safe-guard.site/id/env/tokopedia
212.237.233.86301 Moved Permanently 248 B URL HTTP/1.1 safe-guard.site/id/env/tokopedia
IP 212.237.233.86:0
ASN #212531 UAB Interneto vizija
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 71735a58f5855cc13f2466b3762e6f4e
bfcd62119e0672699bcf64a2e89e0a5040e1b8e7
c4f731cb06995147dd3342fb219aa1896f530adc179f4b77f5b57174b7427656
Analyzer Verdict Alert fortinet Phishing
GET /id/env/tokopedia HTTP/1.1
Host: safe-guard.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 04:57:27 GMT
Server: Apache
Location: http://safe-guard.site/id/env/tokopedia/
Content-Length: 248
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 04:12:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gW4z8yo9cCRaXinn-kKzCqXTCsTB3_q7UbaEr-rpP6l72jxQG9JLlA==
Age: 2689
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2874
Expires: Mon, 19 Sep 2022 05:45:21 GMT
Date: Mon, 19 Sep 2022 04:57:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X5woU7FYJNXTRcr2FxLdJWQb6_fQJ5cwn1cQjlT_3bevxksrOvg01A==
age: 1334
X-Firefox-Spdy: h2
safe-guard.site/id/env/tokopedia/
212.237.233.86302 Found 0 B URL HTTP/1.1 safe-guard.site/id/env/tokopedia/
IP 212.237.233.86:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /id/env/tokopedia/ HTTP/1.1
Host: safe-guard.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 19 Sep 2022 04:57:27 GMT
Server: Apache
Location: //whampamp.com/4/5087048?var=ag2
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 04:57:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
whampamp.com/4/5087048?var=ag2
139.45.197.236200 OK 2.9 kB URL HTTP/1.1 whampamp.com/4/5087048?var=ag2
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5402)
Hash 531d9fb12c8dcc759f0484fe8f403d23
580bd3eb8d6b8b9b8e1a5f6f74d3dd08b9fb8dc0
333e6cfe871a6154a78c4ebb52bc5810feb5a5a4c945774da6e1d47e6f794566
Analyzer Verdict Alert quad9 Sinkholed
GET /4/5087048?var=ag2 HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 04:57:27 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: a745271ee32bced36834f9bc61175510
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=1bda0be06ecd4518b8e838d2e4356408; expires=Tue, 19 Sep 2023 04:57:27 GMT; path=/
oaidts=1663563447; expires=Tue, 19 Sep 2023 04:57:27 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
whampamp.com/favicon.ico
139.45.197.236204 No Content 0 B IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ag2
Cookie: OAID=1bda0be06ecd4518b8e838d2e4356408; oaidts=1663563447
HTTP/1.1 204 No Content
Server: nginx
Date: Mon, 19 Sep 2022 04:57:27 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 04:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 04:26:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UjY9Lf4I980DFNW-3Gh9O364x4kPfLKHPGiEqChKut78aPWx8nJLCQ==
Age: 3245
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c5f23f94270a39081bb9d749a97d5704
97e18938c56b7d7c43bddac19abc7dbd2eccc952
dfefc859840a50bfc0eaa8e38dadae38a65514f0060af98cad8c1ab0892b1330
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 04:57:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=307071,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cfbd9c7cde9927-ARN
my.rtmark.net/img.gif?f=merge&userId=1bda0be06ecd4518b8e838d2e4356408
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=1bda0be06ecd4518b8e838d2e4356408
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=1bda0be06ecd4518b8e838d2e4356408 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 04:57:27 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1bda0be06ecd4518b8e838d2e4356408; expires=Tue, 19 Sep 2023 04:57:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
whampamp.com/?z=5087048&syncedCookie=true&rhd=false
139.45.197.236302 Found 0 B URL HTTP/1.1 whampamp.com/?z=5087048&syncedCookie=true&rhd=false
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 435
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=1bda0be06ecd4518b8e838d2e4356408; oaidts=1663563447
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 19 Sep 2022 04:57:28 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 889d2f38d384aef187dded1287c6c376
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595590869130940579&subid1=5087048&cost=0.000731&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=1bda0be06ecd4518b8e838d2e4356408; expires=Tue, 19 Sep 2023 04:57:28 GMT; path=/
oaidts=1663563447; expires=Tue, 19 Sep 2023 04:57:28 GMT; path=/
syncedCookie=true; expires=Mon, 26 Sep 2022 04:57:28 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5892
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:28 GMT
Last-Modified: Mon, 19 Sep 2022 03:19:16 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e4af8f904bd872ebfcf16bd59c85c11
e78ad51acb90d2ed0c6e05f926722f2b8e8c6426
7c0df159e6a36a1b297cbc46dc0fcc37a7dacad17f923ff4d7be1582d707576b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C0DF159E6A36A1B297CBC46DC0FCC37A7DACAD17F923FF4D7BE1582D707576B"
Last-Modified: Fri, 16 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17449
Expires: Mon, 19 Sep 2022 09:48:17 GMT
Date: Mon, 19 Sep 2022 04:57:28 GMT
Connection: keep-alive
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595590869130940579&subid1=5087048&cost=0.000731&rdk=rk3
157.90.33.71302 Found 0 B URL HTTP/2 eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595590869130940579&subid1=5087048&cost=0.000731&rdk=rk3
IP 157.90.33.71:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=595590869130940579&subid1=5087048&cost=0.000731&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 19 Sep 2022 04:57:28 GMT
content-length: 0
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=w5JxTPznSeG71w2WtE0S7Q; expires=Tue, 19 Sep 2023 04:57:28 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
35.227.234.222302 Found 0 B URL HTTP/1.1 35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
IP 35.227.234.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 19 Sep 2022 04:57:28 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H/6QLMgip2pB1QAw+V1TTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fQJhB4wzlGbwUxDkYB7Q+ytE/4M=
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
23.36.79.18301 Moved Permanently 0 B URL HTTP/2 media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Mon, 19 Sep 2022 04:57:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 19 Sep 2022 04:57:28 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663563448437)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C2022919457%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224754634%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Wed, 19-Sep-3021 04:57:28 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=36
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a7fa280164f7b3c1d57e372556a8bd86
9cda2758eb1bc8657ac63d9fe7336c72637aad7f
570486fd34d10de57391e5ca0710cd6ef9985eb7d9067af4fc9bb2f3e6dffaa0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:28 GMT
Server: ECS (amb/6B89)
Content-Length: 279
www.megarush.com/fonts/Inter-ExtraBold.woff2
104.22.30.168200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-ExtraBold.woff2
IP 104.22.30.168:0
File type Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Hash d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c
GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: font/woff2
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4238
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbda2edaa9921-ARN
X-Firefox-Spdy: h2
www.megarush.com/fonts/Inter-Bold.woff2
104.22.30.168200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-Bold.woff2
IP 104.22.30.168:0
