08

HTTP Headers

POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 376
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive

HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 04:57:29 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a28fab6062c0fae84f84b957fd23fa6c
231b9878bd1ea0984ec4106ecfb7ecb0bd486d25
e0155887947b255a256c70c8209dce7348a59c876c8485361272cc104b21437a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0155887947B255A256C70C8209DCE7348A59C876C8485361272CC104B21437A"
Last-Modified: Sat, 17 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8803
Expires: Mon, 19 Sep 2022 07:24:12 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9ff6a1295cab6b2a61d37ccc175ffbc7
3b8ebada6001c230495f014f3a224de418802c16
4e60d60482a80af1c9d50963702c55ffd732d58335057e315be19608bcbd7b17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:29 GMT
Last-Modified: Mon, 19 Sep 2022 03:43:13 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9ff6a1295cab6b2a61d37ccc175ffbc7
3b8ebada6001c230495f014f3a224de418802c16
4e60d60482a80af1c9d50963702c55ffd732d58335057e315be19608bcbd7b17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:29 GMT
Last-Modified: Mon, 19 Sep 2022 03:43:13 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

www.megarush.com/img/home-page/coin-1-1.png

104.22.30.168

200 OK

4.3 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-1-1.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4257 bytes)
Hash
214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0

HTTP Headers

GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 4257
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: "6214dc41-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17967708
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdab9dd79921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-1.png

104.22.30.168

200 OK

3.5 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-2-1.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Size
3.5 kB (3452 bytes)
Hash
09e800f81a52a109cbf3a8b2f8e727bf
d44509cdbddce4991b70f10276c47786e9993d0b
8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376

HTTP Headers

GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 941257
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdab9ddb9921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-4.png

104.22.30.168

200 OK

786 B

URL HTTP/2
www.megarush.com/img/home-page/coin-2-4.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Size
786 B (786 bytes)
Hash
dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09

HTTP Headers

GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 941257
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabaded9921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-2.png

104.22.30.168

200 OK

2.6 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-2-2.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 61 x 69, 8-bit colormap, non-interlaced\012- data
Size
2.6 kB (2616 bytes)
Hash
bba9175cb7f05129ab03029f757b73ec
3efab582d082e5eb7f9ad9106f564c6f95e1fcc0
5ec2a2d82d3f356dcda627c1858e64278702b9c348f707287c9e72d0cbe05ad7

HTTP Headers

GET /img/home-page/coin-2-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 2616
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: "6214dc41-a38"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabadf09921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-3.png

104.22.30.168

200 OK

1.8 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-3.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1807 bytes)
Hash
fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680

HTTP Headers

GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 1807
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2270127
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabadf69921-ARN
X-Firefox-Spdy: h2

www.megarush.com/chunk-vendors.76e8e4d0.css

104.22.30.168

200 OK

22 kB

URL HTTP/2
www.megarush.com/chunk-vendors.76e8e4d0.css
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
22 kB (21576 bytes)
Hash
30f8fcbff42cd72fe69140fc552ee50b
ec44a7d00ac6fb7f674fd49e33283db3b4823b4b
695f3f778a3d411e81c6998cafc90fa4af62ccc044953cee2618be104465df3c

HTTP Headers

GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Wed, 14 Sep 2022 16:42:54 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3135
server: cloudflare
cf-ray: 74cfbda2fdb89921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-2.png

104.22.30.168

200 OK

2.2 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-2.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Size
2.2 kB (2192 bytes)
Hash
c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca

HTTP Headers

GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 2192
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: "6214dc41-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17967708
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabadf49921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-1.png

104.22.30.168

200 OK

4.4 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-1.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4434 bytes)
Hash
3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6

HTTP Headers

GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 4434
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2402653
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabadf29921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/mega-jackpots.png

104.22.30.168

200 OK

64 kB

URL HTTP/2
www.megarush.com/img/home-page/mega-jackpots.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Size
64 kB (63747 bytes)
Hash
b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d

HTTP Headers

GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 63747
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 362564
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabadf89921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/feel-the-rush.png

104.22.30.168

200 OK

49 kB

URL HTTP/2
www.megarush.com/img/home-page/feel-the-rush.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data
Size
49 kB (48691 bytes)
Hash
141c6d0e374b086cf1d604173cb607c8
9e5531e6e26ad4cb621dd35d9521b167ce99ca53
c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2

HTTP Headers

GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 48691
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: "6214dc41-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e799921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/benefits/megaclub.png

104.22.30.168

200 OK

11 kB

URL HTTP/2
www.megarush.com/img/benefits/megaclub.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10578 bytes)
Hash
6a13cb2219f5d42d2a9c95d9104ef8b2
7fcbf688a27942e5fc89d5796144c17095336a41
02796f7fee25c816673368b88fae179a1d4ac8210b8c1dd5198825e56e592e66

HTTP Headers

GET /img/benefits/megaclub.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 10578
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2402653
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e779921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/benefits/loyalty.png

104.22.30.168

200 OK

9.7 kB

URL HTTP/2
www.megarush.com/img/benefits/loyalty.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Size
9.7 kB (9659 bytes)
Hash
df4d6dc1ebb3bbbace8d15ec77486d46
287e7185a17258c716cbf616aa95287c0db255a9
a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8

HTTP Headers

GET /img/benefits/loyalty.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 9659
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: "6214dc41-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17967708
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e759921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/affiliates/online-gamblers.png

104.22.30.168

200 OK

14 kB

URL HTTP/2
www.megarush.com/img/affiliates/online-gamblers.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14178 bytes)
Hash
9c612bb3dbe37436b86ec881eecb90c4
45722b1f16d3b61f2803fa3bb78403414bd3a442
e92c2f751a6eddbd489bf745193c6af18af7d1f270396f0a0d40efc778c5672c

HTTP Headers

GET /img/affiliates/online-gamblers.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 14178
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-3762"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2213344
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e7b9921-ARN
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

172.64.149.99

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=7a940f64164fea3dfa16feb3497281e5; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbdabaae3993e-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/smoke-2-small.png

104.22.30.168

200 OK

4.2 kB

URL HTTP/2
www.megarush.com/img/home-page/smoke-2-small.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 316 x 126, 4-bit colormap, non-interlaced\012- data
Size
4.2 kB (4245 bytes)
Hash
8361a76edf079ca44cd5c81d537c4ba0
b653ecb4ecaef4df2658c460be005f762ae203fb
e57046600ea12b7c2803f5d01c02595de1e29dca15981a2a278b916a9f62a5b0

HTTP Headers

GET /img/home-page/smoke-2-small.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 4245
last-modified: Wed, 10 Aug 2022 15:32:40 GMT
etag: "62f3cf98-1095"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3331764
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac2e8d9921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/affiliates/norges-casino.png

104.22.30.168

200 OK

12 kB

URL HTTP/2
www.megarush.com/img/affiliates/norges-casino.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data
Size
12 kB (12111 bytes)
Hash
453efb7650d4c514229ddc7cb4b5d04f
f00e51876a720516521db90908019e5ccebe0397
d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e

HTTP Headers

GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 12111
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 899371
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e7e9921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/smoke-1-medium.png

104.22.30.168

200 OK

35 kB

URL HTTP/2
www.megarush.com/img/home-page/smoke-1-medium.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 317, 8-bit gray+alpha, non-interlaced\012- data
Size
35 kB (35333 bytes)
Hash
109f267221e2cee94514a7efaebd29a9
a2e8d66e2f36d10fbdb7e78e42aefaffdfdbf7f2
72d4591ac99f7e8c9d7bbd20af81a880c6b66a6632772d6f0f085656afb3b801

HTTP Headers

GET /img/home-page/smoke-1-medium.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 35333
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-8a05"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 362564
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac2e929921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/smoke-2.png