File type Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Hash a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37
GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: font/woff2
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4238
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbda2fdb29921-ARN
X-Firefox-Spdy: h2
www.megarush.com/fonts/DS-Digital.woff2
104.22.30.168200 OK 776 B URL HTTP/2 www.megarush.com/fonts/DS-Digital.woff2
IP 104.22.30.168:0
File type Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Hash 789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248
GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: font/woff2
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4007
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbda2fdb69921-ARN
X-Firefox-Spdy: h2
www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
104.22.30.168200 OK 13 kB URL HTTP/2 www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
IP 104.22.30.168:0
Hash d2ea0e4bd413463649106a6fecd63fcd
06969a5d94ac7094e0c61738e603f04fc1df9ddf
dddbf86b211156fb431b612fb82813bd0b578fc59c4d76209a9091d0b1bb5cb2
GET /nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: text/html
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-497zf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbda20cce9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.megarush.com/base.css
104.22.30.168200 OK 52 kB URL HTTP/2 www.megarush.com/base.css
IP 104.22.30.168:0
Hash b124791dadaf5fae1e47778152ab4168
4ed6df0ea166842d2227b1f35dfe5120830c4a2c
b03e24a137bcbb0ce437133da12b7d4630a76b3518102659a12a9f3bfb3fb214
GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Wed, 14 Sep 2022 16:42:54 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4644
server: cloudflare
cf-ray: 74cfbda2fdb79921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
54.230.245.125200 OK 16 kB URL HTTP/1.1 d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP 54.230.245.125:0
File type ASCII text, with very long lines (16536)
Hash 9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a
GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 18 Sep 2022 20:01:01 GMT
ETag: "9f2263de140cc78c0737d17051307016"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0pSCzcac753v-VL2PYgza_p3oO2_CV9sfqtYRR_T4TJmkZTF43Is8g==
Age: 32189
www.megarush.com/favicons/favicon-194x194.png
104.22.30.168200 OK 12 kB URL HTTP/2 www.megarush.com/favicons/favicon-194x194.png
IP 104.22.30.168:0
File type PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Hash 3bc9ecb2b8d9e78d83d49da52c0292fc
b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c
GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: image/png
content-length: 11668
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 940047
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbda5a8539921-ARN
X-Firefox-Spdy: h2
www.megarush.com/favicons/favicon-16x16.png
104.22.30.168200 OK 437 B URL HTTP/2 www.megarush.com/favicons/favicon-16x16.png
IP 104.22.30.168:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 914b291e561aafc860f86bc23c4065f1
b47bda2b8d530bbaead0fbcba219ac18247d1410
08f8a35ac0dda8a81618b381bfc0747ac80e022c0ff44dcb4d8d153dad724b45
GET /favicons/favicon-16x16.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: image/png
content-length: 437
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-1b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2270131
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbda5a8589921-ARN
X-Firefox-Spdy: h2
www.megarush.com/js/index.94a008e8.js
104.22.30.168200 OK 304 kB URL HTTP/2 www.megarush.com/js/index.94a008e8.js
IP 104.22.30.168:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 304 kB (303681 bytes)
Hash da5a6b42b917ba5472b9bc3e604f2fc8
ca9b26e92fea581fd88437f9c409318a5bf45a2d
9b642c07739b25980b53e31765b2bb28582469ab26814a7aaa8c1c6060f5d09b
GET /js/index.94a008e8.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Wed, 14 Sep 2022 14:57:16 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6909
server: cloudflare
cf-ray: 74cfbda2fdbb9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP 142.250.74.3:0
Hash 9aa2e2ad348c576d17b320261fdd5002
2c552d0f7bc6ef9c4df4b9abdc1e2dbcd23a06a8
9688bc5095efa1456db60656310f626888cc8552d6cb0f40876e13ac71aeec51
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 172e6df78fa7441e7da500bb9a5b23b3
3a2956f971f71a8aa8a2820ddab723269a497eee
798229c01f011a42689b326d7d0c21771371319edb48e58466190e54126e25e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "798229C01F011A42689B326D7D0C21771371319EDB48E58466190E54126E25E6"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11942
Expires: Mon, 19 Sep 2022 08:16:31 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 896bff52d8e6754a724da99230caabd6
bb053af2fcbeae7045f94d66baedc852abd3d663
7e0302d513ca6a7b370cc58c86c9a39a85578a9def775c20e3ede5b3402bc7cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1644
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:29 GMT
Last-Modified: Mon, 19 Sep 2022 04:30:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.megarush.com/js/chunk-vendors.25e1a372.js
104.22.30.168200 OK 168 kB URL HTTP/2 www.megarush.com/js/chunk-vendors.25e1a372.js
IP 104.22.30.168:0
Size 168 kB (168511 bytes)
Hash 9dc3de476a453e7b7a8ec2ab040982b4
7e9109c512e1b694b913edf994e08df043576052
ee93d6276cf631ae5be8f07aab8407ba117c3d7cde60f6189766ee16b3c21716
GET /js/chunk-vendors.25e1a372.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Wed, 14 Sep 2022 14:57:16 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6909
server: cloudflare
cf-ray: 74cfbda2fdba9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6327f6a6fa7e40b6c360a683
172.64.149.99101 Switching Protocols 0 B URL HTTP/1.1 megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6327f6a6fa7e40b6c360a683
IP 172.64.149.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6327f6a6fa7e40b6c360a683 HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Zx8m8RSe/9cCMWxVM1MgBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: VsOZdOSDR55sBp0PW7d5Kd7MCqE=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=34fdca89e4fd66eb7f1ce63e4291fa5e; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cfbda65ae415e0-ARN
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP 142.250.74.3:0
Hash 9aa2e2ad348c576d17b320261fdd5002
2c552d0f7bc6ef9c4df4b9abdc1e2dbcd23a06a8
9688bc5095efa1456db60656310f626888cc8552d6cb0f40876e13ac71aeec51
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive
scripts.mediamathrdrt.com/scripts/b_megarush.js
172.67.170.210200 OK 755 B URL HTTP/2 scripts.mediamathrdrt.com/scripts/b_megarush.js
IP 172.67.170.210:0
Hash 3b861bb277617e8ae5c7712dbcab19db
df35aa87ba327e8c824493d1a5d4e675de9c46da
69f598eae171f6b6b2e8f23f261f64739e6cb86ef59e2530c4a4bb5262863b0d
GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 286f44e8-81b1-4947-8ebc-75f12b2bf699
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.016281
expires: 2022-08-20 04:57:29 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqB94VOn68PW8hFOxOnnCvwaQMf7awASDYRn1jBZCGjyjx8ikXtXBqxuyIUV2EVSmN%2FHP5p4P%2B2uODWOqV8eZK0iaeFSmHrg0vaSvvRNfn7thP27zw9F%2Fu3apLVL4Vbwmi1PBBqTw4Ss8xuF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74cfbda6ba9972a0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
age: 25216
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcd68f4f4d0188a96a06b1793abf38e1
df40b195d24c1b58123c40f8b01294035c9076a5
6c8d53d76269c3f945cc28f3005bcdbbaf1a748a65a166db6c7161f382a47609
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3375
x-amzn-requestid: 4827cdf6-5641-44cd-a076-d8b29bb34ffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSyFO0IAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790de-45acc6fe6064eb3f23e4ea77;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4PMLN0oWbDY1eqvGzUzXRC3u1gaJqh-uyYa9vKtcoXFqgbSO48R6dQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:56:42 GMT
age: 25247
etag: "df40b195d24c1b58123c40f8b01294035c9076a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
age: 25430
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s2.adform.net/banners/scripts/st/trackpoint-async.js
37.157.2.249200 OK 40 kB URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP 37.157.2.249:0
Hash bce60b3a35f5743879700bce8958181c
410f757e88cf9d16933274d60b45f7d570ce9f6e
efe027adfef11f163279787f7ffafe2e3a3fccedf1afbd4fbf286f123c9a3ef5
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 May 2022 11:34:23 GMT
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-amz-request-id: tx0000000000000aa08f15c-006327f026-3233e6c5-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10721
x-amzn-requestid: 5c3a2647-0af8-4cd2-8b68-df6606c6362e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yi1NMHVfoAMF-3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63243587-2b73a75b69570a1a144a5f73;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 08:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SpK-J7OfVkg8Gn_-wiaIKrqVl6t14P13ax8TPtsKDRXAVtHj9GWSwg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:43:59 GMT
age: 4410
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4c47761-c610-4f71-a8f3-772d76380bc1.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4c47761-c610-4f71-a8f3-772d76380bc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 462834e36cc7d5121bad2761027522cd
e4884280d3e689c334c07e70eae59bb17c0a9d31
66c8c668434c712e8efa2cebfa68f5025b334185664b120fdcfc7a4a8939469c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4c47761-c610-4f71-a8f3-772d76380bc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3538
x-amzn-requestid: 438111ef-a7cf-427c-b3e1-ae551c7cce13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvYxEI7IAMFe7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c37-6818efee4a1c0fc82d516d8a;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bXZq1mluA--mQCgQJAxvb6SKNhcqPyv43-J9tPnkhe9SZcCCUnQ_fw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:47:58 GMT
age: 25771
etag: "e4884280d3e689c334c07e70eae59bb17c0a9d31"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 172e6df78fa7441e7da500bb9a5b23b3
3a2956f971f71a8aa8a2820ddab723269a497eee
798229c01f011a42689b326d7d0c21771371319edb48e58466190e54126e25e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "798229C01F011A42689B326D7D0C21771371319EDB48E58466190E54126E25E6"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11942
Expires: Mon, 19 Sep 2022 08:16:31 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive
megalotto-static.gigmagic.io/translations/no.json
172.64.149.99200 OK 75 kB URL HTTP/2 megalotto-static.gigmagic.io/translations/no.json
IP 172.64.149.99:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Hash c65c57dc0700025bf90a1adde1aff75b
32292b13109ae3c175acc85eb5c042e3433f2cbb
4063d90c64b9268398cff98e82b3b3b825d7dede0f4572000134d9d163feda84
GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: application/json; charset=utf-8
content-length: 75078
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Thu, 08 Sep 2022 13:34:10 GMT
etag: "c65c57dc0700025bf90a1adde1aff75b"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbda74df7993e-ARN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a28fab6062c0fae84f84b957fd23fa6c
231b9878bd1ea0984ec4106ecfb7ecb0bd486d25
e0155887947b255a256c70c8209dce7348a59c876c8485361272cc104b21437a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0155887947B255A256C70C8209DCE7348A59C876C8485361272CC104B21437A"
Last-Modified: Sat, 17 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8803
Expires: Mon, 19 Sep 2022 07:24:12 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive
rs.fullstory.com/rec/page
35.186.194.58202 Accepted 76 B URL HTTP/2 rs.fullstory.com/rec/page
IP 35.186.194.58:0
File type JSON data\012- , ASCII text
Hash 483ffa09cea154d304956a80f8b6b0cc
8c4675aeda7de53c381d4027ac239f0ea83a82ca
39cd29318acd06252db1fc7edf14ce35ebbd083cf672cd371bb0e40340370f08
POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 376
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 04:57:29 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a28fab6062c0fae84f84b957fd23fa6c
231b9878bd1ea0984ec4106ecfb7ecb0bd486d25
e0155887947b255a256c70c8209dce7348a59c876c8485361272cc104b21437a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0155887947B255A256C70C8209DCE7348A59C876C8485361272CC104B21437A"
Last-Modified: Sat, 17 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8803
Expires: Mon, 19 Sep 2022 07:24:12 GMT
Date: Mon, 19 Sep 2022 04:57:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9ff6a1295cab6b2a61d37ccc175ffbc7
3b8ebada6001c230495f014f3a224de418802c16
4e60d60482a80af1c9d50963702c55ffd732d58335057e315be19608bcbd7b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:29 GMT
Last-Modified: Mon, 19 Sep 2022 03:43:13 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9ff6a1295cab6b2a61d37ccc175ffbc7
3b8ebada6001c230495f014f3a224de418802c16
4e60d60482a80af1c9d50963702c55ffd732d58335057e315be19608bcbd7b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:57:29 GMT
Last-Modified: Mon, 19 Sep 2022 03:43:13 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.megarush.com/img/home-page/coin-1-1.png
104.22.30.168200 OK 4.3 kB URL HTTP/2 www.megarush.com/img/home-page/coin-1-1.png
IP 104.22.30.168:0
File type PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Hash 214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0
GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 4257
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: "6214dc41-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17967708
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdab9dd79921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-1.png
104.22.30.168200 OK 3.5 kB URL HTTP/2 www.megarush.com/img/home-page/coin-2-1.png
IP 104.22.30.168:0
File type PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Hash 09e800f81a52a109cbf3a8b2f8e727bf
d44509cdbddce4991b70f10276c47786e9993d0b
8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376
GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 941257
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdab9ddb9921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-4.png
104.22.30.168200 OK 786 B URL HTTP/2 www.megarush.com/img/home-page/coin-2-4.png
IP 104.22.30.168:0
File type PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Hash dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09
GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 941257
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabaded9921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-2.png
104.22.30.168200 OK 2.6 kB URL HTTP/2 www.megarush.com/img/home-page/coin-2-2.png
IP 104.22.30.168:0
File type PNG image data, 61 x 69, 8-bit colormap, non-interlaced\012- data
Hash bba9175cb7f05129ab03029f757b73ec
3efab582d082e5eb7f9ad9106f564c6f95e1fcc0
5ec2a2d82d3f356dcda627c1858e64278702b9c348f707287c9e72d0cbe05ad7
GET /img/home-page/coin-2-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 2616
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: "6214dc41-a38"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabadf09921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-3.png