104.22.30.168

200 OK

75 kB

URL HTTP/2
www.megarush.com/img/home-page/smoke-2.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1187 x 471, 8-bit/color RGBA, non-interlaced\012- data
Size
75 kB (74825 bytes)
Hash
b52d54230805a82ccdbc1484c6bde4aa
73fcb683ec6b5598a0b89138843c479d5f479fe0
97b1cfcdf70c6c432984de8f4c9350281c61d6503bd8cd1add15e46ea359eade

HTTP Headers

GET /img/home-page/smoke-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 74825
last-modified: Tue, 15 Feb 2022 11:15:58 GMT
etag: "620b8b6e-12449"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18052614
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3e999921-ARN
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/promotions/filter

172.64.149.99

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=85a547835eae4c636738facab771bd81; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbdabbb08993e-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/question-mark-1.d872b1da.png

104.22.30.168

200 OK

54 kB

URL HTTP/2
www.megarush.com/img/question-mark-1.d872b1da.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 632 x 820, 8-bit colormap, non-interlaced\012- data
Size
54 kB (53566 bytes)
Hash
d872b1daeb19c1afe87b87c10de4343d
40c2dbf4eea216df495b10b6c039356432b41c4f
56d454faccb635efca719d35f33cd06b0131c75ee321a7f1fb6914099ebdcf96

HTTP Headers

GET /img/question-mark-1.d872b1da.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 53566
last-modified: Wed, 10 Aug 2022 15:32:40 GMT
etag: "62f3cf98-d13e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3331764
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3ea09921-ARN
X-Firefox-Spdy: h2

megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png

172.64.149.99

200 OK

31 kB

URL HTTP/2
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, AVIF Image\012- data
Size
31 kB (30644 bytes)
Hash
a120f99e6d07b9526d8720e520942423
57edcb554c28a5787dd54c7f64b12ce9b7007d9b
c006a30b946ca1a403a8eaca8cdf20fa22b9ea6912b59023689f6aa65c83b137

HTTP Headers

GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 06 Sep 2022 09:45:02 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 66cd5b3423986c504740641be9f0a18ddd2feace
x-imgix-render-farm: 01.1072
age: 1105947
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-ams12772-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbdac2f7015e0-ARN
X-Firefox-Spdy: h2

megalotto-img.gigmagic.io/promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png

172.64.149.99

200 OK

84 kB

URL HTTP/2
megalotto-img.gigmagic.io/promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, AVIF Image\012- data
Size
84 kB (83745 bytes)
Hash
bedc100c06fb83e57bdb6d2f42747b20
833f812570395944549808e657831b895ef6409e
b78a93d52e444df6bcee282606786244c12597d8483004fb48d5af83672781d1

HTTP Headers

GET /promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/avif
content-length: 83745
last-modified: Mon, 12 Sep 2022 22:56:53 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 5600ea53cb2bd76c49069c9948d9eafca3a48e23
x-imgix-render-farm: 01.560
age: 540036
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10061-SJC, cache-ams12780-AMS
x-cache: HIT, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbdac2f7a15e0-ARN
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=799004089382&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_1128B47F00DE4FC29041558C24ADB151

37.157.6.245

302 Found

714 kB

URL HTTP/2
track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=799004089382&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_1128B47F00DE4FC29041558C24ADB151
IP
37.157.6.245:0
ASN
#198622 Adform A/S

File type
data
Size
714 kB (714381 bytes)
Hash
0b5a4abccdd17f4696d6692be71c6c7f
0d92292bcdb403352429f426337825ad0ad3893c
7d640e755f12508426d2be724b8bf67108af37b85005cc4df596beae74f79c76

HTTP Headers

GET /Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=799004089382&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_1128B47F00DE4FC29041558C24ADB151 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive

HTTP/2 302 Found
server: nginx
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=799004089382&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_1128B47F00DE4FC29041558C24ADB151
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 19-Oct-2022 04:57:29 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

www.megarush.com/video/arcade-game.webm

104.22.30.168

206 Partial Content

61 kB

URL HTTP/2
www.megarush.com/video/arcade-game.webm
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
61 kB (61172 bytes)
Hash
9aaef915ba1a5046a92ef8dfcc58cdba
c25acbf957571a53c4ca7cc5a910757e4cfffd66
565d4805821948f9740cd260a8da41b19189a2f3658867815af960a5a31f035a