104.22.30.168200 OK 1.8 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-3.png
IP 104.22.30.168:0
File type PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Hash fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680
GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 1807
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2270127
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabadf69921-ARN
X-Firefox-Spdy: h2
www.megarush.com/chunk-vendors.76e8e4d0.css
104.22.30.168200 OK 22 kB URL HTTP/2 www.megarush.com/chunk-vendors.76e8e4d0.css
IP 104.22.30.168:0
Hash 30f8fcbff42cd72fe69140fc552ee50b
ec44a7d00ac6fb7f674fd49e33283db3b4823b4b
695f3f778a3d411e81c6998cafc90fa4af62ccc044953cee2618be104465df3c
GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Wed, 14 Sep 2022 16:42:54 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3135
server: cloudflare
cf-ray: 74cfbda2fdb89921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-2.png
104.22.30.168200 OK 2.2 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-2.png
IP 104.22.30.168:0
File type PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Hash c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca
GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 2192
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: "6214dc41-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17967708
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabadf49921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-1.png
104.22.30.168200 OK 4.4 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-1.png
IP 104.22.30.168:0
File type PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Hash 3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6
GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 4434
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2402653
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabadf29921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/mega-jackpots.png
104.22.30.168200 OK 64 kB URL HTTP/2 www.megarush.com/img/home-page/mega-jackpots.png
IP 104.22.30.168:0
File type PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Hash b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d
GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 63747
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 362564
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabadf89921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/feel-the-rush.png
104.22.30.168200 OK 49 kB URL HTTP/2 www.megarush.com/img/home-page/feel-the-rush.png
IP 104.22.30.168:0
File type PNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data
Hash 141c6d0e374b086cf1d604173cb607c8
9e5531e6e26ad4cb621dd35d9521b167ce99ca53
c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2
GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 48691
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: "6214dc41-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e799921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/megaclub.png
104.22.30.168200 OK 11 kB URL HTTP/2 www.megarush.com/img/benefits/megaclub.png
IP 104.22.30.168:0
File type PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Hash 6a13cb2219f5d42d2a9c95d9104ef8b2
7fcbf688a27942e5fc89d5796144c17095336a41
02796f7fee25c816673368b88fae179a1d4ac8210b8c1dd5198825e56e592e66
GET /img/benefits/megaclub.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 10578
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2402653
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e779921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/loyalty.png
104.22.30.168200 OK 9.7 kB URL HTTP/2 www.megarush.com/img/benefits/loyalty.png
IP 104.22.30.168:0
File type PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Hash df4d6dc1ebb3bbbace8d15ec77486d46
287e7185a17258c716cbf616aa95287c0db255a9
a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8
GET /img/benefits/loyalty.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 9659
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: "6214dc41-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17967708
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e759921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/affiliates/online-gamblers.png
104.22.30.168200 OK 14 kB URL HTTP/2 www.megarush.com/img/affiliates/online-gamblers.png
IP 104.22.30.168:0
File type PNG image data, 800 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c612bb3dbe37436b86ec881eecb90c4
45722b1f16d3b61f2803fa3bb78403414bd3a442
e92c2f751a6eddbd489bf745193c6af18af7d1f270396f0a0d40efc778c5672c
GET /img/affiliates/online-gamblers.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 14178
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-3762"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2213344
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e7b9921-ARN
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
172.64.149.99200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 172.64.149.99:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=7a940f64164fea3dfa16feb3497281e5; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbdabaae3993e-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/smoke-2-small.png
104.22.30.168200 OK 4.2 kB URL HTTP/2 www.megarush.com/img/home-page/smoke-2-small.png
IP 104.22.30.168:0
File type PNG image data, 316 x 126, 4-bit colormap, non-interlaced\012- data
Hash 8361a76edf079ca44cd5c81d537c4ba0
b653ecb4ecaef4df2658c460be005f762ae203fb
e57046600ea12b7c2803f5d01c02595de1e29dca15981a2a278b916a9f62a5b0
GET /img/home-page/smoke-2-small.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 4245
last-modified: Wed, 10 Aug 2022 15:32:40 GMT
etag: "62f3cf98-1095"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3331764
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac2e8d9921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/affiliates/norges-casino.png
104.22.30.168200 OK 12 kB URL HTTP/2 www.megarush.com/img/affiliates/norges-casino.png
IP 104.22.30.168:0
File type PNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data
Hash 453efb7650d4c514229ddc7cb4b5d04f
f00e51876a720516521db90908019e5ccebe0397
d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e
GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 12111
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 899371
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e7e9921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/smoke-1-medium.png
104.22.30.168200 OK 35 kB URL HTTP/2 www.megarush.com/img/home-page/smoke-1-medium.png
IP 104.22.30.168:0
File type PNG image data, 800 x 317, 8-bit gray+alpha, non-interlaced\012- data
Hash 109f267221e2cee94514a7efaebd29a9
a2e8d66e2f36d10fbdb7e78e42aefaffdfdbf7f2
72d4591ac99f7e8c9d7bbd20af81a880c6b66a6632772d6f0f085656afb3b801
GET /img/home-page/smoke-1-medium.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 35333
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-8a05"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 362564
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac2e929921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/smoke-2.png
104.22.30.168200 OK 75 kB URL HTTP/2 www.megarush.com/img/home-page/smoke-2.png
IP 104.22.30.168:0
File type PNG image data, 1187 x 471, 8-bit/color RGBA, non-interlaced\012- data
Hash b52d54230805a82ccdbc1484c6bde4aa
73fcb683ec6b5598a0b89138843c479d5f479fe0
97b1cfcdf70c6c432984de8f4c9350281c61d6503bd8cd1add15e46ea359eade
GET /img/home-page/smoke-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 74825
last-modified: Tue, 15 Feb 2022 11:15:58 GMT
etag: "620b8b6e-12449"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18052614
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3e999921-ARN
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
172.64.149.99200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 172.64.149.99:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=85a547835eae4c636738facab771bd81; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbdabbb08993e-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/question-mark-1.d872b1da.png
104.22.30.168200 OK 54 kB URL HTTP/2 www.megarush.com/img/question-mark-1.d872b1da.png
IP 104.22.30.168:0
File type PNG image data, 632 x 820, 8-bit colormap, non-interlaced\012- data
Hash d872b1daeb19c1afe87b87c10de4343d
40c2dbf4eea216df495b10b6c039356432b41c4f
56d454faccb635efca719d35f33cd06b0131c75ee321a7f1fb6914099ebdcf96
GET /img/question-mark-1.d872b1da.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/png
content-length: 53566
last-modified: Wed, 10 Aug 2022 15:32:40 GMT
etag: "62f3cf98-d13e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3331764
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3ea09921-ARN
X-Firefox-Spdy: h2
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
172.64.149.99200 OK 31 kB URL HTTP/2 megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP 172.64.149.99:0
File type ISO Media, AVIF Image\012- data
Hash a120f99e6d07b9526d8720e520942423
57edcb554c28a5787dd54c7f64b12ce9b7007d9b
c006a30b946ca1a403a8eaca8cdf20fa22b9ea6912b59023689f6aa65c83b137
GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 06 Sep 2022 09:45:02 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 66cd5b3423986c504740641be9f0a18ddd2feace
x-imgix-render-farm: 01.1072
age: 1105947
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-ams12772-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbdac2f7015e0-ARN
X-Firefox-Spdy: h2
megalotto-img.gigmagic.io/promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png
172.64.149.99200 OK 84 kB URL HTTP/2 megalotto-img.gigmagic.io/promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png
IP 172.64.149.99:0
File type ISO Media, AVIF Image\012- data
Hash bedc100c06fb83e57bdb6d2f42747b20
833f812570395944549808e657831b895ef6409e
b78a93d52e444df6bcee282606786244c12597d8483004fb48d5af83672781d1
GET /promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/avif
content-length: 83745
last-modified: Mon, 12 Sep 2022 22:56:53 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 5600ea53cb2bd76c49069c9948d9eafca3a48e23
x-imgix-render-farm: 01.560
age: 540036
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10061-SJC, cache-ams12780-AMS
x-cache: HIT, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbdac2f7a15e0-ARN
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=799004089382&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_1128B47F00DE4FC29041558C24ADB151
37.157.6.245302 Found 714 kB URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=799004089382&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_1128B47F00DE4FC29041558C24ADB151
IP 37.157.6.245:0
Size 714 kB (714381 bytes)
Hash 0b5a4abccdd17f4696d6692be71c6c7f
0d92292bcdb403352429f426337825ad0ad3893c
7d640e755f12508426d2be724b8bf67108af37b85005cc4df596beae74f79c76
GET /Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=799004089382&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_1128B47F00DE4FC29041558C24ADB151 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
HTTP/2 302 Found
server: nginx
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=799004089382&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_1128B47F00DE4FC29041558C24ADB151
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 19-Oct-2022 04:57:29 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.megarush.com/video/arcade-game.webm
104.22.30.168206 Partial Content 61 kB URL HTTP/2 www.megarush.com/video/arcade-game.webm
IP 104.22.30.168:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 9aaef915ba1a5046a92ef8dfcc58cdba
c25acbf957571a53c4ca7cc5a910757e4cfffd66
565d4805821948f9740cd260a8da41b19189a2f3658867815af960a5a31f035a
GET /video/arcade-game.webm HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Range: bytes=0-
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: video/webm
content-length: 61172
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-eef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-range: bytes 0-61171/61172
cf-cache-status: BYPASS
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-497zf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
app_uid=CoAHdGMn9rpaRAAsBIvqAg==; expires=Wed, 19-Oct-22 04:57:30 GMT; domain=$host; path=/
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdaccf169921-ARN
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
172.64.149.99200 OK 1.2 kB URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 172.64.149.99:0
File type JSON data\012- , ASCII text, with very long lines (5192), with CRLF line terminators
Hash d54fb0432576103c0d541fc996d0f67e
b42e5059e16da295b1fc710a39ef551c0c075b1a
c7d115aa39eb33d808a858ca91900bc85538bc7623f3657a80c3dbf94bdefbe6
POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 18
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 6327f6a6fa7e40b6c360a683
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=7a940f64164fea3dfa16feb3497281e5; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbdacabee993e-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/glows/purple-jackpot.svg
104.22.30.168200 OK 3.9 kB URL HTTP/2 www.megarush.com/img/home-page/glows/purple-jackpot.svg
IP 104.22.30.168:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (23516)
Hash 671e9f0c0ca1e4a6f08f7b0660115924
3543aac6de615bfa526d16415f23ddac8f030270
14aec2dec0ff0028dd1877127251c17b00950af3fc70f5ffe4e75a2ffbc6ac8b
GET /img/home-page/glows/purple-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Wed, 10 Aug 2022 15:32:40 GMT
etag: W/"62f3cf98-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3331764
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3e9b9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/glows/half-blue.svg
104.22.30.168200 OK 128 kB URL HTTP/2 www.megarush.com/img/home-page/glows/half-blue.svg
IP 104.22.30.168:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64864)
Size 128 kB (127875 bytes)
Hash 1a4846ea3559d3ddac12b9829e3aae67
1fd3c0af13f31f231fed014b36a2cb837fb70652
3592ce16c9bd052e912c20ce3864ff0ec75034320a928243c2314977a18ed6be
GET /img/home-page/glows/half-blue.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Feb 2022 11:15:58 GMT
etag: W/"620b8b6e-2a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18052614
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac2e8f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/glows/blue-jackpot.svg
104.22.30.168200 OK 217 kB URL HTTP/2 www.megarush.com/img/home-page/glows/blue-jackpot.svg
IP 104.22.30.168:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64939)
Size 217 kB (216842 bytes)
Hash 22e2a698dda5f611e161c1dbbf8045e4
320b27c8a84ca8b71c5e00f57b2ced0df66f83ac
b488aa8e1963c030b7ee80da5efb89de91fd8ab25ee8a3ea6c6d0456042a81cf
GET /img/home-page/glows/blue-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Mar 2022 10:17:25 GMT
etag: W/"6221e735-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17086678
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3e9f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/promotions--updated.svg
104.22.30.168200 OK 798 B URL HTTP/2 www.megarush.com/img/icons/promotions--updated.svg
IP 104.22.30.168:0
Hash 200aee52934ea3c500d5229529e85195