HTTP Headers

GET /video/arcade-game.webm HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Range: bytes=0-
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 206 Partial Content
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: video/webm
content-length: 61172
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-eef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-range: bytes 0-61171/61172
cf-cache-status: BYPASS
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-497zf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
app_uid=CoAHdGMn9rpaRAAsBIvqAg==; expires=Wed, 19-Oct-22 04:57:30 GMT; domain=$host; path=/
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdaccf169921-ARN
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

172.64.149.99

200 OK

1.2 kB

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
172.64.149.99:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (5192), with CRLF line terminators
Size
1.2 kB (1167 bytes)
Hash
d54fb0432576103c0d541fc996d0f67e
b42e5059e16da295b1fc710a39ef551c0c075b1a
c7d115aa39eb33d808a858ca91900bc85538bc7623f3657a80c3dbf94bdefbe6

HTTP Headers

POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 18
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 6327f6a6fa7e40b6c360a683
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=7a940f64164fea3dfa16feb3497281e5; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbdacabee993e-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/purple-jackpot.svg

104.22.30.168

200 OK

3.9 kB

URL HTTP/2
www.megarush.com/img/home-page/glows/purple-jackpot.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (23516)
Size
3.9 kB (3888 bytes)
Hash
671e9f0c0ca1e4a6f08f7b0660115924
3543aac6de615bfa526d16415f23ddac8f030270
14aec2dec0ff0028dd1877127251c17b00950af3fc70f5ffe4e75a2ffbc6ac8b

HTTP Headers

GET /img/home-page/glows/purple-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Wed, 10 Aug 2022 15:32:40 GMT
etag: W/"62f3cf98-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3331764
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3e9b9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/half-blue.svg

104.22.30.168

200 OK

128 kB

URL HTTP/2
www.megarush.com/img/home-page/glows/half-blue.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64864)
Size
128 kB (127875 bytes)
Hash
1a4846ea3559d3ddac12b9829e3aae67
1fd3c0af13f31f231fed014b36a2cb837fb70652
3592ce16c9bd052e912c20ce3864ff0ec75034320a928243c2314977a18ed6be

HTTP Headers

GET /img/home-page/glows/half-blue.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Feb 2022 11:15:58 GMT
etag: W/"620b8b6e-2a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18052614
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac2e8f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/blue-jackpot.svg

104.22.30.168

200 OK

217 kB

URL HTTP/2
www.megarush.com/img/home-page/glows/blue-jackpot.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64939)
Size
217 kB (216842 bytes)
Hash
22e2a698dda5f611e161c1dbbf8045e4
320b27c8a84ca8b71c5e00f57b2ced0df66f83ac
b488aa8e1963c030b7ee80da5efb89de91fd8ab25ee8a3ea6c6d0456042a81cf

HTTP Headers

GET /img/home-page/glows/blue-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Mar 2022 10:17:25 GMT
etag: W/"6221e735-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17086678
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3e9f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/promotions--updated.svg

104.22.30.168

200 OK

798 B

URL HTTP/2
www.megarush.com/img/icons/promotions--updated.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
798 B (798 bytes)
Hash
200aee52934ea3c500d5229529e85195
31bb1cd87a9f6a0af2b110179c99ae2768f9c078
97152050470fa0c47becf3c35551b9ecfbf729a65b9440312a3a59821d713022

HTTP Headers

GET /img/icons/promotions--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17521722
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe429921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

scripts.mediamathrdrt.com/safeframe

172.67.170.210

200 OK

1.6 kB

URL HTTP/2
scripts.mediamathrdrt.com/safeframe
IP
172.67.170.210:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.6 kB (1584 bytes)
Hash
713db9375ccb287603472e55dc489d40
fc23264795bbffd23deb531aa8240907e74530f2
51306bb8044edc9fd31ac470ff9923bb95794d92f98a075436a1158b75c64706