31bb1cd87a9f6a0af2b110179c99ae2768f9c078
97152050470fa0c47becf3c35551b9ecfbf729a65b9440312a3a59821d713022
GET /img/icons/promotions--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17521722
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe429921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
scripts.mediamathrdrt.com/safeframe
172.67.170.210200 OK 1.6 kB URL HTTP/2 scripts.mediamathrdrt.com/safeframe
IP 172.67.170.210:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 713db9375ccb287603472e55dc489d40
fc23264795bbffd23deb531aa8240907e74530f2
51306bb8044edc9fd31ac470ff9923bb95794d92f98a075436a1158b75c64706
GET /safeframe HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 342b46f9-b7e5-4faa-84a7-0a94a609ff88
x-download-options: noopen
x-runtime: 0.002525
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2B39FloZQuv5tmXF%2BcyAqrD8ohF80jZNYwozAmtZiRytRjtFxoAQiupwoNoNjFGt%2FD1VwtHqwatjMPv705oQ3YG3YZnyou8rlqrwcM8Pswxa09zcRYnilVSiYrptHaFm46ZQQCjpOiK2%2BBoJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74cfbda7aae872a0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.megarush.com/img/icons/games--flat.svg
104.22.30.168200 OK 1.2 kB URL HTTP/2 www.megarush.com/img/icons/games--flat.svg
IP 104.22.30.168:0
Hash a3fde663e315bac2155b8cff7f9dd52a
a77dabbe4f049aac19d70e37762ba0ecd18993b8
bd07a029ed31f67ca0f90f1440ce3670d46699a5357ca27b7eca50389d5b1fee
GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe469921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
graphql.datocms.com/
172.67.11.48200 OK 0 B IP 172.67.11.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:31 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.megarush.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74cfbdb17da49927-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/palms.1f322dbc.svg
104.22.30.168200 OK 89 kB URL HTTP/2 www.megarush.com/img/palms.1f322dbc.svg
IP 104.22.30.168:0
Hash 3d10597764324134a29057d1ad106aac
f735d643785c16c4bea167aa9a9ec59667df2769
55aecbbe245d26c15a4e2b5b9c3e92baf4260c2f81e88e762dde0247e71745c0
GET /img/palms.1f322dbc.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Wed, 10 Aug 2022 15:32:40 GMT
etag: W/"62f3cf98-33a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3331764
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3ea19921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
54.230.111.47200 OK 271 B URL HTTP/2 rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
IP 54.230.111.47:0
Hash 34e255255d25312b08a2cc8566b5bf38
56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23
GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Mon, 19 Sep 2022 04:43:51 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z0IgPb3JVaH9MQaI5NDqHbVAJIFA3o-F50haLGDypr-cjrcphGThBg==
age: 821
X-Firefox-Spdy: h2
pxl.qccerttest.com/pixel?r=161330715;fpan=1;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432203;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ogl=
143.204.55.93200 OK 35 B URL HTTP/2 pxl.qccerttest.com/pixel?r=161330715;fpan=1;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432203;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ogl=
IP 143.204.55.93:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=161330715;fpan=1;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432203;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 02:11:33 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qvqAkjd_a8RQhUJGM_okNXxEt2op5uHWhu9SQcu1RoFA_voUsMMeiA==
age: 9959
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1237042096;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432205;tzo=0;ogl=;ses=d88735a8-f9d5-4a50-8073-77af2de6a761
91.228.74.166200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1237042096;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432205;tzo=0;ogl=;ses=d88735a8-f9d5-4a50-8073-77af2de6a761
IP 91.228.74.166:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1237042096;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1685911480%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_1128B47F00DE4FC29041558C24ADB151;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1705196870-1663563432204;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663563432205;tzo=0;ogl=;ses=d88735a8-f9d5-4a50-8073-77af2de6a761 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:31 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=6327f6bb-371b7-2fa88-46fc6; expires=Fri, 20-Oct-2023 04:57:31 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 107 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 67a2d612fdffeacee275a3b58a79a790
6a310a75748cfe762b778c8d7d385907896aa238
fee67f56c7ff65fa6812de29eae23965dce62796fcd615c595f37f80a9842f48
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 107
date: Mon, 19 Sep 2022 04:57:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/icons/promotions--flat.svg
104.22.30.168200 OK 1.3 MB URL HTTP/2 www.megarush.com/img/icons/promotions--flat.svg
IP 104.22.30.168:0
Size 1.3 MB (1337148 bytes)
Hash fcfa635e7ef182b75828f808fd780beb
904a2e2107b784b2070752aff56c7ed059ee1c0d
a6fe481dec789038aaba1e8a012d81800f1a32a6a97be823b01fdbd8cf3d8de3
GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17498986
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e4a9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
151.101.86.248200 OK 90 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP 151.101.86.248:0
Hash fe1cfc14b7498b187c78fa72fb72d148
6bec8ce832951162e0ebc4b257e3ee850fe7aade
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Mon, 19 Sep 2022 04:57:31 GMT
Age: 641472
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1621-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 3
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8
151.101.86.248200 OK 131 kB URL HTTP/1.1 i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Size 131 kB (130780 bytes)
Hash ccb11204819dd6617e4e1fba9eeb5a84
3f5233f01c8ce71ffddde8694d269ee834964b93
f3fa391ba021ceb98c27ff44f743db4d6a4073c0faf83ebf9f030d82bf4e6111
GET /image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 130780
Last-Modified: Fri, 30 Apr 2021 15:10:01 GMT
ETag: "ccb11204819dd6617e4e1fba9eeb5a84"
x-goog-generation: 1619795401707780
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 130780
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Mon, 19 Sep 2022 04:57:31 GMT
Age: 1108509
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000160-CHI, cache-bma1657-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
graphql.datocms.com/
172.67.11.48200 OK 693 B IP 172.67.11.48:0
File type JSON data\012- , ASCII text, with very long lines (4111), with no line terminators
Hash 96a53f548c35ec6b611b31ff5f81c90f
f9664c9b69e6b438ae673d39f4e425ce4e594d5e
b7f5445fcd9bf3fbd11b3f35e71a8a98add1086ae3284eb7836aa630aafd31f3
POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 151
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
authorization: Bearer 35d777e787abbc619166a62135c433
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:31 GMT
content-type: application/json; charset=utf-8
cf-ray: 74cfbdb19dbf9927-ARN
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 1126658
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 120
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4336-DUB, cache-bma1633-BMA
x-timer: S1663563451.142258,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Mon, 19 Sep 2022 04:57:31 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Mon, 19 Sep 2022 04:57:31 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Mon, 19 Sep 2022 04:57:31 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 04:57:31 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 109 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7587e86dfdd6a06ccc9a69c560e7c900
237130ad4f2e63230f15f84e6764f05e358f5a6b
093316235e09f7f5b772ffb9049e3b02bda38a010a268cf0ad44adf1e67b96d7
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 109
date: Mon, 19 Sep 2022 04:57:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/logo.113ce962.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/logo.113ce962.svg
IP 104.22.30.168:0
GET /img/logo.113ce962.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-cf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17903816
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac2e8c9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/iso.fc5b238b.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/iso.fc5b238b.svg
IP 104.22.30.168:0
GET /img/iso.fc5b238b.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-363"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784479
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac4ea99921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/logo.4c52d90d.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/logo.4c52d90d.svg
IP 104.22.30.168:0
GET /img/logo.4c52d90d.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-931"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784480
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac4eb79921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/playAndGo.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/playAndGo.svg
IP 104.22.30.168:0
GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 863527
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabee399921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-phone-badge-new.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-phone-badge-new.svg
IP 104.22.30.168:0
GET /img/icons/mega-phone-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Feb 2022 11:15:58 GMT
etag: W/"620b8b6e-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18052614
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e5a9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/begambleaware.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/begambleaware.svg
IP 104.22.30.168:0
GET /img/icons/begambleaware.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-18df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17903817
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e659921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mga.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mga.svg
IP 104.22.30.168:0
GET /img/icons/mga.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-74d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 944642
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e609921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/grid-new-1.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/home-page/grid-new-1.svg
IP 104.22.30.168:0
GET /img/home-page/grid-new-1.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-31bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac3e979921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
35.186.224.25200 OK 0 B URL HTTP/2 open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
IP 35.186.224.25:0
GET /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Cookie: sp_t=8aaa98c8d0de6575fd5d7730f87154fb; sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D8aaa98c8d0de6575fd5d7730f87154fb%26device%3Ddesktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
set-cookie: sp_t=8aaa98c8d0de6575fd5d7730f87154fb; path=/; expires=Tue, 19 Sep 2023 04:57:29 GMT; domain=.spotify.com; samesite=none; secure
content-encoding: gzip
sp-trace-id: bc95ef77a3be676a
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/icons/visa--white.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/visa--white.svg
IP 104.22.30.168:0
GET /img/icons/visa--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-279"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 751089
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e4f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/loader.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/loader.svg
IP 104.22.30.168:0
GET /img/icons/loader.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784507
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e729921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/ibas.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/ibas.svg
IP 104.22.30.168:0
GET /img/icons/ibas.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-f8e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e649921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-clock-badge-new.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-clock-badge-new.svg
IP 104.22.30.168:0
GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17772520
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e5d9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.166200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.166:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:31 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Mon, 26 Sep 2022 04:57:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.megarush.com/img/icons/jeton--white.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/jeton--white.svg
IP 104.22.30.168:0
GET /img/icons/jeton--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 751089
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e549921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/onlinedisputeresolution.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/onlinedisputeresolution.svg
IP 104.22.30.168:0
GET /img/icons/onlinedisputeresolution.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-1a7e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784507
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e639921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/glows/purple.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/home-page/glows/purple.svg
IP 104.22.30.168:0
GET /img/home-page/glows/purple.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: W/"6321ea87-261"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 362564
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac2e909921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/casino--side-nav.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/casino--side-nav.svg
IP 104.22.30.168:0
GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17521722
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe3e9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/pragmaticPlay.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/pragmaticPlay.svg
IP 104.22.30.168:0
GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 26 May 2022 13:00:18 GMT
etag: W/"628f79e2-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9111281
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe3d9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/payments.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/payments.svg
IP 104.22.30.168:0
GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17520506
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe449921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mastercard--white.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mastercard--white.svg
IP 104.22.30.168:0
GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 751089
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e519921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/gamcare.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/gamcare.svg