HTTP Headers

GET /safeframe HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 342b46f9-b7e5-4faa-84a7-0a94a609ff88
x-download-options: noopen
x-runtime: 0.002525
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2B39FloZQuv5tmXF%2BcyAqrD8ohF80jZNYwozAmtZiRytRjtFxoAQiupwoNoNjFGt%2FD1VwtHqwatjMPv705oQ3YG3YZnyou8rlqrwcM8Pswxa09zcRYnilVSiYrptHaFm46ZQQCjpOiK2%2BBoJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74cfbda7aae872a0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.megarush.com/img/icons/games--flat.svg

104.22.30.168

200 OK

1.2 kB

URL HTTP/2
www.megarush.com/img/icons/games--flat.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.2 kB (1194 bytes)
Hash
a3fde663e315bac2155b8cff7f9dd52a
a77dabbe4f049aac19d70e37762ba0ecd18993b8
bd07a029ed31f67ca0f90f1440ce3670d46699a5357ca27b7eca50389d5b1fee

HTTP Headers

GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe469921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

graphql.datocms.com/

172.67.11.48

200 OK

0 B

URL HTTP/2
graphql.datocms.com/
IP
172.67.11.48:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:31 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.megarush.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74cfbdb17da49927-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/palms.1f322dbc.svg

104.22.30.168

200 OK

89 kB

URL HTTP/2
www.megarush.com/img/palms.1f322dbc.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
89 kB (89410 bytes)
Hash
3d10597764324134a29057d1ad106aac
f735d643785c16c4bea167aa9a9ec59667df2769
55aecbbe245d26c15a4e2b5b9c3e92baf4260c2f81e88e762dde0247e71745c0

HTTP Headers

GET /img/palms.1f322dbc.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Wed, 10 Aug 2022 15:32:40 GMT
etag: W/"62f3cf98-33a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3331764
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3ea19921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js

54.230.111.47

200 OK

271 B

URL HTTP/2
rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
IP
54.230.111.47:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
271 B (271 bytes)
Hash
34e255255d25312b08a2cc8566b5bf38
56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23

HTTP Headers

GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Mon, 19 Sep 2022 04:43:51 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z0IgPb3JVaH9MQaI5NDqHbVAJIFA3o-F50haLGDypr-cjrcphGThBg==
age: 821
X-Firefox-Spdy: h2

pxl.qccerttest.com/pixel?r=161330715;fpan=1;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432203;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ogl=

143.204.55.93

200 OK

35 B

URL HTTP/2
pxl.qccerttest.com/pixel?r=161330715;fpan=1;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432203;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ogl=
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel?r=161330715;fpan=1;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432203;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 02:11:33 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qvqAkjd_a8RQhUJGM_okNXxEt2op5uHWhu9SQcu1RoFA_voUsMMeiA==
age: 9959
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

pixel.quantserve.com/pixel;r=1237042096;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432205;tzo=0;ogl=;ses=d88735a8-f9d5-4a50-8073-77af2de6a761

91.228.74.166

200 OK

35 B

URL HTTP/2
pixel.quantserve.com/pixel;r=1237042096;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432205;tzo=0;ogl=;ses=d88735a8-f9d5-4a50-8073-77af2de6a761
IP
91.228.74.166:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel;r=1237042096;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432205;tzo=0;ogl=;ses=d88735a8-f9d5-4a50-8073-77af2de6a761 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:31 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=6327f6bb-371b7-2fa88-46fc6; expires=Fri, 20-Oct-2023 04:57:31 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

107 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
107 B (107 bytes)
Hash
67a2d612fdffeacee275a3b58a79a790
6a310a75748cfe762b778c8d7d385907896aa238
fee67f56c7ff65fa6812de29eae23965dce62796fcd615c595f37f80a9842f48

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 107
date: Mon, 19 Sep 2022 04:57:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/img/icons/promotions--flat.svg

104.22.30.168

200 OK

1.3 MB

URL HTTP/2
www.megarush.com/img/icons/promotions--flat.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.3 MB (1337148 bytes)
Hash
fcfa635e7ef182b75828f808fd780beb
904a2e2107b784b2070752aff56c7ed059ee1c0d
a6fe481dec789038aaba1e8a012d81800f1a32a6a97be823b01fdbd8cf3d8de3