IP 104.22.30.168:0
GET /img/icons/gamcare.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-dd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e6c9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
35.186.224.25302 Found 0 B URL HTTP/2 open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP 35.186.224.25:0
GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=8aaa98c8d0de6575fd5d7730f87154fb; path=/; expires=Tue, 19 Sep 2023 04:57:29 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D8aaa98c8d0de6575fd5d7730f87154fb%26device%3Ddesktop; path=/; expires=Tue, 20 Sep 2022 04:57:29 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: 01cfef3cc63e5447
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/icons/megaclub--updated.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/megaclub--updated.svg
IP 104.22.30.168:0
GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17521722
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe409921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--flat.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/live-casino--flat.svg
IP 104.22.30.168:0
GET /img/icons/live-casino--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: W/"6321ea87-7ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 362564
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e499921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/menu.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/menu.svg
IP 104.22.30.168:0
GET /img/icons/menu.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Feb 2022 11:15:58 GMT
etag: W/"620b8b6e-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 18052614
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e4d9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/astropaycard--white.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/astropaycard--white.svg
IP 104.22.30.168:0
GET /img/icons/astropaycard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2214065
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e529921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-checked-badge-new.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-checked-badge-new.svg
IP 104.22.30.168:0
GET /img/icons/mega-checked-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-66f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 941257
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e5c9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/flag-nb-no.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/flag-nb-no.svg
IP 104.22.30.168:0
GET /img/icons/flag-nb-no.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2214065
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e5f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/gamblersanonymous.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/gamblersanonymous.svg
IP 104.22.30.168:0
GET /img/icons/gamblersanonymous.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e6e9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/index.3e5fca25e481a764411c.css
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/index.3e5fca25e481a764411c.css
IP 104.22.30.168:0
GET /index.3e5fca25e481a764411c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Wed, 14 Sep 2022 14:55:34 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6909
server: cloudflare
cf-ray: 74cfbda2fdb99921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/netent.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/netent.svg
IP 104.22.30.168:0
GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: W/"6321ea87-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 362564
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe3c9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/grid-new-2.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/home-page/grid-new-2.svg
IP 104.22.30.168:0
GET /img/home-page/grid-new-2.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-3194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2402653
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac4ea89921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/service-worker.js
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/service-worker.js
IP 104.22.30.168:0
GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:29 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Mon, 19 Sep 2022 04:57:59 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74cfbda5d8839921-ARN
X-Firefox-Spdy: h2
www.megarush.com/img/icons/trustly--white.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/trustly--white.svg
IP 104.22.30.168:0
GET /img/icons/trustly--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e539921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-bolt-badge-new.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-bolt-badge-new.svg
IP 104.22.30.168:0
GET /img/icons/mega-bolt-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-655"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2402653
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e589921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/search.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/search.svg
IP 104.22.30.168:0
GET /img/icons/search.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Mar 2022 10:17:25 GMT
etag: W/"6221e735-12e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17086678
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac0e4b9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/gambleaware18.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/gambleaware18.svg
IP 104.22.30.168:0
GET /img/icons/gambleaware18.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784507
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e6f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/askgamblers.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/askgamblers.svg
IP 104.22.30.168:0
GET /img/icons/askgamblers.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-126e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17784507
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdac1e719921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/relaxGaming.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/relaxGaming.svg
IP 104.22.30.168:0
GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: W/"63078847-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 863527
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe3a9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/help-round.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/help-round.svg
IP 104.22.30.168:0
GET /img/icons/help-round.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Feb 2022 12:51:13 GMT
etag: W/"6214dc41-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17780617
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe459921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--yellow.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/live-casino--yellow.svg
IP 104.22.30.168:0
GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_1128B47F00DE4FC29041558C24ADB151
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-497zf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=b06422012f22dc958179e0eeef674884; _ga=GA1.2.147945284.1663563430; _gid=GA1.2.62149470.1663563430; _gat_UA-143790984-2=1; btag=656126_1128B47F00DE4FC29041558C24ADB151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:57:30 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17498986
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfbdabfe3f9921-ARN
content-encoding: gzip
X-Firefox-Spdy: h2