HTTP Headers

GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17498986
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e4a9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2

151.101.86.248

200 OK

90 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
data
Size
90 kB (89536 bytes)
Hash
fe1cfc14b7498b187c78fa72fb72d148
6bec8ce832951162e0ebc4b257e3ee850fe7aade
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879

HTTP Headers

GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Mon, 19 Sep 2022 04:57:31 GMT
Age: 641472
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1621-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 3
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8

151.101.86.248

200 OK

131 kB

URL HTTP/1.1
i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Size
131 kB (130780 bytes)
Hash
ccb11204819dd6617e4e1fba9eeb5a84
3f5233f01c8ce71ffddde8694d269ee834964b93
f3fa391ba021ceb98c27ff44f743db4d6a4073c0faf83ebf9f030d82bf4e6111

HTTP Headers

GET /image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 130780
Last-Modified: Fri, 30 Apr 2021 15:10:01 GMT
ETag: "ccb11204819dd6617e4e1fba9eeb5a84"
x-goog-generation: 1619795401707780
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 130780
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Mon, 19 Sep 2022 04:57:31 GMT
Age: 1108509
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000160-CHI, cache-bma1657-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000

graphql.datocms.com/

172.67.11.48

200 OK

693 B

URL HTTP/2
graphql.datocms.com/
IP
172.67.11.48:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (4111), with no line terminators
Size
693 B (693 bytes)
Hash
96a53f548c35ec6b611b31ff5f81c90f
f9664c9b69e6b438ae673d39f4e425ce4e594d5e
b7f5445fcd9bf3fbd11b3f35e71a8a98add1086ae3284eb7836aa630aafd31f3

HTTP Headers

POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 151
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
authorization: Bearer 35d777e787abbc619166a62135c433
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:31 GMT
content-type: application/json; charset=utf-8
cf-ray: 74cfbdb19dbf9927-ARN
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 1126658
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 120
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4336-DUB, cache-bma1633-BMA
x-timer: S1663563451.142258,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Mon, 19 Sep 2022 04:57:31 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Mon, 19 Sep 2022 04:57:31 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Mon, 19 Sep 2022 04:57:31 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1

35.188.42.15

200 OK

2 B

URL HTTP/1.1
sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1
IP
35.188.42.15:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 04:57:31 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

109 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
109 B (109 bytes)
Hash
7587e86dfdd6a06ccc9a69c560e7c900
237130ad4f2e63230f15f84e6764f05e358f5a6b
093316235e09f7f5b772ffb9049e3b02bda38a010a268cf0ad44adf1e67b96d7

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 109
date: Mon, 19 Sep 2022 04:57:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/img/logo.113ce962.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/logo.113ce962.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/logo.113ce962.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-cf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17903816
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac2e8c9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/iso.fc5b238b.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/iso.fc5b238b.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/iso.fc5b238b.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-363"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784479
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac4ea99921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/logo.4c52d90d.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/logo.4c52d90d.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/logo.4c52d90d.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-931"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784480
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac4eb79921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/playAndGo.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/playAndGo.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 863527
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabee399921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-phone-badge-new.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mega-phone-badge-new.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mega-phone-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Feb 2022 11:15:58 GMT
etag: W/"620b8b6e-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18052614
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e5a9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/begambleaware.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/begambleaware.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/begambleaware.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-18df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17903817
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e659921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mga.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mga.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mga.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-74d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 944642
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e609921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/grid-new-1.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/home-page/grid-new-1.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/home-page/grid-new-1.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-31bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3e979921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi

35.186.224.25

200 OK

0 B

URL HTTP/2
open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
IP
35.186.224.25:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Cookie: sp_t=8aaa98c8d0de6575fd5d7730f87154fb; sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D8aaa98c8d0de6575fd5d7730f87154fb%26device%3Ddesktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
set-cookie: sp_t=8aaa98c8d0de6575fd5d7730f87154fb; path=/; expires=Tue, 19 Sep 2023 04:57:29 GMT; domain=.spotify.com; samesite=none; secure
content-encoding: gzip
sp-trace-id: bc95ef77a3be676a
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/img/icons/visa--white.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/visa--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/visa--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-279"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 751089
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e4f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/loader.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/loader.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/loader.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784507
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e729921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/ibas.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/ibas.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/ibas.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-f8e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e649921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-clock-badge-new.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mega-clock-badge-new.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17772520
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e5d9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

secure.quantserve.com/quant.js

91.228.74.166

200 OK

0 B

URL HTTP/2
secure.quantserve.com/quant.js
IP
91.228.74.166:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:31 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Mon, 26 Sep 2022 04:57:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.megarush.com/img/icons/jeton--white.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/jeton--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/jeton--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 751089
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e549921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/onlinedisputeresolution.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/onlinedisputeresolution.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/onlinedisputeresolution.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-1a7e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784507
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e639921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/purple.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/home-page/glows/purple.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/home-page/glows/purple.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: W/"6321ea87-261"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 362564
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac2e909921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/casino--side-nav.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/casino--side-nav.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17521722
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe3e9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/pragmaticPlay.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/pragmaticPlay.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 26 May 2022 13:00:18 GMT
etag: W/"628f79e2-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9111281
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe3d9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/payments.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/payments.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17520506
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe449921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mastercard--white.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mastercard--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 751089
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e519921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gamcare.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/gamcare.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/gamcare.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-dd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e6c9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi

35.186.224.25

302 Found

0 B

URL HTTP/2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP
35.186.224.25:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=8aaa98c8d0de6575fd5d7730f87154fb; path=/; expires=Tue, 19 Sep 2023 04:57:29 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D8aaa98c8d0de6575fd5d7730f87154fb%26device%3Ddesktop; path=/; expires=Tue, 20 Sep 2022 04:57:29 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: 01cfef3cc63e5447
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/img/icons/megaclub--updated.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/megaclub--updated.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17521722
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe409921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--flat.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/live-casino--flat.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/live-casino--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: W/"6321ea87-7ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 362564
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e499921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/menu.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/menu.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/menu.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Feb 2022 11:15:58 GMT
etag: W/"620b8b6e-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18052614
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e4d9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/astropaycard--white.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/astropaycard--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/astropaycard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2214065
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e529921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-checked-badge-new.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mega-checked-badge-new.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mega-checked-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-66f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 941257
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e5c9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/flag-nb-no.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/flag-nb-no.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/flag-nb-no.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2214065
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e5f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gamblersanonymous.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/gamblersanonymous.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/gamblersanonymous.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e6e9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/index.3e5fca25e481a764411c.css

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/index.3e5fca25e481a764411c.css
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.3e5fca25e481a764411c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Wed, 14 Sep 2022 14:55:34 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6909
server: cloudflare
cf-ray: 74cfbda2fdb99921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/netent.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/netent.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: W/"6321ea87-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 362564
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe3c9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/grid-new-2.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/home-page/grid-new-2.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/home-page/grid-new-2.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-3194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2402653
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac4ea89921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/service-worker.js

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/service-worker.js
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Mon, 19 Sep 2022 04:57:59 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbda5d8839921-ARN
X-Firefox-Spdy: h2

www.megarush.com/img/icons/trustly--white.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/trustly--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/trustly--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e539921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-bolt-badge-new.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mega-bolt-badge-new.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mega-bolt-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-655"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2402653
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e589921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/search.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/search.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/search.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Mar 2022 10:17:25 GMT
etag: W/"6221e735-12e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17086678
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e4b9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/gambleaware18.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/gambleaware18.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/gambleaware18.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784507
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e6f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/askgamblers.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/askgamblers.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/askgamblers.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-126e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784507
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e719921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/relaxGaming.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/relaxGaming.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 863527
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe3a9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/help-round.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/help-round.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/help-round.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe459921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--yellow.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/live-casino--yellow.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17498986
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe3f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations